status: open_to_new_opportunities

Tony Muzo

I build security automation, threat intelligence reports, and cloud defense tooling — turning attacker behavior into actionable defense.

Security Engineer
Automation Builder
Threat Intel Writer
Tony Muzo Cybersecurity Analyst · Toronto, CA
Experience
8+ years across SOC, IR & threat intelligence
Certifications
GIAC GSEC · GCIH · GPYC · GFACT
Background
Cisco Security, Symantec, public sector
Focus
Ransomware ecosystems & MITRE ATT&CK mapping
More about me

Threat Intelligence

Profiling ransomware groups, mapping adversary TTPs to MITRE ATT&CK, and producing intelligence that drives defensive engineering.

Security Automation

Building tooling and pipelines that eliminate manual workload, accelerate investigations, and strengthen SOC efficiency.

Detection & Incident Response

Developing detections, coordinating incident response workflows, and translating complex attacker behavior into actionable defense.

// case_files

Selected Work

Security engineering, automation, and threat intelligence projects.

View all

// threat_intel_feed

Latest Writing

Practitioner analysis of the threats and incidents that matter this week.

All articles

// stack

Platforms & Training

Tooling and standards I work across every day.

  • GitHub
  • SANS Institute
  • Wazuh
  • Cisco Secure
  • OffSec
  • MITRE ATT&CK