Building secure systems through defensive security, applied machine learning, and systems engineering.
I focus on understanding why systems behave the way they do before designing solutions for them. My work spans detection engineering, AI pipelines, digital forensics, and infrastructure, with an emphasis on data quality, reproducibility, and systems-level reasoning.
I work at the intersection of Blue Team Operations, Artificial Intelligence, and Systems Engineering.
My research philosophy is simple:
Deep understanding is more valuable than memorizing implementation steps. Better data consistently outperforms bigger models. Every configuration should be explainable rather than blindly replicated.
My interests include:
- Detection Engineering
- Security Operations Centers (SOC)
- Digital Forensics
- Applied Machine Learning
- Retrieval-Augmented Generation (RAG)
- AI Systems
- Linux Systems Engineering
- Offensive Security Research
Designed and deployed a complete LAN-based Security Operations Center using Wazuh, Ubuntu, Kali Linux, and Windows 10 endpoints. Developed custom XML detection rules, correlated cross-platform security events, and implemented automated brute-force mitigation using native iptables active responses.
Developed production-oriented machine learning workflows for Amazon product price prediction, benchmarking statistical baselines against Random Forest, XGBoost, and specialized local Deep Neural Networks.
Designed modular Retrieval-Augmented Generation pipelines featuring:
- Semantic retrieval
- Intelligent chunking
- Query rewriting
- Embedding optimization
- Evaluation metrics
- Context-aware inference
Co-developed a physical enterprise network simulation reproducing a complete intrusion lifecycle:
- Initial foothold
- Credential interception
- NTLM relay
- Lateral movement
- Honeypot interaction
- Detection engineering validation
The project bridges offensive tradecraft with defensive visibility to study attacker behavior from a Blue Team perspective.
A secure, full-stack platform for collaborative Capture The Flag documentation.
Features end-to-end encrypted writeup storage designed for security teams requiring confidentiality while collaborating during competitions.
An automated attack-simulation framework that models enterprise infrastructures as vulnerability graphs.
The project focuses on understanding attack paths, privilege escalation opportunities, and defensive prioritization through graph-based security analysis.
- Detection Engineering
- AI for Defensive Security
- Retrieval-Augmented Generation
- Large Language Models
- Digital Forensics
- SIEM Engineering
- Threat Detection
- Vulnerability Graph Analysis
- Network Defense
- Linux Systems
- Applied Machine Learning
I continuously improve practical skills through structured security research and hands-on labs.
Current platforms include:
- Hack The Box
- pwn.college
- TryHackMe
- PicoCTF
Outside technical work, I enjoy painting and crocheting. Both provide a deliberate contrast to analytical problem solving and help maintain a balance between creative thinking and systems engineering.
"The objective is not simply to make systems work. The objective is to understand why they work, why they fail, and how to engineer them to be resilient."