8+ years leading technology operations, currently at Synchrony as a Systems Engineer while completing my M.S. in Cybersecurity at NYU. I build production AI tools, database systems, and security workflows — bridging hands-on technical depth with senior leadership communication.
Production systems across AI, security, databases, and data science. Each one is real and documented.
Full-stack helpdesk with a 7-table normalized MySQL database, role-based agent management, SLA enforcement, audit-trail status history, and an Analytics dashboard. Includes stored procedures, triggers, views, and functions — all running live on production hosting.
A Retrieval-Augmented Generation chatbot for SOC analysts. Ask questions in plain English — it searches your knowledge base using FAISS vector search and responds with structured triage guidance. Knowledge packs cover Splunk SPL, SOC playbooks, AWS security, IAM, and MITRE ATT&CK.
Linear regression model predicting building heating and cooling loads from structural features. Full pipeline: data cleaning, feature engineering, model training, residual analysis, and performance evaluation. Built and deployed on GitHub.
Deployed a cloud SIEM on Azure to collect security events, validate alerting workflows, and build triage runbooks. Bridges academic security concepts with real cloud infrastructure hands-on.
Apple Watch + iPhone app leveraging HealthKit and optional Dexcom CGM integration. Four-layer architecture with a Claude API-powered coaching feature for personalized health prevention guidance.
SEED Labs implementation using Python and Scapy inside Docker containers. Network-layer packet capture, filtering, analysis, and ARP/IP spoofing in a controlled lab environment.
Live AWS threat detection environment using GuardDuty, CloudTrail, and SNS alerting. Simulates real attack scenarios — credential stuffing, S3 exposure, IAM abuse — and maps each finding to a MITRE ATT&CK technique with a documented triage runbook.
Deception-based detection system using planted IAM credentials, S3 objects, and EC2 keypairs as honeytokens. Any access attempt triggers CloudTrail → Lambda → immediate SNS alert with full context — IP, user-agent, region, and timestamp. Includes a response playbook for each tripwire type.
Infrastructure-as-code that provisions a secure AWS environment from scratch — VPC with private/public subnets, least-privilege IAM roles, locked-down S3 buckets, CloudTrail logging, and GuardDuty enabled by default. Fully version-controlled and redeployable in minutes.
Automated Python tool that queries AWS APIs and benchmarks your account against CIS AWS controls — S3 policies, IAM password policy, MFA enforcement, root account usage, open security groups, and CloudTrail status. Outputs a scored HTML report with pass/warn/fail per control and remediation steps.
SOC intelligence tool unifying physical identity (LenelS2 OnGuard PACS) with digital identity (SSO/Active Directory). Features real-time identity resolution, automatic SIEM alert enrichment with physical context, and cross-correlation anomaly detection — flagging impossible travel, off-hours access, and credential anomalies.
Live demonstrations of the AI tools I've built — from SOC analyst assistants to RAG pipelines and agentic workflows.
SOC RAG Assistant — powered by LangChain · FAISS · HuggingFace all-MiniLM-L6-v2 · GPT-4o-mini. Running live on Streamlit Cloud.
Ask anything about phishing triage, Splunk SPL hunting queries, MITRE ATT&CK mapping, AWS CloudTrail events, or IAM fundamentals — answers pulled from curated SOC knowledge packs, not general training data.
▶ Launch Live App →Opens in new tab · Selectable knowledge packs · Evidence sources · Conversation history
How the SOC RAG Assistant processes your question — from raw text to structured analyst guidance:
KNOWLEDGE PACKS LOADED
RAG pipeline architecture — from analyst query to structured SOC output:
The key innovation: instead of relying on the LLM's general knowledge, it only answers from your curated documents — making responses accurate, auditable, and domain-specific.
8+ years across IT operations, enterprise security, and AI enablement in regulated and high-volume environments.
Technical depth across security operations, AI engineering, development, and infrastructure.
Active certifications and completed training programs.
Strong academic record across three institutions.
Open to senior leadership conversations, full-time roles in cybersecurity or AI engineering, and collaboration on security tooling or GenAI projects.