Lai Quan Thien

Security Operations Center Analyst

Information Security Student
University of Information Technology, VNU-HCM

Specialized in Security Information and Event Management (SIEM), Security Operations Center (SOC) operations, and advanced threat detection. Experienced in building centralized security monitoring systems using ELK Stack, Suricata IDS/IPS, and developing comprehensive security automation solutions.

View Projects Contact Me

                                        
                                            class SIEMSpecialist {
                                        
                                              name: "Lai Quan Thien",
                                        
                                              alias: "WanThinnn",
                                        
                                              specializations: [
                                        
                                                "SIEM Systems",
                                        
                                                "SOC Operations",
                                        
                                                "Threat Detection",
                                        
                                                "Incident Response"
                                        
                                              ],
                                        
                                              mission: "Prevent. Detect. Respond. Repeat!"
                                        
                                            }

Lai Quan Thien

Security Operations Center Analyst

Wan Thinnn

Information Security Student

Core Expertise & Specializations

SIEM/Security Monitoring

Elastic Stack (ELK) Architecture & Deployment
Elasticsearch, Logstash, Kibana Configuration
Real-time Log Analysis & Correlation
Security Dashboard Development
Alert Rules & Detection Engineering
Data Parsing & Normalization

SOC Operations & Incident Response

Security Monitoring & Analysis
Threat Hunting & Investigation
Security Incident Triage & Response
Playbook Development & Documentation
MITRE ATT&CK Framework Mapping
Forensic Analysis & Evidence Collection

Network Security & IDS/IPS

Suricata IDS/IPS Configuration & Tuning
Network Traffic Analysis & Monitoring
pfSense Firewall Management
Custom Rule Development & Optimization
Network Forensics & Packet Analysis
Intrusion Detection & Prevention

Security Automation & Orchestration

Python Security Automation Scripts
API Integration for Security Tools
Automated Response & Remediation
Security Workflow Orchestration
Custom Security Tool Development
CI/CD Pipeline Security Integration

Threat Intelligence & Analysis

IOC (Indicators of Compromise) Analysis
Threat Actor Profiling & Attribution
Malware Analysis
Vulnerability Assessment & Management
Risk Assessment & Security Metrics
Threat Landscape Research

Infrastructure & Cloud Security

Linux System Administration & Hardening
Windows Security Event Log Analysis
Cloud Security Monitoring (AWS, Azure)
Infrastructure as Code Security
Network Architecture & Segmentation

Featured SIEM/SOC Projects

SIEM Central
Management System

Centralized Security Information and Event Management

Deployed a Security Information and Event Management (SIEM) solution leveraging the Elastic Stack (ELK) to collect, process, analyze, and visualize cybersecurity events within a simulated environment. The project focused on monitoring logs from Windows and Linux systems, along with security devices like Suricata and pfSense, to detect, investigate, and respond to threats.

Elastic Stack Suricata pfSense Nginx Security Monitoring

View Details

KVM Virtualization Infrastructure

Virtual Security Lab Environment

KVM is an open-source Type 1 hypervisor built into the Linux kernel, offering high-performance virtualization with strong resource isolation. It's widely used in cloud and enterprise environments. Our project explores KVM's features, compares it to VMware, and demonstrates practical uses like VM creation, SSH networking, and database management.

KVM Virt-Manager libvirt QEMU Network Security

View Details

CloudDB Crypto-Access

Database Confidentiality and Access Control in Cloud-native DBMS

Advanced database protection system combining AES-GCM-256 encryption with CP-ABE (Ciphertext-Policy Attribute-Based Encryption) for fine-grained access control. Features ABAC authentication and secure data management in Amazon RDS MySQL.

Python PyQt6 AES-GCM CP-ABE MySQL ABAC

View Details

WAGIC - APT Detection App

WPF Application for MAGIC

WAGIC is a Windows desktop application built with WPF that offers an intuitive interface for managing the MAGIC threat detection model. It allows users to train and evaluate models on various cybersecurity datasets, monitor progress in real time, and generate visual analytics for performance assessment—streamlining APT detection workflows for analysts and researchers.

WPF .NET 8 C# Data Visualization

View Details

Hybrid CP-ABE Library

Advanced Encryption for Data Protection

A hybrid encryption library combining Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with AES-GCM to enable fine-grained access control and secure data confidentiality. This library supports ABAC (Attribute-Based Access Control) authentication and facilitates robust encryption/decryption workflows for secure data sharing and management across distributed systems.

C/C++ CP-ABE AES-GCM CryptoPP

View Details

Security Onion IDS Project

Network Security Monitoring & Intrusion Detection

Comprehensive network security monitoring solution using Security Onion platform. Implemented full-spectrum threat detection with Suricata IDS, Zeek network analysis, and Elasticsearch SIEM integration for real-time security monitoring.

Security Onion Suricata IDS Zeek Elasticsearch Network Monitoring Threat Hunting

View Details

Academic Achievements & Recognition

Academic Excellence

Certificate of Commendation for Very Good performance (2022-2025)

12+

Open Source Projects

Security tools and research implementations

Youth Leadership

Outstanding contributions to Youth Union activities

Ho Chi Minh Teaching

Outstanding Youth Exemplifying Ho Chi Minh's Teachings (2023-2024)

Detailed Achievements

Certificate of Commendation as Information Security Student
For Very Good academic performance and extracurricular involvement during 2022–2023, 2023–2024, and 2024–2025 academic years

Certificate of Commendation for Youth Union Contributions
Outstanding contributions to Youth Union and Youth Movement activities at University of Information Technology – Term 2022–2024

Outstanding Youth Exemplifying Ho Chi Minh's Teachings
Received recognition in 2023 and 2024 for exemplary leadership and community service

Contact Information

Lai Quan Thien

SOC Analyst

Get In Touch

Always open to discussing SIEM/SOC opportunities, security research collaborations, or sharing knowledge about cybersecurity and information security.

Email: thienlai159@gmail.com

Phone: +84 941 841 870

GitHub: github.com/WanThinnn

University: University of Information Technology (UIT) - VNU-HCM

Location: Ho Chi Minh City, Vietnam

Specialization: SIEM/SOC, Cybersecurity, Threat Detection

CV Download: Click to Download My CV

Professional Focus

SIEM/SOC Specialist
Elastic Stack, Suricata IDS/IPS, Real-time Monitoring

Security Research
12+ Open Source Security Projects & Tools

Academic Excellence
Information Security Student at UIT - VNU-HCM

Future Goals
SOC Analyst Internship & Security Certifications

Lai Quan Thien

Lai Quan Thien

Wan Thinnn

Core Expertise & Specializations

SIEM/Security Monitoring

SOC Operations & Incident Response

Network Security & IDS/IPS

Security Automation & Orchestration

Threat Intelligence & Analysis

Infrastructure & Cloud Security

Featured SIEM/SOC Projects

SIEM Central Management System

KVM Virtualization Infrastructure

CloudDB Crypto-Access

WAGIC - APT Detection App

Hybrid CP-ABE Library

Security Onion IDS Project

Academic Achievements & Recognition

Academic Excellence

Open Source Projects

Youth Leadership

Ho Chi Minh Teaching

Detailed Achievements

Contact Information

Get In Touch

Professional Focus

SIEM Central
Management System