Lai Quan Thien

SOC Analyst

Information Security Student
University of Information Technology, VNU-HCM

Specialized in Security Operations Center (SOC) operations and threat detection. Experienced in building centralized security monitoring systems using ELK Stack, Wazuh, Suricata IDS/IPS, Zeek NSM, and developing AI-enhanced security automation solutions.

View Projects Contact Me

                                        
                                            class SIEMSpecialist {
                                        
                                              name: "Lai
                                                Quan Thien",
                                        
                                              alias: "WanThinnn",
                                        
                                              specializations: [
                                        
                                                "SIEM Systems",
                                        
                                                "SOC Operations",
                                        
                                                "Threat Detection",
                                        
                                                "Incident Response"
                                        
                                              ],
                                        
                                              mission: "Prevent. Detect. Respond. Repeat!"
                                        
                                            }

Lai Quan Thien

Security Operations Center Analyst

Wan Thinnn

Information Security Student

Core Expertise & Specializations

Security Monitoring

Elastic Stack Architecture & Deployment
Elasticsearch, Logstash, Kibana Configuration
Real-time Log Analysis & Correlation
Security Dashboard Development
Alert Rules & Detection Engineering
Data Parsing & Normalization

SOC Operations & Incident Response

Security Monitoring & Analysis
Threat Hunting & Investigation
Security Incident Triage & Response
MITRE ATT&CK Framework Mapping

Network Security & IDS/IPS

Suricata IDS/IPS Configuration & Tuning
Network Traffic Analysis & Monitoring
pfSense Firewall Management
Custom Rule Development & Optimization
Network Forensics & Packet Analysis
Intrusion Detection & Prevention

Security Automation & Orchestration

Python Security Automation Scripts
API Integration for Security Tools
Automated Response & Remediation
Security Workflow Orchestration
Custom Security Tool Development

Threat Intelligence & Analysis

Threat Actor Profiling & Attribution
Vulnerability Assessment & Management
Risk Assessment & Security Metrics
Threat Landscape Research

Infrastructure

Linux System Administration & Hardening
Windows Security Event Log Analysis

Featured SOC Projects

Bachelor’s Thesis

An Intelligent SOC Ecosystem
for Monitoring, Detection, and Response to Cyber Attacks

Research and implementation of an Intelligent SOC Ecosystem integrating SIEM, SOAR, and a proposed SmartXDR model. The system aggregates multi-layer telemetry from Wazuh, Suricata, Zeek, and pfSense. By leveraging AI for semantic alert analysis, it effectively reduces false positives and orchestrates automated response playbooks. The architecture was validated against MITRE ATT&CK scenarios (Brute-force, SQLi, Malware) to demonstrate optimized MTTD/MTTR metrics.

Elastic Stack SmartXDR Wazuh Suricata & Zeek DFIR-IRIS n8n

View Details

SIEM Central
Management System

Centralized Security Information and Event Management

Deployed a Security Information and Event Management (SIEM) solution leveraging the Elastic Stack (ELK) to collect, process, analyze, and visualize cybersecurity events within a simulated environment. The project focused on monitoring logs from Windows and Linux systems, along with security devices like Suricata and pfSense, to detect, investigate, and respond to threats.

Elastic Stack Suricata pfSense Nginx Security Monitoring

View Details

Security Onion IDS Project

Commercial-Grade Network Intrusion Detection/Network Security Monitoring System

Comprehensive network security monitoring solution using Security Onion platform. Implemented full-spectrum threat detection with Suricata IDS, Zeek network analysis, and Elasticsearch SIEM integration for real-time security monitoring.

Security Onion Suricata IDS Zeek Elasticsearch Network Monitoring Threat Hunting

View Details

CloudDB Crypto-Access

Database Confidentiality and Access Control in Cloud-native DBMS

Advanced database protection system combining AES-GCM-256 encryption with CP-ABE (Ciphertext-Policy Attribute-Based Encryption) for fine-grained access control. Features ABAC authentication and secure data management in Amazon RDS MySQL.

Python PyQt6 AES-GCM CP-ABE MySQL ABAC

View Details

Hybrid CP-ABE Library

Advanced Encryption for Data Protection

A hybrid encryption library combining Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with AES-GCM to enable fine-grained access control and secure data confidentiality. This library supports ABAC (Attribute-Based Access Control) authentication and facilitates robust encryption/decryption workflows for secure data sharing and management across distributed systems.

C/C++ CP-ABE AES-GCM CryptoPP

View Details

WAGIC - APT Detection App

WPF Application for MAGIC

WAGIC is a Windows desktop application built with WPF that offers an intuitive interface for managing the MAGIC threat detection model. It allows users to train and evaluate models on various cybersecurity datasets, monitor progress in real time, and generate visual analytics for performance assessment—streamlining APT detection workflows for analysts and researchers.

WPF .NET 8 C# Data Visualization

View Details

Academic Achievements & Recognition

Academic Very Good

Certificate of Commendation for Very Good performance (2022-2025)

12+

Open Source Projects

Security tools and research implementations

Youth Leadership

Outstanding contributions to Youth Union activities

Ho Chi Minh Teaching

Outstanding Youth Exemplifying Ho Chi Minh's Teachings (2023-2024)

Detailed Achievements

Certificate of Commendation as Information Security Student
For Very Good academic performance and extracurricular involvement during 2022–2023, 2023–2024, and 2024–2025 academic years

Certificate of Commendation for Youth Union Contributions
Outstanding contributions to Youth Union and Youth Movement activities at University of Information Technology – Term 2022–2024

Outstanding Youth Exemplifying Ho Chi Minh's Teachings
Received recognition in 2023 and 2024 for exemplary leadership and community service

Contact Information

Lai Quan Thien

SOC Analyst

Get In Touch

Always open to discussing SOC opportunities, security research collaborations, or sharing knowledge about cybersecurity and information security.

Email: thienlai159@gmail.com

Phone: +84 941 841 870

GitHub: github.com/WanThinnn

University: University of Information Technology (UIT) - VNU-HCM

Location: Ho Chi Minh City, Vietnam

Specialization: SIEM/SOC, Cryptography, Cybersecurity

CV Download: Click to Download My CV

Professional Focus

SOC Specialist
Elastic Stack, DFIR-IRIS, Wazuh, Suricata, Zeek, n8n, AI in Cybersecurity

Security Research
12+ Open Source Security Projects & Applied Cryptography

Academic Very Good
Information Security Student at UIT - VNU-HCM

Future Goals
SOC Analyst Fresher & Security Certifications

Lai Quan Thien

Lai Quan Thien

Wan Thinnn

Core Expertise & Specializations

Security Monitoring

SOC Operations & Incident Response

Network Security & IDS/IPS

Security Automation & Orchestration

Threat Intelligence & Analysis

Infrastructure

Featured SOC Projects

Bachelor’s Thesis

SIEM Central Management System

Security Onion IDS Project

CloudDB Crypto-Access

Hybrid CP-ABE Library

WAGIC - APT Detection App

Academic Achievements & Recognition

Academic Very Good

Open Source Projects

Youth Leadership

Ho Chi Minh Teaching

Detailed Achievements

Contact Information

Get In Touch

Professional Focus

SIEM Central
Management System