I work as a GRC engineer, integrating security and compliance systems to automate control validation and enforce policy adherence. I perform comprehensive risk assessments and report findings across infrastructure and application configurations. I also reverse engineer software binaries and dynamically analyze their behavior to assess third-party software supply chain risk to the organization. Lastly, I also develop applications to assist in GRC-related workflows.

I also work as a freelance security researcher, where I test application and infrastructure for vulnerabilities. I also develop and reverse engineer malware to share IOCs, artifacts, and TTPs for public threat intelligence consumption.

I have a background in DFIR and CTI but I've acquired multiple other skills over the years, including risk analysis, malware research, ethical hacking, AI and LLM engineering, GRC engineering, and programming/scripting (primarily Go).

Offensive Security - HTB CPTS | COWA | C-AI/MLPen | MCRTA

Defensive Security - GCTI

Cloud & AI - AI-900 | AZ-900 | CCSK | TAISE

ICS - GICSP

GRC - CCZT

HTB Malware Analysis Sherlock - Loggy & Malevolent ModMaker