Senior Security Architect, Engineer & Analyst defending high-assurance, regulated environments across cyber, multi-cloud, and AI. I design enterprise security programs, lead enterprise incident response, and engineer the automation & detection platforms that make a SOC scale.
I'm a senior security architect who treats defense as a software discipline — detections as code, automation over toil, and architecture that holds up under audit and attack alike.
Over four years at General Atomics & Affiliated Companies, I progressed from analyst to Senior Security Engineer & Tech Lead, owning enterprise Azure and AWS security programs across a NIST/CMMC-aligned multi-cloud estate and standing up the platforms that run a modern SOC.
I pair deep technical range — detection engineering, DFIR, adversary emulation, cloud & identity architecture — with a business-minded, entrepreneurial lens: protecting contract revenue, cutting spend, and building security that lets the business move faster.
Building and leading enterprise security across cyber, cloud, and AI in a regulated defense environment.
Owned design and build-out of enterprise Azure & AWS security programs across a NIST/CMMC-aligned estate, integrating cloud-native controls with on-prem to run regulated workloads at scale.
Azure · AWS · NIST · CMMCSenior incident response lead for enterprise-scale security events — coordinating containment, eradication, and executive risk communication across large endpoint environments.
DFIR · Enterprise IRArchitected a Detection-as-Code CI/CD platform — treating detections as software with Git version control, SIGMA conversion, automated efficacy testing, and adversary-driven validation.
Detection Eng · SIGMA · CI/CDLed enterprise-wide CMMC readiness across security control domains and supported third-party assessment activities, strengthening certification readiness and strategic business operations.
CMMC · Audit · ComplianceLed adversary emulation and defensive validation exercises to improve detection coverage and control effectiveness across enterprise environments.
Red/Purple · ValidationDirected sensitive digital forensic investigations while preserving evidentiary integrity, stakeholder coordination, and operational continuity.
Forensics · InvestigationsBuilt and integrated AI infrastructure into SecOps tooling, enabling an AI-augmented SOC with accelerated triage, enrichment, and investigative decision-making at scale.
AI · LLM · SecOpsOwned security architecture for a global SaaS platform — secure-by-design infrastructure, identity segmentation, and cross-region telemetry pipelines in a highly regulated environment.
SaaS · Secure-by-DesignDesigned an enterprise automation platform for alert enrichment, investigation, and response — producing seven-figure efficiency gains and enabling continuous operations.
Automation · SecOpsCreated the org's threat-modeling framework to systematically assess cloud workloads, applications, and emerging tech against real-world attack vectors and business impact.
Threat Modeling · RiskArchitected a cloud-native observability platform consolidating enterprise telemetry and replacing legacy tooling while improving correlation, retention, and investigative performance.
Observability · Cost ReductionLed major enterprise security platform modernization across cloud, endpoint, network, and identity telemetry to improve automated correlation and reduce manual triage.
Correlation · ModernizationPublic-safe examples of security engineering, AI-assisted operations, cloud labs, and detection-focused tooling.
Read-only cloud security agent for AWS inventory and risk analysis, using explicit tool calls, mock-backed resources, and guardrails for safe cloud investigation workflows.
Terraform-built cyber range for endpoint telemetry, Wazuh detections, Atomic Red Team exercises, and controlled purple-team practice inside an isolated GCP environment.
Evidence-backed SOC investigation agent that analyzes GuardDuty-style alerts, gathers read-only evidence, and produces structured triage outputs for analyst review.
The tools, platforms, and frameworks I build and defend with.
Industry certifications across architecture, cloud, and operations — plus active clearance and advanced training.
Open to senior security engineering, architecture, and AI-security roles — plus select consulting and speaking. Reach out and I'll get back to you.