Jesse Flippen — Security Operations Specialist & SOC Analyst Candidate

Jesse Flippen

Security Operations Specialist | Splunk SIEM & Threat Detection | AWS Certified | Python Automation

Dallas, TX

Professional Summary

I transitioned into cybersecurity after building Python automation systems in high-stakes enterprise environments — and I bring something rare to a SOC team: a decade of experience understanding how data moves through organizations, which makes me exceptionally effective at threat detection and security event correlation.

Currently completing the Per Scholas Cybersecurity program with hands-on labs in SIEM operations, network security, incident response, and cloud security. Actively pursuing CompTIA Security+ and Splunk Core Certified User certifications.

What makes me different:

  • A decade of enterprise experience — I understand the business risk behind every vulnerability, not just the technical one.
  • Hands-on SIEM experience: Splunk dashboards, alert configuration, and live log forwarding from infrastructure I personally deployed and hardened.
  • Comfortable in the Linux terminal: UFW, Fail2ban, SSH key management, systemd, and Bash scripting — validated in a live production deployment at PyTexas 2026.
  • Self-directed learner: Hack The Box, TryHackMe, LabEx, and Splunk training — used daily to build real blue-team skills.
  • Proven track record translating complex technical findings into business-risk language for VP and director-level audiences.
Download Resume (PDF)

Technical Skills

View Credly Skills

Security Operations

  • SIEM / Log Analysis & Correlation
  • Splunk SPL Query Writing
  • Incident Triage & Response
  • Threat Detection & Correlation
  • MITRE ATT&CK Framework
  • IDS/IPS Concepts
  • Network Traffic Analysis

Cloud Security

  • AWS IAM & Security Groups
  • CloudTrail & VPC Flow Logs
  • Cloud Threat Modeling
  • Network Segmentation
  • AWS Certified Cloud Practitioner

Scripting & Automation

  • Python (automation & log parsing)
  • Bash Scripting
  • FastAPI
  • SSH Key Management
  • Tailscale Mesh Networking
  • systemd / UFW / Fail2ban

Infrastructure & Networking

  • Linux Administration
  • Wireshark / Packet Analysis
  • TCP/IP & Network Protocols
  • Active Directory Concepts
  • Cisco Packet Tracer
  • Endpoint Hardening

Certifications & Credentials

Focused on SOC analyst readiness — ordered by relevance to security operations roles.

View Credly Badges

CompTIA Security+ (SY0-701)

Threat detection, network security, cryptography, identity management, and risk management fundamentals — the primary SOC analyst entry credential.

In Progress · Expected May 2026

Splunk Core Certified User

SPL searching, dashboarding, and alert configuration — the foundational SIEM credential for SOC operations and threat hunting workflows.

In Progress · Expected July 2026

AWS Certified Cloud Practitioner (CLF-C02)

Cloud security model, IAM, core services, and infrastructure fundamentals — essential for understanding cloud attack surfaces in modern SOC environments.

Earned · January 2026

HTB Certified Junior Cyber Analyst (CJCA)

Hands-on blue team certification from Hack The Box, focused on SOC analyst workflows, log analysis, and defensive threat investigation.

Expected · September 2026

CompTIA Linux+

Linux administration, scripting, and security fundamentals — critical for SOC analysts operating in Linux-heavy environments.

Expected · August 2026

Google AI Essentials

Responsible AI principles, prompt engineering, and practical AI tool integration — applied to security automation and AI-assisted threat intelligence workflows.

Completed

Daily Learning Stack

Platforms I use actively every day to build real, hands-on security skills — not just theory.

Hack The Box

Hands-on penetration testing labs and CTF challenges. Building practical offensive and defensive skills in real-world simulated environments, with a focus on blue-team analyst paths.

TryHackMe

Structured SOC-focused learning paths including log analysis, SIEM operations, network forensics, and incident response. Specifically targeting blue-team and defensive security scenarios.

Splunk Training

Official Splunk education platform and SPL (Search Processing Language) practice. Daily hands-on work toward the Splunk Core Certified User exam and real dashboard-building skills.

