My day-to-day work involves analyzing systems, identifying potential weaknesses, and designing solutions that keep networks, applications, and infrastructure secure. Each project is a puzzle, and I enjoy the process of understanding how different components interact and where things might go wrong.
A large part of my work is threat modeling and risk assessment. I break down complex systems into their constituent parts and evaluate where vulnerabilities could arise. From there, I plan mitigations, build safeguards, and test systems to make sure they behave as expected under real-world conditions. Attention to detail and foresight are essential, because the smallest overlooked detail can become the biggest problem.
I also spend significant time collaborating with teams, whether that’s developers, IT staff, or stakeholders. Explaining complex technical concepts in clear, actionable ways is just as important as writing code or configuring security controls. A good security engineer bridges the gap between technical rigor and practical implementation.
Over the years, I’ve worked on a variety of systems and projects, from enterprise networks to cloud services and emerging technologies. Each project brings unique challenges and opportunities to learn and innovate. Security is never static, and part of the work is continuously researching new threats, tools, and best practices.
Coming (very) soon:
Sample Audit Report
Sample Incident Post Mortem
Sample Exploit Biopsy Report