I'm a cybersecurity professional, developer, and educator with over a decade of hands-on experience across security operations, engineering, GRC, and training.
I build practical solutions, automate workflows, break down complex topics, and teach what actually matters.
My work spans offensive and defensive security, software development, networking, infrastructure, AI automation, and technical education. The throughline is the same: take a real problem, understand it, build the smallest thing that solves it, and document it so the next person does not have to start from zero.
In Depth
A working profile of the areas I have shipped in, written as a list rather than a resume. Each section points to the topics I can speak to in production, in teaching, and in writing.
Defensive and offensive work in production: detection, identity, endpoint, email, and the controls that actually hold up under attack.
Protocol-level work and network design for environments that need to be both reachable and defensible.
Linux from a security and infrastructure operator's perspective: services, permissions, logging, and the packet path.
Engineering habits that pay off in security work: small APIs, safe defaults, testable failure modes.
Cloud security across AWS, Azure, and the multi-cloud edge cases: identity, network, detection, and cost-aware architecture.
Threat intelligence, tradecraft, and case studies: actor profiles, campaign timelines, IOC analysis, and detection work.
Curriculum, lab design, and assessment for cybersecurity and IT programs: scope, sequence, and what students actually retain.