CyberDefenders

Blue team CTF challenges focused on defensive security: log analysis, network forensics, and incident investigation. Ideal for building SOC analyst tradecraft beyond lab environments.

LabEx

Browser-based Linux and cloud labs. My go-to for reinforcing Linux command-line fundamentals, Bash scripting, and cloud infrastructure hands-on practice.

Professional Experience

Senior Business Development Manager – Moët Hennessy Portfolio

Southern Glazer's Wine & Spirits | Texas | December 2022 – Present

Python Automation Initiative
  • Engineered an automated reporting solution that reduced manual administrative workflow by over 3 hours weekly — the same data-parsing and anomaly-detection pattern applied directly in security log analysis.
  • Managed enterprise account data requiring sensitive handling; built compliance-aware, automated reporting systems that reduced manual data exposure and human error in sensitive pipelines.
  • Developed strategic performance analyses for weekly supplier meetings; presented complex technical findings to brand teams at director and VP level — translating data into clear risk-and-opportunity language.

Business Development Manager

Southern Glazer's Wine & Spirits | Dallas-Fort Worth | March 2019 – December 2022

  • Managed high-stakes enterprise accounts, translating complex metrics into actionable business strategies for VP-level stakeholders.
  • Built data pipelines across enterprise analytics platforms (Compass, Onesource); engaged with IT infrastructure decisions and vendor security assessment processes daily.
  • Developed deep on/off-premise channel expertise including engagement with enterprise IT buyers familiar with security procurement and compliance requirements.

Sales Representative – Coastal Division (Diageo Portfolio)

Southern Glazer's Wine & Spirits | Dallas | February 2017 – March 2019

  • Analyzed complex territory data to identify market opportunities, utilizing data-driven solutions to optimize a $14.8M portfolio.
  • Engaged enterprise IT buyers across DFW; developed working familiarity with security procurement, compliance requirements, and organizational risk tolerance.

Inside Sales Consultant

Southern Glazer's Wine & Spirits | Dallas | July 2015 – February 2017

  • Managed 250+ accounts weekly via SAP with strict data governance protocols; built the CRM and order management foundation applying enterprise access control and data security practices from the ground up.

Earlier Experience

Stocker – Glazer's Distributors (2014–2015) | Brand Builder – ABCo Brand Builders (2010–2014)

  • Built industry foundation in merchandising, product promotion, and retail distribution execution across the Texas market.

Technical Projects

Recent GitHub Activity

A selection of my most recent and active projects — spanning security tools, automation, web development, and Python utilities.

View All on GitHub

Featured Projects

In-depth case studies of key technical projects demonstrating security operations, automation, and software engineering capabilities.

Security Operations

Tailscale Raspberry Pi Security Wrap

Overview: Designed and deployed a hardened Raspberry Pi infrastructure for the PyTexas community — then used it as a live security monitoring exercise, forwarding logs into Splunk for real-time threat detection.

  • Configured UFW firewall with least-privilege port exposure; deployed Fail2ban for SSH brute-force protection
  • Enforced SSH key-only authentication; deployed Tailscale mesh VPN for network-agnostic remote access
  • Forwarded API and network logs into Splunk — built real-time threat detection dashboard with alerting on unauthorized access attempts
  • Deployed systemd unit for unattended auto-start; validated at live PyTexas 2026 (~300 attendees)

Stack: Python · FastAPI · Tailscale · Splunk · UFW · Fail2ban · Raspberry Pi · systemd

Python Automation

Enterprise Log Parser & Anomaly Reporter

Overview: Built Python automation to ingest, parse, and surface anomalies in large structured data exports — the same foundational skill applied in security log analysis and SIEM alert correlation.

