I'm a technologist moving into infrastructure engineering and cybersecurity, with a growing focus on securing AI infrastructure. My background spans web development and IT support, and I'm building toward roles in cloud security, platform engineering, and security operations. I think about systems holistically: how they connect, how they fail, and how to make them observable and defensible.
I currently work in IT Support while completing the TKH Innovation Fellowship 2026 (cybersecurity cohort, graduating September 2026), where I'm in Phase 2 working through cloud networking and AWS VPC design. Alongside the fellowship I run a self-hosted homelab on Proxmox where I build, break, monitor, and now host local AI models.
- π‘οΈ Security Operations: SIEM, IDS/IPS, alert triage, incident response
- βοΈ Cloud Security: AWS & Azure architecture, IAM, VPC design, GuardDuty, Security Hub
- π€ AI Infrastructure Security: self-hosted LLM deployment, hybrid local-to-cloud routing, prompt-injection testing, non-human identity (NHI) and MCP security
- π₯οΈ Linux & Infrastructure: system administration, hardening, scripting
- π Networking: OSI model, TCP/IP, subnetting, CIDR, DNS, packet analysis
- π§ DevSecOps: Docker, Kubernetes, Terraform, CI/CD pipeline security
- βοΈ Automation: Python and Bash scripting for security and ops workflows
SOC & detection:
- SOC homelab: Wazuh + Suricata + Zeek + Grafana + TheHive + Shuffle (SOAR) on Proxmox VMs and LXCs
- Detection engineering: custom Suricata rules, ATT&CK-mapped alerts, Atomic Red Team simulations
- Cloud security: secure auth architecture on AWS and Azure with IAM least privilege, WAF, and GuardDuty
Foundations:
- OverTheWire Bandit for Linux command fluency, plus Python through hands-on scripting projects
| Layer | Tools |
|---|---|
| Virtualization | Proxmox VE |
| VMs / LXCs | Kali Linux, Ubuntu Server, Docker LXC |
| Local AI / ML | Ollama, llama.cpp, Open WebUI, ROCm (AMD GPU), Gemma 4, Qwen 3.5, DeepSeek-R1 |
| SIEM / Monitoring | Wazuh, Grafana + Prometheus |
| Network Security | Suricata (IDS/IPS), Zeek (traffic analysis), Wireshark, tcpdump |
| Incident Response | TheHive (case management), Shuffle (SOAR), Cortex |
| Endpoint | LimaCharlie (EDR), Atomic Red Team |
| AppSec | Burp Suite, DVWA, WebGoat, OWASP ZAP |
Host (PVE2): Ryzen 5 5600 Β· 16GB RAM Β· RX 6600 XT (8GB VRAM) running local GPU inference via ROCm.
- π ISCΒ² Certified in Cybersecurity (CC): in progress
- βοΈ AWS Solutions Architect Associate (SAA-C03): targeting Q4 2026
- πͺ Microsoft Azure Administrator (AZ-104): targeting Q4 2026
- π‘οΈ CompTIA Security+: planned for Q1 2027
