U.S. Navy Lieutenant transitioning into cybersecurity

Celine Tannous combines high-reliability leadership with hands-on defensive cyber work.

I’m a Surface Warfare and Nuclear Officer with a Cyber Operations degree, an active TS/SCI clearance, and a hands-on home-lab portfolio spanning detection engineering, SIEM, vulnerability management, incident response, network analysis, and Windows hardening.

View Projects Download Resume GitHub Portfolio Contact

Background: My experience in mission-critical Navy environments shaped how I approach security work: with discipline, accountability, technical curiosity, and a strong focus on reliability.

Areas of focus Cybersecurity Engineering • Detection Engineering • SOC / Blue Team • Security Operations

Availability Seeking full-time cybersecurity opportunities starting Winter 2026 / early 2027.

Proof of work GitHub-based lab projects, detections, write-ups, and defensive validation work.

Core strengths Leadership, disciplined execution, security ownership, and technical curiosity.

20-person leadership Led a technical division responsible for critical electrical systems.

Cyber Operations degree B.S. with Honors Program and Merit from the U.S. Naval Academy.

Shipboard cyber ownership Managed network security posture and remediation alignment to DoD standards.

Documented lab portfolio Detection, hardening, investigation, and vulnerability management projects.

About

My path into cybersecurity is grounded in a simple idea: the same discipline required to lead in high-consequence environments also matters in security work done well.

Who I am

I am a U.S. Navy Lieutenant and Cyber Operations graduate transitioning into civilian cybersecurity. My background combines operational leadership, technical training, and a strong bias toward preparation, reliability, and accountability.

What I’ve worked on

I’ve owned shipboard cybersecurity responsibilities, led a 20-person technical division in a nuclear environment, and built hands-on cyber projects focused on detection, monitoring, hardening, and response.

How I approach the work

I value clear documentation, calm troubleshooting, steady follow-through, and continuous learning. That mindset connects my military experience with the security work I’m building toward now.

Experience

Across these roles, the common thread has been ownership, technical leadership, structured problem-solving, and steady execution in environments where reliability matters.

Cyber Officer — USS Harpers Ferry (LSD-49) 2021–2023

Owned cybersecurity posture for operational shipboard networks supporting mission-critical systems.

Identified vulnerabilities and assessed risk against DoD cybersecurity requirements.
Coordinated remediation efforts and reinforced security controls across networked systems.
Delivered cybersecurity training to improve organizational awareness and security discipline.
Brought an incident-response mindset to operational systems where uptime and resilience matter.

Reactor Electrical Division Officer — USS Carl Vinson (CVN-70) 2024–Present

Led a 20-person technical division responsible for nuclear propulsion electrical systems.

Managed fault isolation, redundancy, and casualty response in time-critical conditions.
Improved qualification rates and system reliability through structured training programs.
Led cross-functional execution where safety, precision, and accountability were non-negotiable.
Built team habits around technical rigor, procedural compliance, and calm troubleshooting.

Cyber Analyst Intern — General Electric Aviation Earlier experience

Supported threat identification and email analysis in a real-world enterprise setting.

Performed IOC research to support identification of malicious activity and emerging threats.
Reviewed emails for phishing, malware, or compromise and escalated confirmed issues.

Cyber / Research Intern — Johns Hopkins University Applied Physics Laboratory Earlier experience

Contributed to applied cybersecurity research and technical analysis for national security systems.

Assisted with scripting, technical analysis, and documentation.
Worked in a research environment that emphasized accuracy, clarity, and disciplined execution.

Projects

These projects come from documented lab work and hands-on defensive practice, with a focus on monitoring, hardening, investigation, and detection.

Detection Engineering Lab

Built a VMware-based Active Directory lab with centralized telemetry and custom detections for common attacker behavior.

Instrumented a Windows domain environment to collect and review host telemetry through Sysmon and Wazuh.
Created detections for PowerShell abuse, scheduled task persistence, and SMB lateral movement.
Validated alerts against realistic lab activity and tuned them to improve signal quality.
Used the environment to practice investigation workflows, documentation, and defensive analysis.

Tools usedVMware, Active Directory, Sysmon, Wazuh, Windows Event Logs

Skills demonstratedDetection engineering, telemetry pipeline design, rule tuning, validation, triage

Why it matters

This project reflects the kind of practical monitoring and detection work that supports security operations and blue-team environments.

View this project in my GitHub portfolio

Project visuals

These visuals give a clearer view of the lab environment, telemetry flow, and the type of evidence behind the portfolio work.

Diagram of the enterprise cybersecurity home lab environment — **Home lab architecture**
A VMware-based enterprise-style lab with Active Directory, Windows endpoints, Linux, Splunk, pfSense, and Wazuh.

Diagram of the detection engineering telemetry and alert pipeline — **Detection pipeline**
Sysmon telemetry flows into Wazuh and custom rules are validated against realistic test activity for triage and tuning.

Useful screenshots to include

Splunk dashboard view

Best for showing search workflows, alert context, and analyst visibility.

Wazuh alert triage

Best for showing detections tied to PowerShell abuse, scheduled tasks, and SMB movement.

Nessus or Wireshark evidence

Best for proving remediation work and packet-level investigation skill.

Suggested additions

Add 3–4 real screenshots from the lab with short captions explaining what is visible, why it matters, and what action was taken.

Open GitHub portfolio for deeper project proof

Technical focus

My work is centered on defensive security fundamentals: visibility, investigation, hardening, detection, and the habits that make security operations more effective.

Security tooling

Splunk, Wazuh, Sysmon, Nessus, Wireshark, Atomic Red Team

Infrastructure and platforms

Windows, Linux, VMware, Active Directory, pfSense, enterprise-style lab networking

Working style

Clear documentation, structured troubleshooting, training, risk ownership, and calm execution under pressure

Current direction

I’m building toward work in security monitoring, detection engineering, vulnerability management, SOC workflows, incident handling support, and process-driven improvement.

Proof of work

Public projects, technical writing, and supporting materials make it easier to see how I think and what I’ve built so far.

GitHub portfolio

Hands-on cybersecurity projects and lab work focused on blue-team and security operations practice.

View GitHub profile

Resume and credentials

A concise overview of my background, technical direction, and current qualifications.

Open resume PDF

Technical writing

A public write-up adds evidence of analysis, documentation, and communication.

Read the APT29 TTP write-up

Credentials, education, and availability

A straightforward overview of education, certifications, and where I’m headed next.

Education

United States Naval Academy

Bachelor of Science, Cyber Operations (Honors Program), 2021
Graduated with Merit
CAE-CO designated program

Credentials

Active TS/SCI
CompTIA Security+
CompTIA PenTest+ in progress
CompTIA CySA+ in progress

Looking ahead

Seeking full-time cybersecurity opportunities starting Winter 2026 / early 2027.

Cybersecurity Engineer Detection Engineer Security Analyst SOC / Blue Team

Let’s connect.

I’m always glad to connect with people working in cybersecurity, especially around security engineering, detection, SOC, blue-team, incident response, and security operations.

Email Me LinkedIn GitHub

Contact details

Email: obsidiannullsec@gmail.com
Phone: +1 (720) 318-3311
LinkedIn: celine-tannous-34a44a1a7
GitHub: ObsidianNull

Current areas of interest

Security operations, SOC, blue-team engineering, vulnerability management, detection engineering, and early-career cyber engineering roles.