  • Automated parsing of multi-thousand-row enterprise data exports, reducing analysis time by 3+ hours weekly
  • Implemented outlier detection logic to flag anomalous patterns — directly transferable to security log correlation and threat hunting
  • Output structured reports consumed by VP-level audiences; extending the pattern to JSON/CSV security log formats

Stack: Python · Pandas · Regex · CSV/JSON parsing · Excel automation

Open Source Contribution

Windows Compatibility & Subprocess Optimization — voglster/lumbergh

Overview: External contributor to lumbergh, a Python backend tool. Improved cross-platform support and process reliability, with the maintainer manually merging the work into main after resolving complex rebase conflicts.

  • Standardized all subprocess.run calls to UTF-8 encoding, eliminating character-set bugs across Windows and Linux environments
  • Implemented Windows-specific "kill path" using taskkill /F /T to properly terminate child processes and prevent memory leaks
  • Authored test_windows_kill.py — a dedicated unit test suite verifying cross-platform process termination with no regressions
  • Refactored libtmux server initialization to use a dynamic psmux fallback, increasing backend environment flexibility
  • Resolved complex merge conflicts caused by simultaneous upstream changes via interactive rebase

Stack: Python · subprocess API · libtmux · Git (rebase / conflict resolution) · Windows · Linux

View Pull Request View Repo

Universal Unit Converter

Engineering Discipline: Built a production-ready web application from scratch — no frameworks, no templates — demonstrating clean software architecture and user-focused engineering.

Technical Highlight: Responsive state management in vanilla JavaScript for instant, bi-directional conversions across 8 distinct unit categories — no page reloads.

Impact: Live production app serving users worldwide, with dark mode support and SEO optimization.

Stack: HTML · CSS · JavaScript · Netlify

View Live Demo View Code

Portfolio Website

Designed and built this portfolio from scratch — no frameworks, no templates. A purposeful exercise in clean HTML, CSS architecture, and progressive JavaScript enhancement.

Focus: Performance, accessibility, SEO, and a clear narrative around a career transition into security operations.

Stack: HTML · CSS · JavaScript · Netlify CI

View Live View Code

Security Lab & Tools

Interactive security utilities and demonstrations — built with vanilla JavaScript. Try terminal mode for the full experience.

Interactive Terminal
user@jflip-sec:~$ welcome
Welcome to Jesse Flippen's Security Operations Portfolio!
Type 'help' to see available commands.
user@jflip-sec:~$
Network Footprint Scanner

See your public network footprint. This tool queries your IP address, location, and browser details using public APIs. No data is stored.

Scanning...
Base64 / Hex Decoder

Encode or decode Base64 and Hex strings. Essential for log analysis, reverse engineering, and CTF challenges.

Volunteer & Organizations

Chair — PyTexas Community Committee

PyTexas Foundation | Texas | Ongoing

Lead community organizing for one of Texas's largest Python developer conferences, coordinating events and supporting the growth of Python practitioners across the state. Helped coordinate PyTexas 2026 at the Austin Central Library with approximately 300 attendees.

Security Relevance: Active leadership in the technical community developing the programming language most used in security automation, SOAR development, and threat hunting. Presented the WrangLED infrastructure hardening project at PyTexas 2026 — a live, public demonstration of endpoint security, firewall configuration, and infrastructure monitoring.

Phi Sigma Phi Honor Society

Academic recognition for exceptional scholarly achievement.

Let's Connect

Connect on LinkedIn

I'm actively pursuing SOC Analyst opportunities and would love to connect with security professionals, recruiters, and fellow cybersecurity enthusiasts.

Let's connect! Send me a LinkedIn connection request and let me know what you're working on or if you'd like to discuss security operations, SIEM, or Python automation.

Connect on LinkedIn

Privacy-first approach: I prefer to connect via LinkedIn for professional networking. Please reach out there with a brief message about how we can collaborate!

Education & Training

Per Scholas — Cybersecurity Training Program

Dallas, TX | March 2026 – July 2026 (Expected)

Intensive 16-week cybersecurity program covering SIEM operations, incident response fundamentals, threat detection and log analysis, network security, Active Directory, Linux administration, and cloud security. Hands-on labs using Splunk, Wireshark, and Cisco Packet Tracer. Cohort-based program with industry mentors preparing candidates for SOC Analyst roles.