👾 Welcome to My Portfolio!

---

Here, you’ll find a showcase of my journey through the world of cybersecurity, including hands-on projects, professional experiences, certifications, and blog-style posts sharing my thoughts and learning experiences.

---

About Me | Projects | Resume | Blog

---

Table of Contents

• 👨🏽‍💻 About Me
  • 📖 Background
  • 🎓 Certifications
  • 🎓 Education
  • 💡 Skills
    • 🛡️ Technical Skills
    • 💼 Professional Skills
    • 🛠️ Tools/Languages
• 📂 Projects
• 📄 Resume
• ✍🏽 Blog Posts
• 💬 Contact Information

---

👨🏽‍💻 About Me

My name is Justin Goncalves, and I am an aspiring cybersecurity professional with a diverse background in business management, data analysis, IT support, and web development. My strong curiosity and passion for solving complex challenges have driven my interest in information security, particularly in penetration testing and ethical hacking. I am currently focused on expanding my expertise in vulnerability management, threat detection, and incident response as I work toward becoming a Tier 1 Cybersecurity Analyst.

For me, cybersecurity isn’t just a job—it’s a chance to protect the future, make a meaningful impact, and contribute to a safer, more resilient digital world.

Get to know me a little better: More about me

Read my professional statement: Professional Statement

---

📖 Background

I started my career working in pharmacy and healthcare, where I developed a passion for helping others. However, I was drawn to the endless possibilities that technology offers. My curiosity pushed me toward web development, a field that offered the freedom to innovate and build solutions from scratch, all while learning new skills constantly.

As I honed my skills as a freelance web developer, my focus gradually shifted to cybersecurity. The growing threats of fraud, hacking, and cybercrime piqued my interest, and I became deeply committed to understanding how to mitigate risks and protect digital environments. With a passion for learning and my commitment to data protection, I am constantly driven to explore the rapidly changing world of cybersecurity.

---

🎓 Certifications

• CompTIA Security+ (Expected 10/2024)
• Google CyberSecurity Professional
• Qualys Vulnerability Management, Detection, and Response (VMDR)
• Qualys CyberSecurity Asset Management (CSAM)
• Qualys Vulnerability Management Scanning (VMS)
• United States Department of Homeland Security, National Incident Management System (NIMS)
  • Incident Response & Command System Expertise
    • IS-100.C: Introduction to Incident Command System (ICS-100)
    • IS-200.C: Basic Incident Command System for Initial Response (ICS-200)
    • IS-700.B: National Incident Management System (NIMS)
    • IS-800.D: National Response Framework, An Introduction
    • IS-2200: Basic Emergency Operations Center Functions
  • Critical Infrastructure Security & Risk Management
    • IS-860.C: National Infrastructure Protection Plan, An Introduction
    • IS-906: Workplace Security Awareness
    • IS-915: Protecting Critical Infrastructure Against Insider Threats
    • IS-916: Critical Infrastructure Security: Theft and Diversion
  • Disaster Recovery & Continuity Planning
    • IS-230.E: Fundamentals of Emergency Management
    • IS-2500: National Prevention Framework
    • IS-1300.A: Introduction to Continuity

---

🎓 Education

• University of Massachusetts Dartmouth, North Dartmouth, MA (2019 - 2020, 2022-2023)
  • Some education with a concentration in Finance and Financial Operations
  • Completed coursework in Business Statistics, Macro-Economics, Micro-Economics, Principles of Accounting, Operations Management, Financial Modeling, Investment Analysis, Financial Markets
• Boston Latin School, Boston, MA (2013 - 2019)
  • High School Diploma
  • Graduated from a prestigious exam school, ranked #1 in Massachusetts and 33rd nationally at the time of graduation.

---

💡 Skills

🛡️ Technical Skills

• Incident Detection & Response
• Vulnerability Management
• Penetration Testing
• Network Security
• Threat Detection
• Cryptology
• Python Scripting
• Risk Assessment
• CIA Triad (Confidentiality, Integrity, Availability)
• Identity and Access Management (IAM)
• Authentication, Authorization, and Accounting (AAA)
• Governance, Risk, and Compliance (GRC):
  • PCI DSS
  • HIPAA
  • GDPR
  • ISO/IEC 27001
  • NIMS (National Incident Management System)
  • FEMA (Federal Emergency Management Agency)
  • NIPP (National Infrastructure Protection Plan)
  • SOC Type 1 / SOC Type 2
  • FedRAMP
• Cybersecurity Frameworks:
  • MITRE ATT&CK
  • NIST (SP 800-53, SP 800-61, SP 800-171)
  • OWASP Top 10
  • CIS Controls

💼 Professional Skills

• Incident Response Leadership
• Critical Thinking
• Problem Solving
• Risk Assessment & Mitigation
• Ethical Decision Making
• Communication & Reporting
• Documentation & Presentation

🛠️ Tools/Languages

• Splunk
• Qualys
• Wireshark
• BurpSuite
• Metasploit
• Microsoft Azure + Sentinel
• Linux
• Chronicle
• Python
• Git
• Suricata
• TCPDump
• SQL

---

📂 Projects

In this portfolio, you will find several projects that highlight my skills and practical experience. Here are three of my most recent projects:

Telstra Cybersecurity Program (September 2024)

• Served as an Analyst and Security Engineer in the Telstra Security Operations Center (SOC), leading efforts to respond to malware attacks and implementing a custom Python script for a firewall rule to block malicious traffic.
• Analyzed firewall logs to detect malicious patterns and conducted postmortem analysis for root cause identification, improving overall system hardening.

Commonwealth Bank Intro to Cybersecurity Program (August 2024)

• Worked as a Cybersecurity Generalist on Commonwealth Bank’s Fraud Detection and Response Team, leveraging Splunk to analyze fraud patterns and manage phishing and malware incidents.
• Conducted penetration testing on web applications, identifying critical vulnerabilities and delivering remediation strategies.

PwC Switzerland Cybersecurity Virtual Experience Program (August 2024)

• Served as a Cybersecurity Analyst and Consultant on PwC’s Cybersecurity Team, performing risk assessments and aligning recommendations with NIST and ISO/IEC 27001 standards.
• Developed a comprehensive defense strategy, including network segmentation, firewall optimization, and risk management presentations for client stakeholders.

More projects, labs, programs, and experiences will be added to my project portfolio as I continue to develop my skills and complete new work.

---

📄 Resume

My resume is available for download here

---

✍🏽 Blog Posts

I regularly publish blog-style posts that dive into current cybersecurity trends, personal reflections on my learning process, and how I’ve applied theoretical knowledge to real-world problems. Stay tuned for insights on emerging cybersecurity threats, best practices, and more!

Check out my blog!

---

💬 Contact Information

Feel free to reach out to me if you have any questions, opportunities, or just want to connect!

• Email:
  • personal: justingoncalves34@gmail.com
  • work: justin@digitweb.solutions
• LinkedIn: Justin Goncalves
• Portfolio: @justingoncalves

I’m always open to networking, collaboration, and opportunities to contribute to the cybersecurity community. Thanks for visiting my portfolio!