Senior Cybersecurity Analyst
AppSec, pentesting,
and AI-driven security.
I work in application security at an enterprise level — web and API penetration testing, threat modeling, DAST, and building automation that makes security scale. Currently also building a home SOC lab to understand the detection side.
Core skills
Web & API Pentesting Threat Modeling DAST · SAST · SCA WAF / WAAP AI/ML Security Security Automation CI/CD Integration Python · JavaScript · Java
Currently building
SOC Lab Threat Hunting DFIR Projects
Active project
Home SOC Lab
Building a full defensive stack from scratch — Security Onion, Wazuh, Sysmon, Atomic Red Team, TheHive, MISP, and Velociraptor. All free, all open source, running in VirtualBox. Each component gets its own post when it's done.
Security Onion Wazuh MITRE ATT&CK VirtualBox
Read the blog
Day job Application Security
Penetration testing, threat modeling, DAST pipelines, WAF migrations, and AI-driven security automation at enterprise scale. Details on the about page.
Pentest Threat Modeling DAST AI/ML Security
About me