About Me

Hi there! I’m Nicholette—a cybersecurity enthusiast in Hemet, California, who spends way too much time asking, “But what if someone tries to break in?” While I am a newly graduated cybersecurity professional with a [Bachelor’s in Cybersecurity, Associate’s in IT, and IT Certificate], my journey began long before I earned my degrees.

I didn’t wait for a job to start learning how hackers think. While earning my degrees, I turned my tiny apartment into a lab (much to my router’s dismay). Picture me hunched over a laptop at 2 AM, reverse-engineering a mock e-commerce site’s payment gateway just to patch a sneaky SQL injection flaw I found. That’s how I learned. No corporate red teams, no fancy tools—just me, Kali Linux, and a stubborn drive to outsmart vulnerabilities.

My friends call me the “explainer.” When my grandma got phished by a suspicious email, I didn’t just fix her inbox—I made her a cheat sheet titled “Spot the Scam: A Guide for Non-Tech Humans.” Turns out, breaking down risks into plain language is my superpower.

Right now, I’m obsessed with remote penetration testing. Why? Because the future of work is hybrid, and so are the threats. I’ve practiced simulating attacks on cloud systems, cracked WPA2 keys in my home lab, and even “hacked” my own smart devices (spoiler: they’re *way* too trusting).

Am I new? Sure. But here’s what I bring: fresh eyes, a DIY hustle, and the kind of curiosity that turns “What if?” into “Fixed it.” As a recent graduate with a Bachelor’s in Cybersecurity and a passion for ethical hacking, I specialize in remote penetration testing that uncovers hidden risks before attackers do. My self-taught journey—from mastering Metasploit in home labs to reverse-engineering authentication flaws in simulated environments—has equipped me to think like a hacker and act like a guardian. Whether securing cloud data storage or hardening WordPress sites, I focus on practical, scalable solutions that let businesses innovate fearlessly. Let’s turn your vulnerabilities into strengths—no on-site visit required.

Fun fact: I’ve never lost a game of Capture the Flag (the hacking kind, not the playground version).

Expertise & Skills

Here’s a quick overview of my core strengths and skills as an IT consultant, designed to highlight my capabilities in cybersecurity:

Proactive Technical Foundation: Certified in cybersecurity fundamentals through LinkedIn Learning, with hands-on practice in vulnerability scanning, network reconnaissance, and exploit development via platforms like Hack The Box and TryHackMe.

Remote-Ready Penetration Testing Skills: Proficient in identifying and exploiting vulnerabilities in web apps/network systems using tools like Nmap, Metasploit, and Burp Suite—all practiced in a self-built home lab simulating remote attack surfaces.

Ethical Hacking Mindset: Trained in ethical hacking methodologies, including OWASP Top 10 vulnerabilities, to assess risks while adhering to legal and compliance frameworks like GDPR and PCI DSS.

Clear Risk Communication: Skilled at translating technical flaws into actionable insights for non-technical stakeholders—honed by creating guides to secure personal devices for peers and family.

Self-Driven Learning Agility: Mastered cloud security, Linux administration, and Ansible automation through online coursework, demonstrating adaptability to emerging tech landscapes.

Certifications & Credentials:

  • Cybersecurity: IT Security Foundations (LinkedIn Learning)
  • Penetration Testing: Completed [X] offensive security labs (e.g., “Exploiting Buffer Overflows in HTB Machines”)
  • Tools: Wireshark, Kali Linux, John the Ripper

Differentiators: I combine academic rigor in cybersecurity with guerilla-style hands-on practice—preparing me to identify and mitigate threats that traditional IT workflows often miss. My goal isn’t just to find vulnerabilities but to empower businesses to build resilience, whether I’m working from a coffee shop or a home office.

A Consultant's Approach

Last summer, my favorite local café asked me to look at their Wi-Fi after customers complained about weird pop-ups. They thought it was just a glitch, but I wondered: What if someone’s actually snooping?

Here’s what I did:

  1. Played Detective (Ethically!): With the owner’s permission, I used Wireshark to sniff network traffic from my laptop—right there between sips of cold brew. Within minutes, I spotted unencrypted data packets and a rogue device named “Free_Coffee” mimicking their legitimate network.
  2. The “Aha” Moment: Using Kali Linux tools, I discovered the rogue hotspot was phishing for login credentials. Someone had plugged a Raspberry Pi into their router—a physical breach hiding in plain sight!
  3. Fixing It, Fast & Friendly: Instead of drowning the owner in terms like “evil twin attack,” I said: “Imagine a fake waiter stealing credit card numbers. That’s what’s happening. Let’s unplug the imposter and lock your Wi-Fi’s back door.”
  4. Long-Term Armor: I taught them to set up a separate guest network, enabled WPA3, and made a laminated sign: “Don’t connect to ‘Free_Coffee’—it’s a digital pickpocket!”

Why This Matters for Consulting:

  • Proactive, Not Reactive: I didn’t wait for a breach to act—I hunted the “glitch.”
  • Tools ≠ Expertise: Knowing how to use Kali Linux helped, but translating risks into café-owner language mattered more.
  • Ethics First: I documented every step and got explicit permission, modeling responsible hacking.

Your Takeaway from Me:

I’m the consultant who’ll spot the Raspberry Pi in your router and make sure your team understands why it’s a threat—no PhD in jargon required.