// SEC_ENG
I think like an adversary.
I build like
an engineer.
Endpoint hardening, cloud architecture, detection engineering, CI/CD security — full-stack defense, because threats don't respect architecture boundaries.
View Work →Context // 01
Security engineering isn't one discipline — it's every layer, and every layer has assumptions worth questioning. I work across the full stack not because I have to, but because the gaps between domains are exactly where things go wrong. Operational reality informs everything I build — controls that look right on paper and hold under real pressure aren't the same thing.
Projects // 02
A selection of engagements — not everything, but the ones worth talking about.
Cloud Security Controls
Designed and implemented security controls across a cloud environment — access policies, logging pipelines, and centralized alerting.
Endpoint Hardening & Detection
Hardened endpoints across multiple OS platforms against a security baseline. Built detection coverage for host-level threats and enforced configuration at scale.
Web Application Security
Worked closely with a development team to find and close security gaps before they hit production. Covered threat modeling, code review, and hands-on testing.
CI/CD Hardening & SIEM/SOAR
Secured CI/CD pipelines against supply chain risks, built logging pipelines feeding into SIEM, and authored SOAR playbooks to automate operations.
Domains // 03
Credentials // 04
Contact // 05
All the ways to reach me.