AJT icon mark Aaron Johnson Tech — Security Operations, Detection Engineering, AI Security

About Aaron Johnson

A security operations profile built from leadership, labs, and repeatable process.

I bring a practical blend of SOC investigation, detection tuning, AI-assisted security workflows, and operations leadership. My goal is simple: help teams turn alerts, logs, playbooks, and tribal knowledge into cleaner decisions and faster response.

Portrait of Aaron Johnson

What I am building toward

I am focused on security operations roles where investigation quality, clean documentation, and alert-to-action workflow matter. The portfolio is intentionally built around artifacts that hiring teams can inspect: Wazuh detection logic, Linux hardening controls, phishing response workflow design, private RAG architecture, and controlled lab methodology.

The long-term direction is security operations with stronger detection engineering, cloud security, and AI-assisted analyst workflows. That means I care about the bridge between people, tools, and repeatable process—not just individual alerts.

Why my operations background matters

Before moving deeper into cybersecurity, I spent years leading teams in high-pressure operational environments. That background shows up in how I approach security work: define the process, reduce ambiguity, communicate clearly, document the decision path, and make the next analyst’s job easier.

In SOC and incident response work, that translates into better triage notes, cleaner escalation, stronger playbooks, and a bias toward practical improvements that reduce repeated confusion.

Career timeline

The story recruiters should understand quickly.

Open resume PDF →
Operations foundation

Built leadership, process, training, and escalation discipline.

Experience leading people and workflows shaped the way I think about incident handling, documentation, and repeatable response.

Cybersecurity apprenticeship

Moved into hands-on security operations through HSOC Cyber.

Worked across SOC-style investigation, labs, team learning, security documentation, and practical detection workflows.

Degree and certifications

Completed WGU cybersecurity degree and stacked security certifications.

Formalized the foundation with cybersecurity education and certifications across operations, analytics, offensive awareness, and AI security.

Portfolio proof

Built AJT around recruiter-visible evidence.

Created case studies that show implementation, validation, and analyst takeaway—not just tool names.

Investigation

Alert-to-story thinking

I focus on what happened, what evidence supports it, what risk remains, and what the next action should be.

Detection

Tuning with context

I care about detections that are explainable, mapped to behavior, validated in logs, and useful to analysts.

AI workflow

Private, practical assistance

I am exploring AI as a way to improve retrieval, documentation, and knowledge reuse without ignoring privacy or verification.

Next step

Review the hiring packet or project evidence.

The site is designed to make role fit easy to evaluate quickly: resume, proof matrix, projects, and contact paths are all one click away.

Recruiter packet

Need the one-page version?

Download a concise hiring brief with target roles, credentials, project proof, and contact links.

Download hiring brief