Security engineer specializing in cloud security, DevSecOps, penetration testing, and software supply chain security. 2025 validation: led team to 1st place Bloomberg CTF (5-hour infrastructure compromise vs. 3-day design). Technical authority in regulated environments (Finance, Legal, Healthcare) with expertise in Zero Trust architectures, SBOM generation, vulnerability management, and compliance frameworks.
Core Competencies
Security: Cloud (AWS/Azure/GCP), Zero Trust, IAM, SIEM (Splunk/ELK), EDR, SOC 2/ISO 27001/NIST CSF, Penetration Testing
DevSecOps: Terraform, Ansible, CI/CD (GitHub Actions/GitLab CI/Tekton), SAST/DAST, Supply Chain Security
Supply Chain Security: SBOM (SPDX/CycloneDX), VEX/CSAF, Vulnerability Management (CVE/OSV), CPE/PURL
Development: Python, PostgreSQL, REST APIs, Docker/Podman
Infrastructure: Kubernetes (EKS/AKS/GKE/OpenShift), Linux, Proxmox, pfSense, Networking
Emerging: Offline AI, Smart Contract Security, DeFi
Professional Experience
Security Engineering Consultant
2021 - Present | New York, NY & Remote
Sectors: Finance, Legal, Healthcare
- Design and implement enterprise security infrastructure (Kubernetes, EDR, SIEM) with emphasis on compliance readiness
- Develop Python automation for SBOM generation (SPDX/CycloneDX) and vulnerability tracking, integrating supply chain security into CI/CD pipelines with PostgreSQL backend
- Build automated incident response systems connecting vulnerability intelligence (CVE/OSV) to component mapping, enabling rapid identification of impacted dependencies
- Architect DevSecOps pipelines integrating SAST/DAST, SBOM signing, and secrets management; implement CSAF VEX advisory generation
- Develop embedded AI systems for air-gapped environments; provide blockchain security expertise for DeFi and smart contract implementations
- Configure Zero Trust architectures and cloud security controls aligned to NIST CSF, SOC 2, ISO 27001, PCI DSS, NYDFS 23 NYCRR 500, HIPAA/HITECH, and EU CRA requirements
AV/IT Engineer - Contractor
2015 - Present | New York, NY & Touring
Clients: Goucher College, Black Spectrum Theatre, NYC Tango | Featured: Washington Post, CBS, NYT
- Designed production networks (VLANs, ACLs) with disaster recovery playbooks; built fault-tolerant show control systems for mission-critical live events
- Achieved sub-2-minute MTTR through standardized runbooks; managed web infrastructure (TLS, CDN/WAF); led staff training
Skill Validation
1st Place - Bloomberg Hackathon Cybersecurity CTF (2025)
- Led team to complete infrastructure compromise in 5 hours (designed for 3 days); conducted pre-event recon and developed training materials
- Demonstrated advanced penetration testing, multi-vector exploitation, and real-time vulnerability analysis
Department of Defense Cyber Sentinel Hackathon (2025)
- Cleared entire malware analysis and reverse engineering track
Technical Projects
- Advanced Security Lab: Production-grade Proxmox cluster with Kubernetes, blockchain simulation (Anvil/Besu), federated auth (Windows Server-AWS), security monitoring (pfSense/Snort/Splunk), GPU-accelerated offline AI (LLaMA.cpp)
- Embedded AI Payment Orchestrator: Python-based client implementation with multi-hop cross-chain routing using MCP protocol, market data integration, policy enforcement, and MEV mitigation for optimized transaction costs
- AWS Security Suite: IAM exploitation simulation (SSH agent hijacking), automated EDR/IR testing with Terraform, GuardDuty-to-Lambda containment workflows for rapid incident response
Education
Goucher College - B.A. Applied Computer Science & IT in the Arts, 2010-2014 (Honors in Major, Phi Beta Kappa)