About Me

I’m a cyber security engineer with a strong focus on proactive defence, incident response, enabling and improving security operations across many, at times complex environments.

Currently, my day-to-day revolves around:

• Vulnerability management - identifying, tracking, and prioritising risk across assets
• Compliance Preparation PCI & Cyber Essentials (UK) - Creating solutions around compliance requirements for clients.
• Strategic security planning - aligning technical controls with business risk and security goals
• XDR platform administration and tuning - managing detections, triage workflows, and analyst enablement
• Incident response - investigating and containing threats across endpoint, email, and cloud surfaces
• Playbook development - creating actionable, modular documentation for service desk teams and first responders

I hold multiple SANS certifications, and my learning journey hasn’t stopped since or did not start there. I’ve been self-studying cyber security for years — experimenting, reading case studies, building labs, and attacking machines I own using modern attack techniques so I can learn how to defend against them as they come out.

My technical background includes:

• Scripting & automation (Python, PowerShell, Bash)
• Detection engineering (writing rules, fine-tuning SIEM/XDR detections)
• Security tooling (EDR, SOAR, threat intel platforms)
• Cloud & hybrid environments (Azure, Microsoft 365, email authentication)
• Traditional On-Prem AD (GPO and basic auditing)
• Perimeter Techonology (Firewall and Router Security)

What drives me is the continuous challenge of staying ahead of adversaries — and turning complex problems into clear, repeatable processes that improve security without slowing down the business.

If you’re interested in collaboration, threat sharing, or nerding out over detection logic, I’m always open to a chat.