DAVIS BURRILL
Cybersecurity-focused developer learning by building, breaking, and securing real systems.
Profile
Curious and fast-adapting cybersecurity professional with a strong interest in both code and security. I learn by building, breaking, and securing systems, from CTF environments and SIEM labs to Python automation and full-stack web applications. I care deeply about understanding how systems fail so I can help make them more secure, reliable, and maintainable.
Skills
Tools I use while building and learning
Development
Building real apps and shipping projects end-to-end.
Security + Labs
Hands-on testing, enumeration, and learning attack paths.
Cloud + Ops
Deployments, automation, and keeping things stable.
Selected work
Technical Projects
A few projects that best represent how I build, investigate, and document security work.
Defensive Security Log Analysis (Splunk + SIEM)
- Collaborated with a six-person team to simulate a real-world defensive security environment for a fictional company facing targeted cyberattacks.
- Configured Splunk to ingest and analyze Windows Server and Apache web server logs.
- Built custom dashboards and alerts to detect brute-force login attempts, account deletions, and HTTP POST flood activity.
- Compared baseline versus attack traffic to identify anomalies, login patterns, URI scans, and suspicious referrer domains.
- Created alert thresholds based on statistical baselines to reduce false positives and improve detection accuracy.
- Delivered findings through structured reporting, highlighting evasion techniques, log severity issues, and attack attribution.
- Proposed future mitigations including machine learning-based anomaly detection, WAF deployment, and continuous log refinement.
Purple Team Automation & Threat Detection
- Developed custom Python scripts to automate Nmap scanning, including spoofed scans and dynamic runtime configurations.
- Converted raw XML scan outputs into timestamped, human-readable HTML reports for consistent documentation.
- Configured IDS/IPS tooling including Snort and Security Onion for real-time threat detection.
- Leveraged Zeek and Suricata to analyze network traffic and generate actionable alerts.
- Created Splunk alerts to flag suspicious login activity and monitor access logs.
- Hardened systems using firewall rules and mitigation strategies aligned with testing and monitoring goals.
Cybersecurity Blog & Azure Web Application
- Designed and deployed a secure Python Flask web application hosted on Microsoft Azure using Docker containers.
- Configured SSL certificates (self-signed and Azure-managed) and implemented Azure WAF geo-blocking rules.
- Managed deployment, troubleshooting, and monitoring using Linux-based command-line tools.
- Remediated security vulnerabilities using Azure Security Center and Microsoft Defender for Cloud.
- Published technical documentation and CTF walkthroughs demonstrating structured testing workflows and root-cause analysis.
- Emphasized hands-on experience in cloud deployment, application hardening, and system-level QA testing.
LangChain Document Q&A Web Application
- Built a full-stack document question-answering application using LangChain, FastAPI, and React.
- Enabled users to upload documents and ask context-aware questions against embedded content.
- Wrote automated tests using pytest to validate backend logic, edge cases, and API reliability.
- Implemented robust error handling, logging, and input validation across the application.
- Demonstrated end-to-end testing awareness, version control practices, and iterative debugging.
Relevant Experience
Applied work in real environments
Experience built through production environments, hands-on security labs, and self-directed development work.
Service Bartender
Cherry Creek Grill · Denver, COHigh-volume, systems-driven restaurant environment requiring accuracy, coordination, and calm execution under pressure.
- • Operated in a fast-paced production environment with strict timing and quality constraints
- • Coordinated across service and kitchen teams to ensure reliable execution during peak volume
- • Managed dozens of concurrent tasks while maintaining consistency and attention to detail
- • Trusted with high-responsibility shifts requiring independence, judgment, and accountability
Cybersecurity & Software Development
Self-directed · Labs and ProjectsHands-on technical learning through real-world projects, security labs, and production-style deployments.
- • Completed multiple Hack The Box machines covering enumeration, exploitation, and privilege escalation
- • Built and deployed Flask-based web applications with secure configuration and CI/CD workflows
- • Documented findings through detailed case studies and technical write-ups
- • Practiced threat modeling, input validation, and secure defaults across all personal projects
This experience reflects applied learning and hands-on problem solving. Detailed technical case studies are available throughout the site.
Education
Training and credentials
Formal coursework and certifications supporting my focus on security fundamentals and practical development.
Education
University of Denver — Cybersecurity Bootcamp
Hands-on labs across networking, web security, Linux, and cloud fundamentals.
University of Colorado Boulder
Neuroscience
Certifications
CompTIA Security+ (SY0-701)
Security fundamentals, risk management, network security, and incident response.
PCAP — Python Certification
Python foundations, data structures, OOP basics, and scripting patterns.
CompTIA Network+ (planned)
Expanding networking depth to strengthen security fundamentals.
Interests
Outside of work
A few things that keep me curious, balanced, and motivated outside of technical work.
I enjoy staying active, building personal projects, and spending time on things that encourage curiosity, creativity, and long-term thinking.