COMPLETED
Home Active Directory lab
AD · GPO · ENUMERATION
2024 → present
The professional home of Osman L. Caceres Jr., a career-changer moving from over a decade in automotive sales into cybersecurity. Focused on identity and access management, Active Directory, and defensive security for small and mid-sized teams.
I've spent more than a decade in client-facing automotive sales — from January 2012 to September 2022 at Rye Ford in Rye, NY, where I was promoted to Assistant Sales Manager and trained incoming staff, and since April 2023 at Park Ford of Mahopac. I hold Ford Master Certification in Commercial Vehicle Sales and spent years as a Commercial Account Manager, handling fleet accounts, complex B2B transactions, and the long-term relationships that come with them.
The day-to-day of that work looks like sales. What it actually is, is data. Verifying financial records before they're approved. Investigating pricing and documentation discrepancies before they propagate. Maintaining structured CRM records that have to stand up to audit. Translating complex contracts into language a buyer can act on. The workflow of a careful sales desk maps surprisingly cleanly onto the workflow of a security analyst — pattern recognition, anomaly detection, escalation, clear reporting.
What a decade on a sales desk also teaches you is how to earn trust across a table — reading a room, explaining a technical decision to someone whose money is on the line, and following through on what you said you'd do. Today I'm focused on building a career in cybersecurity — specifically in identity and access management, endpoint defense, and the small-and-mid-sized-business security work where my client-facing experience actually maps. The site you're on is the brand I'll eventually build that practice under. For now, it's where I keep the projects, the credentials, and the evidence of the work.
I came to cybersecurity from the other side of the breach. Both a family member and I have been victims of identity fraud, and that experience changed how I think about the systems that hold people's most sensitive information. It's what pushed me to start studying cybersecurity seriously — the Google Cybersecurity Professional Certificate first, then building a home Active Directory lab from scratch, scripting in Python, working through TryHackMe, and going deep on identity and access management as a specialization.
A decade-plus in sales has taught me that the technical side of a problem is rarely the hardest part. The hardest part is earning trust, communicating under pressure, and staying consistent when no one's looking. Those are the same qualities that matter in security work — where a careless email, a default password, or a missed patch can cost a small business its payroll, its patient records, or its reputation.
How you handle things when no one is watching says the most about your character.
My particular interest is in identity and access management. Identity is the new perimeter. So many breaches today trace back to stolen credentials or mismanaged permissions — not to exotic zero-days, but to someone who had access they shouldn't have had, or kept access they no longer needed. That's where I want to do the work.
What I bring to a security team isn't a decade of red-team experience. It's over a decade of handling other people's trust, the discipline to see a problem through from diagnosis to fix, and the habit of never claiming a skill I can't defend in a conversation. The technical depth I'm building every day — through coursework, labs, and projects I can walk through line by line. The rest I've already earned.
A growing set of hands-on cybersecurity work — home labs, Python projects, and write-ups. Each card will expand into full detail (scope, approach, lessons learned) as the write-ups come online.
If you're hiring and my background looks like a fit, I'd welcome the conversation. I read every message and respond within one business day.
Send a message →