Security Engineer

I am a Senior Software Engineer and Security Officer specializing in security architecture, compliance, and threat response, with deep expertise in building resilient systems that protect against emerging threats. As a CISSP-certified professional with GIAC credentials in incident handling and forensics, I bring both technical depth and governance expertise to engineering leadership roles. I architect and implement security solutions that balance rigorous compliance requirements with rapid delivery, leveraging AI-enabled development practices (GitHub Copilot, Claude/ChatGPT) to accelerate design, implementation, and security validation.

Creating successful security solutions requires proactive threat modeling, cross-functional leadership, and the discipline to demand excellence. I drive architectural decisions across security, engineering, and compliance teams, transforming security requirements into scalable technical solutions. From endpoint visibility and malware analysis platforms to automated threat response systems, I deliver results that reduce risk while enabling business agility.

Key contributor to Cisco Orbital Remote Scripts for scalable endpoint remediation and threat response. Security Officer for Cisco Secure Malware Analytics, ensuring platform compliance and security architecture integrity.

My heart is in the work.

Certifications

Skills

  • Security & Compliance: CISSP, Risk Management, Governance, Incident Response, Digital Forensics, Compliance Auditing, NIST/ISO Frameworks
  • Technical: Osquery, Endpoint Visibility, Malware Analysis (ThreatGrid/Sandboxing), Golang, Java, Cloud (AWS), Microservices, NATS/JetStream, CockroachDB
  • Tools & Practices: Secure SDLC, Threat Hunting, API Integrations, AI-Assisted Development, Remote Collaboration
  • Golang, CockroachDB, NATS/Jetstream, OsQuery, Security, Incident Response, Forensics, Cloud, AWS, S3

Recent Training

Professional Experience

Security Officer – Cisco Secure Malware Analytics (June 2025 - Present)

Serving as Security Officer for Cisco Secure Malware Analytics (formerly Threat Grid), Cisco’s dynamic malware analysis and threat intelligence platform that analyzes files against 1500+ behavioral indicators and correlates findings across millions of samples globally. Balanced dual responsibilities spanning technical security architecture and compliance governance, ensuring the platform met rigorous security standards while integrating with Cisco’s broader threat intelligence ecosystem (Talos, SecureX, Secure Endpoint).

  • Drove compliance initiatives including risk assessments, security control validation, and alignment with NIST/ISO frameworks, working cross-functionally with engineering, operations, and governance teams.
  • Conducted security architecture reviews and threat modeling, ensuring secure design patterns for handling potentially malicious samples and protecting analysis infrastructure.
  • Established secure development practices and security validation processes for platform enhancements, balancing rapid feature delivery with defense-in-depth principles.

Senior Software Engineer – Cisco Orbital (2019 – June 2025)

Played a key role in the design and implementation of Orbital Remote Scripts, extending osquery-powered visibility into actionable remediation via Python scripting. Contributed extensively to execution engine improvements, scheduling, and API integrations, supporting rapid threat hunting and response across millions of enterprise endpoints, accelerating mean-time-to-remediate."

  • Led heavy development of Orbital Remote Scripts, core Python-based remediation capabilities powered by osquery, enabling automated threat response, endpoint cleanup, and integration with Cisco SecureX/XDR for enterprise-scale incident handling.
  • Designed and implemented features for script scheduling, linked executions, catalog enhancements, and remote result storage (AWS S3, Azure, Splunk), supporting rapid, low-disruption remediation across global fleets.
  • Applied incident response and digital forensics expertise to validate script efficacy in real-world threat scenarios, contributing to reduced vulnerability exposure and faster mean-time-to-remediate.
  • Developed Golang services for resilient, secure backend supporting Orbital’s visibility and response platform.
  • Enhanced the Golang endpoint security client for remote script support

Software Engineer / Advisory Software Engineer – IBM Hardware Management Console (2007-2019)

Contributed extensively over 12 years to the development and enhancement of IBM’s Hardware Management Console (HMC), the dedicated appliance for managing IBM Power Systems (including logical partitions, virtualization, and secure remote administration); built and maintained Java/J2EE web applications using Servlets and Vaadin for intuitive, standards-compliant user interfaces, while ensuring robust, secure code for enterprise-scale hardware control and high-availability operations.

PNC (2005-2007)

Played a pivotal role in building the J2EE WebLGY application from inception to deployment for the Veterans Administration Loan Guaranty program at PNC, delivering secure Java-based solutions with integrations to financial institutions and controlled access to sensitive mortgage and veteran information in a highly regulated environment.

Software Developer at nFusion (2000-2005)

Joined a tiny marketing startup and contributed to its growth to ~50 employees by leading website development (including custom e-commerce with SQL backend), managing Linux servers/email/datacenters, and delivering reliable digital solutions for clients.

Publications

Education

Carnegie Mellon University

  • Bachelor’s of Science in Information and Decision Systems (Granted 2000)
  • Computer Science minor