Security Engineer · SIEM/SOAR · Threat Intel
George Taylor
# building platforms that detect, respond, and adapt — automatically
🌐
THREAT FEEDS
CISA · URLhaus
📡
SIEM
Detection layer
Log ingestion
Message broker
Search & index
🔍
DETECT
Rules & alerts
SOAR
Auto response
🔧 Security team
Jira ticket created
Playbook triggered
Analyst alerted
IOCs logged & enriched
🏢 Client receives
Email notification
Dashboard update
Incident summary
Monthly report
about.py
class SecurityEngineer:
  name = "George Taylor"
  location = "Largo, Florida"
  focus = "SIEM/SOAR development, threat intel pipelines, SOC automation"
  building = "Reservoir Security — managed security platform for SMBs"
  skills = ["SIEM", "SOAR", "Python", "GitHub Actions", "Threat Intel", "Nginx"]
  # detect → respond → notify. two outputs, one pipeline.
projects.sh
SIEM Pipeline — Log Ingestion & Detection building
Custom SIEM architecture with log ingestion, message broker layer, and search/index backend. Designed to scale from SMB to enterprise without vendor lock-in.
# SIEM · Message broker · Search index · Python · Linux
SOAR Automation Engine building
Custom SOAR platform built on GitHub Actions and Python. Automates alert triage, ticket creation, and response playbooks. Dual output — security team and client notifications.
# SOAR · GitHub Actions · Python · Jira API · Webhook integrations
CISA KEV → Jira Pipeline production
Monitors the CISA Known Exploited Vulnerabilities catalog daily. Auto-creates Jira tickets for new CVEs via GitHub Actions. State-tracked, deduplicated, severity-filtered.
# Python · GitHub Actions · Jira API · CISA KEV JSON feed
URLhaus Threat Intel Monitor production
Pulls malicious URL feed from abuse.ch URLhaus. Creates Jira tickets for new threats automatically. Second threat intel source in the pipeline.
# Python · GitHub Actions · URLhaus API · Jira API
XSS Detection Rules — SIEM Integration deployed
Custom detection rules for CWE-79 XSS attacks. Monitors web server logs for injection attempts across reflected, stored, and DOM-based vectors.
# SIEM · Detection rules · Apache/Nginx log parsing · CWE-79
gtaylor-infosec.com Infrastructure live
This site. DigitalOcean droplet, Nginx reverse proxy, Let's Encrypt SSL, Cloudflare DNS, Fail2ban. Recruiter access logging via Formspree.
# Nginx · Let's Encrypt · Cloudflare · DigitalOcean · Fail2ban · Ubuntu 24.04
live_stats.json
CVEs tracked
1,599
Tickets created
11
Feeds active
2
Uptime
100%
george@gtaylor-infosec:~$ tail -f pipeline.log
[SOAR] CVE-2026-45498 → SCRUM-11 created · analyst notified
[SOAR] CVE-2026-41091 → SCRUM-10 created · client dashboard updated
[SIEM] Threat feed ingested · 1,599 CVEs indexed
[INFO] SOAR playbooks active · dual output pipeline running
[INFO] Next run: 08:00 UTC_
services.py
# managed security services · built for the real world
visit reservoirsecurity.com →
🏢
Contract-based · SMB
Managed Security Services
Affordable, contract-based managed security for small and medium businesses. Enterprise-grade protection without enterprise pricing.
  • SIEM deployment and tuning
  • SOAR automation and playbooks
  • Threat intel monitoring
  • Vulnerability management
  • Monthly security reporting
  • Incident response support
🤝
Free · Nonprofit program
Nonprofit Security Program
Security shouldn't be a luxury. Qualifying nonprofit organizations receive free managed security services evaluated case by case.
  • Full SIEM/SOAR coverage
  • Threat intel monitoring
  • Security awareness support
  • Application-based program
  • Evaluated per foundation
  • No cost to qualifying orgs
services.py
def our_mission():
  # Security costs are a barrier for small businesses and nonprofits.
  # We built Reservoir Security to change that.
  # Contract-based managed services — no enterprise price tag.
  return "Security for everyone, not just enterprise."
recruiter.md
# submit your details — i'll send you the portfolio link directly
[SUCCESS] request received
You'll hear from [email protected] within 24 hours.