I’ve spent nearly two decades in cybersecurity. Hands on networks before the cloud existed. Protecting systems where a breach doesn’t just cost data, it costs safety.

In that time, I’ve trained analysts and teams across red team, blue team, and everything in between. And one pattern keeps showing up.

The people who perform best — in exercises, during incidents, when troubleshooting at 3am — aren’t the ones with the longest cert list or the latest tools. They’re the ones who think differently.

They question before they escalate. They sit with discomfort instead of closing the ticket. They understand the why, not just the what.

That’s what this newsletter is about.

The Analyst Mind is where I share what I’ve learned from years of training, incident response, detection engineering, troubleshooting, and building secure infrastructure — not as a tool guide, but as a thinking guide. Whether you’re a SOC analyst, a sysadmin, a network engineer, or somewhere in between, the mindset is what makes the difference.

What you can expect here:

Deeper dives into the topics I post about on LinkedIn — critical thinking, offensive skills for defenders, AI in security operations, threat hunting, and incident preparedness.

Frameworks and mental models that make you better at your craft — not because you memorize more, but because you reason better.

Behind-the-scenes lessons from real training exercises, tabletop scenarios, and operational troubleshooting — what worked, what failed, and why.

My honest take on where this industry is heading — especially as AI reshapes how we work.

I started this because I believe our industry doesn’t have a tools problem. It has a thinking problem. And the people who solve that — whether they sit in a SOC, a server room, or a red team engagement — will be the ones who define the next era of security.

If that resonates, subscribe. I publish every two weeks, and I keep it practical.

Welcome to The Analyst Mind.