//resume of impact
Rebuilt and scaled the Attacker Engineering practice. Builds offensive-informed systems, frameworks, and architecture across Stripe’s security, payments, identity, fraud, and platform surfaces.
Built and matured AWS tier 3 incident response and threat intelligence capabilities for the highest-severity events across AWS, Amazon subsidiaries, and customers. Created scalable response models, tooling, executive reporting, and responder enablement for security work at global scale.
Founded a security engineering firm focused on cloud architecture, risk remediation, and hardened infrastructure. Built and deployed secure systems across AWS, OpenStack, Linux, Windows, Docker, ELK, and data fusion environments, with automation across Chef, Puppet, Ansible, Terraform, Packer, Vagrant, CloudFormation, and Heat.
Led security architecture and open-source hardening work, including Aqueduct, an early compliance remediation project that turned STIG and enterprise security requirements into reusable infrastructure. Notable Red Hat Summit talks on Aqueduct and open-source compliance remediation.
Worked at the intersection of data security, infrastructure, and enterprise defense, helping move security practice from analysis into deployable systems.
Developed offensive security depth through penetration testing and adversary tradecraft. Foundational experience in understanding systems to modeling how adversaries actually win.
Built the foundation in communications systems, operational discipline, and pressure-tested infrastructure. The early lesson: systems fail under pressure, understanding why is the key to success.