I am a Senior Security Engineer & Strategist with experience building security functions at Government Agencies and Financial Institutions, including helping a private bank earn recognition as one of America’s Most Cybersecure Banks.
I blog about cloud security, organizational resilience and technical leadership.
Specialization in cloud-native security technologies, with a focus on Microsoft Sentinel (SIEM) and Microsoft Defender, leveraging these tools to detect, investigate, and respond to cyber threats at scale. My expertise extends to Application Security (AppSec) and DevSecOps, where I integrate security into CI/CD pipelines, ensuring applications and workloads are hardened from development through deployment.
I have experience implementing advanced security controls, optimizing threat detection strategies, and enhancing incident response processes within complex cloud environments. My approach is centered on proactive risk mitigation, secure development practices, and aligning security with business objectives to drive resilient, scalable security programs.
A Senior Penetration Tester at a federal agency, where I conducted nation-state adversary emulations, cloud security assessments, and penetration testing engagements across multiple federal cloud environments. I executed purple team operations, leveraging real-world TTPs to assess the resilience of federal systems, provided intelligence-backed security recommendations, and played a critical role in enhancing the cybersecurity posture of national assets.
A Senior Malware Analyst at a federal agency, where I specialized in malware analysis, reverse engineering, and national cyber defense operations. I analyzed nation-state threats, developed YARA signatures, and reverse-engineered sophisticated malware impacting government agencies and critical infrastructure sectors. My intelligence reports and findings were adopted across the U.S. intelligence community, influencing cyber defense strategies and threat mitigation efforts nationwide.
A Senior Incident Response Operator at a federal agency, where I monitored, investigated, and responded to security incidents impacting critical federal infrastructure. I leveraged SIEM technology for advanced threat correlation, conducted intrusion analysis and developed custom rules to detect and mitigate active cyber threats. My work in threat intelligence and post-incident forensics strengthened cybersecurity resilience across .gov networks, improving detection, prevention, and response capabilities.
As a Squad Leader in the U.S. Army, I led a team of over 10 junior enlisted personnel, overseeing real-world cyber operations critical to national security. I conducted both defensive (Blue Team) and offensive (Red Team) cybersecurity missions, securing vulnerable wireless networks, preventing potential threats, and safeguarding U.S. Army Enterprise Networks from exploitation. For my contributions, I was recognized and awarded by the U.S. Army for excellence in cyber defense and securing national assets.