You will get custom Python scripts for security automation and data extraction
Project details
Stop manual data processing. Automate your security intelligence with custom Python tooling.
Efficiency in a SOC or a research environment depends on how fast you can process data. I develop specialized Python scripts designed for high-performance security tasks—from harvesting threat intelligence to automating complex log analysis.
What I can automate for you:
Threat Intel Harvesters: Automated extraction of IOCs (IPs, Hashes, Domains) from Telegram channels or web sources.
Log Parsing Engines: High-speed scripts to extract, clean, and reformat massive security datasets.
Security Tool Integration: Automating the "handshake" between different APIs (e.g., pulling data from VirusTotal and sending it to your SIEM).
Automated Reporting: Scripts that gather data from multiple sources and generate a clean PDF or CSV summary daily.
Why my code?
Scalable: I use multi-threading for fast data processing.
Maintainable: Clean, commented code with a requirements.txt file for easy setup.
Secure: I follow best practices for handling API keys and credentials.
Efficiency in a SOC or a research environment depends on how fast you can process data. I develop specialized Python scripts designed for high-performance security tasks—from harvesting threat intelligence to automating complex log analysis.
What I can automate for you:
Threat Intel Harvesters: Automated extraction of IOCs (IPs, Hashes, Domains) from Telegram channels or web sources.
Log Parsing Engines: High-speed scripts to extract, clean, and reformat massive security datasets.
Security Tool Integration: Automating the "handshake" between different APIs (e.g., pulling data from VirusTotal and sending it to your SIEM).
Automated Reporting: Scripts that gather data from multiple sources and generate a clean PDF or CSV summary daily.
Why my code?
Scalable: I use multi-threading for fast data processing.
Maintainable: Clean, commented code with a requirements.txt file for easy setup.
Secure: I follow best practices for handling API keys and credentials.
Programming Languages
PHP, Python, GoCoding Expertise
SecurityWhat's included
| Service Tiers |
Starter
$60
|
Standard
$200
|
Advanced
$500
|
|---|---|---|---|
| Delivery Time | 2 days | 5 days | 10 days |
Number of Revisions | 0 | 0 | 0 |
Install Script | |||
Test Script | |||
Task Automation |
Frequently asked questions
About Andrew
SOC TeamLeader | SIEM Engineer | Python Security Automation Expert
Cairo, Egypt - 4:58 pm local time
How I Can Help Your Business:
• SIEM Engineering & Optimization: Expert-level configuration of Wazuh, FortiSIEM, and Splunk. I specialize in custom parser development (Regex/XML/JSON) and mapping detection rules to the MITRE ATT&CK framework to reduce "noise" and false positives.
• Security Automation: I build custom Python tools to eliminate manual SOC tasks. From "Harvester" scripts that extract threat intel from Telegram to automated log-parsing engines, I build tools that scale with your data.
• Infrastructure & Orchestration: Extensive experience in server hardening (Ubuntu/Debian), orchestration via Cockpit, and managing centralized storage (NFS/SMB) for high-performance environments.
• Detection Engineering: I focus on "Permanent Configurations"—building systems that are documented, persistent through reboots, and built to survive high-load scenarios.
Core Technical Stack:
• SIEM/EDR: Wazuh, FortiSIEM, Splunk, Cortex XDR, Elasticsearch.
• Automation: Python (Telethon, Requests, BeautifulSoup, Subprocess).
• Infrastructure: Proxmox, Linux (Ubuntu/Debian), Cockpit, Docker, NFS/SMB.
• Security: Threat Hunting, Log Integration, MITRE ATT&CK Mapping.
Proven Track Record:
• SOC Transformation: Successfully executed a major transformation project, optimizing licensing and achieving real-time alerting through custom data quality improvements.
• Intelligence Automation: Developed a multi-threaded Python engine to automate the harvesting and parsing of security metadata from encrypted data streams.
• Infrastructure Design: Designed and deployed centralized storage and virtualization pipelines for professional-grade homelabs and testing environments.
My goal is to provide more than just technical support; I provide a roadmap to a more resilient security posture.
Let’s discuss your project and see how I can automate your security workflows. Click "Message" or "Hire Now" to get started.
Three Quick Tips for Your Upwork Profile:
1. The "First Two Lines" Rule: In search results, clients only see the first two lines of your bio. Ensure your first sentence immediately identifies you as an expert (e.g., "SOC Specialist...") rather than starting with "Hello, I am..."
2. Use Your Case Studies: Since you’ve worked on a SOC Transformation and the Telegram Harvester, make sure those are listed in your "Portfolio" section with screenshots of dashboards or clean code.
3. Specialized Profiles: On Upwork, you can create two "Specialized Profiles." Use one for SIEM/SOC Engineering and the other for Python Automation. This allows you to appear in search results for both niches.
Steps for completing your project
After purchasing the project, send requirements so Andrew can start the project.
Delivery time starts when Andrew receives requirements from you.
Andrew works on your project following the steps below.
Revisions may occur after the delivery date.
Logic Mapping:
We discuss your manual workflow and define the inputs/outputs.
Development
I build the core script using libraries like Telethon, Requests, or Subprocess.