Image.jpg

SOC SecOps Lead & DFIR consultant at :bhis-logo: Black Hills Information Security.

Instructor with :antisyphon: Antisyphon.

Obsessed with 💻, 🏎️, and 🏊‍♂️🚴‍♂️🏃‍♂️

<aside> <img src="/icons/following_gray.svg" alt="/icons/following_gray.svg" width="40px" /> **Socials

Twitter GitHub LinkedIn**

</aside>

<aside> <img src="notion://custom_emoji/f1e20e0e-f958-4ad6-8220-41834a3177ca/1349adbd-de02-806a-85d1-007a348fd63e" alt="notion://custom_emoji/f1e20e0e-f958-4ad6-8220-41834a3177ca/1349adbd-de02-806a-85d1-007a348fd63e" width="40px" /> Content & Training

Antisyphon Training All Content

</aside>

<aside> <img src="/icons/camera_gray.svg" alt="/icons/camera_gray.svg" width="40px" /> Astrophotography

🔭Astrophotography

</aside>

<aside> Noct Information Security, LLC

</aside>

Bio

Hayden Covington is a Security Operations leader, Detection Engineer, and Instructor who serves as the Security Operations Lead at Black Hills Information Security and an instructor for Antisyphon Training. With nearly a decade of hands-on experience in Security Operations, Detection Engineering, and Incident Response, he specializes in building and running high-performing blue teams.

Hayden began his security career as a SOC Analyst at Newport News Shipbuilding (Huntington Ingalls Industries), where he worked on the incident response team and later focused on insider threat analysis and SOAR engineering. That experience gave him a deep understanding of how to turn raw telemetry into actionable detections and automate repeatable response at scale.

At BHIS, Hayden leads detection engineering efforts, develops and operationalizes threat intelligence processes, and oversees day-to-day SOC operations across a diverse customer base. His work centers on designing high-fidelity detections, reducing analyst noise, and building workflows that let defenders move quickly and confidently during investigations.

Hayden teaches Antisyphon’s Foundations of Security Operations course, where he walks students through SIEM engineering, ticketing workflows, detection engineering, and alert investigation from the ground up. His teaching is grounded in real-world SOC experience, giving students immediately actionable skills they can bring back to their environments.

Outside of customer work and the classroom, Hayden is a regular contributor to the BHIS blog and a frequent guest on information security talk shows and webcasts, where he covers blue-team topics with a particular focus on detection engineering. He holds a Bachelor’s degree in Cyber Security.