Reflections on My Cybersecurity Journey: Lessons from the Cyber Range

Table Of Content
- š Reflections on My Cyber Range Journey
- Introduction
- šÆ Why I Joined the Program
- š ļø Skills I Developed
- Ā š„ļø Microsoft Security
- Ā š Threat Hunting
- Ā šØ Incident Investigation
- Ā š”ļø Governance and Risk
- š» Portfolio Projects
- š” What I Learned
- š Connecting My Previous Experience
- š Looking Ahead
- Final Thoughts
š Reflections on My Cyber Range Journey
Introduction
Recently, I completed a hands-on Cyber Range training program with LOG(N) Pacific, focused on security operations, Microsoft security technologies, threat hunting, and technology risk. Throughout the program, I developed hands-on experience that I later consolidated into several public portfolio projects.
Coming from a financial risk management background, my goal wasn't simply to earn certifications - it was to gain practical experience investigating security events, understanding enterprise security workflows, and building a portfolio that demonstrated those skills.
Looking back, the experience became an important milestone in my transition into cybersecurity.
šÆ Why I Joined the Program
When I began my journey, I realized that certifications alone wouldn't be enough.
I wanted hands-on experience with:
- Security monitoring
- Threat hunting
- Incident analysis
- Microsoft security technologies
- Security governance
- Technology risk
The Cyber Range provided an opportunity to work through realistic security scenarios in a structured learning environment.
š ļø Skills I Developed
Over several months, I gained experience across cybersecurity, Microsoft security technologies, cloud security concepts, and technology risk.
š„ļø Microsoft Security
Working with Microsoft's security ecosystem was one of the most valuable aspects of the program.
This included:
- Microsoft Sentinel
- Microsoft Defender for Endpoint
- Azure Log Analytics
- Kusto Query Language (KQL)
Learning how these tools fit together provided a much better understanding of enterprise security operations and the broader Microsoft cloud security ecosystem.
š Threat Hunting
Rather than simply responding to alerts, I learned how to proactively investigate endpoint and network telemetry.
Topics included:
- Process investigations
- Network activity
- Authentication events
- Timeline reconstruction
- MITRE ATT&CK mapping
These exercises reinforced the importance of asking questions rather than jumping to conclusions.
šØ Incident Investigation
One of the biggest takeaways was understanding how security investigations are performed in practice.
This involved:
- Reviewing telemetry
- Identifying suspicious behavior
- Correlating events
- Assessing impact
- Documenting findings
- Escalating when appropriate
I found that clear documentation and structured thinking were just as important as technical knowledge.
š”ļø Governance and Risk
Coming from a financial risk background, I naturally gravitated toward the governance aspects of cybersecurity.
Alongside technical investigations, I completed projects involving:
- ISO/IEC 27001 risk assessments
- Vulnerability management (Tenable)
- Incident escalation workflows
- Security controls
- Technology risk
These projects helped connect my previous career with my new direction.
š» Portfolio Projects
The knowledge and experience gained throughout the program later formed the foundation for several public portfolio projects.
These included:
- š¤ AI SOC Analyst Agent
- š Ransomware Threat Hunt
- š Tor Browser Investigation
- š Vulnerability Management Program
Each project allowed me to explore a different aspect of security operations and governance while improving my technical writing and documentation.
š” What I Learned
Perhaps the biggest lesson was that cybersecurity is rarely about finding a single "correct" answer.
Successful investigations require:
- Critical thinking
- Structured analysis
- Attention to detail
- Risk assessment
- Communication
- Continuous learning
Technology provides the data - but people still provide the judgment.
š Connecting My Previous Experience
One unexpected realization was how much my previous career still mattered.
Many of the skills developed in financial risk management translated naturally into cybersecurity:
- Risk assessment
- Controls evaluation
- Audit support
- Stakeholder communication
- Structured reporting
- Governance
Rather than starting from zero, I was building upon an existing foundation.
That realization gave me much greater confidence in my career transition.
š Looking Ahead
Completing the Cyber Range wasn't the finish line - it was the beginning of the next stage of my career transition.
While security operations and technology risk remain my primary focus, I also plan to continue expanding my understanding of cloud technologies and cloud security alongside AI-assisted security workflows and governance.
Going forward, I intend to continue developing in areas including:
- Technology Risk
- Security Governance
- Information Security
- Microsoft Security
- Cloud Security
- AI-assisted Security Workflows
- Professional Japanese Communication
Rather than focusing solely on certifications, my goal is to continue strengthening practical skills through hands-on projects, continuous learning, and real-world application.
Final Thoughts
Looking back, the greatest value of the Cyber Range wasn't any single lab or project.
It was the opportunity to bridge theory with hands-on application while gaining a deeper understanding of how enterprise security teams investigate incidents, manage risk, and support business objectives.
For anyone considering a transition into cybersecurity, my biggest piece of advice would be this:
Certifications build knowledge. Practical experience builds confidence. Combining both creates the strongest foundation for long-term growth.
Thank you for reading! š
I'd also like to thank the instructors and mentors at LOG(N) Pacific for providing a practical learning environment that helped strengthen my understanding of modern security operations and technology risk.
If you're interested in technology risk, cybersecurity, Microsoft security technologies, or governance, I'd be happy to connect and exchange ideas.
š My GitHub portfolio and additional project write-ups are available through the links on this site.
