I work as a GRC engineer, integrating security and compliance systems to automate control validation and enforce policy adherence. I perform comprehensive risk assessments and report findings across infrastructure and application configurations. I also reverse engineer software binaries and dynamically analyze their behavior to assess third-party software supply chain risk to the organization. Lastly, I also develop applications to assist in GRC-related workflows.
I also work as an independent security researcher, where I test applications and infrastructure for vulnerabilities. I also develop security tooling and malware analysis labs.
I have a background in DFIR and CTI but I've acquired multiple other skills over the years, including risk analysis, malware research, ethical hacking, AI and LLM engineering, GRC engineering, and programming/scripting (primarily Go).
Defensive Security - GCTI
Offensive Security - HTB CPTS
ICS - GICSP
GRC - CCZT
HTB Malware Analysis Sherlock - Loggy & Malevolent ModMaker


