The Operator Behind the Reports

Background

I'm a security practitioner with a background in operations — the kind of environment that demands precision, documentation, and clear-headed decision-making under pressure. That foundation translates directly into cybersecurity, where I'm building depth in threat hunting, detection engineering, and cloud security architecture.

This site is the artifact trail. Every hunt report, project case study, and guide represents real lab work and operational research — built in public, version-controlled, and repeatable.

What I Do

I'm building documented capabilities across the following domains:

• Threat Hunting — MITRE ATT&CK aligned, hypothesis-driven hunts across endpoint, network, and cloud telemetry
• Detection Engineering — SIEM detection rules, Sigma content, and KQL/SPL queries that reduce false-positive noise
• Cloud Security — AWS security posture, IAM analysis, CloudTrail/GuardDuty tuning, and landing zone hardening
• Compliance Alignment — NIST CSF 2.0, RMF, and STIG mapping for government and enterprise environments

Target Role

I'm targeting 2210 (Information Systems Security Officer), Threat Hunting, and Cloud Security Engineer roles in cleared or government-adjacent environments. This site is designed to provide the credibility artifact collection that certifications alone can't.

Documentation Philosophy

Security work that isn't documented might as well not have happened. Every hunt produces a report. Every project produces an artifact. This documentation discipline is the operational habit that makes security programs sustainable — and the standard I hold myself to here.

Advisory Services

Available for limited, scoped advisory engagements (time-boxed, NDA available). Focus areas:

• Threat hunt program development for small teams
• Cloud security posture review (AWS)
• Detection engineering and SIEM tuning
• NIST/RMF gap analysis and control mapping

Reach out via the contact page to discuss scope and availability.