Une décennie d'ingénierie de sécurité, de construction de plateformes et de leadership.

• Designed and implemented an AWS access control and identity framework enforcing least privilege, zero trust, and zero standing privilege (ZSP) principles across cloud-native workloads
• Designed and implemented a risk-based vulnerability management solution using reachability and exploitability metrics, driving a 90% reduction in code flaw backlog
• Operated and maintained security infrastructure as code using Terragrunt, ensuring continuous threat detection, policy enforcement, and uninterrupted security coverage
• Delivered application security (AppSec) solutions directly to development teams, integrating security tooling into existing pipelines to shift security left and reduce remediation costs
• Deployed and operated Web Application Firewall (WAF) rules and managed threat detections across a modern SIEM & SOAR platform, enabling rapid response to emerging attack surfaces
• Engineered automated compliance frameworks for continuous, audit-ready proof collection of SAST, SCA, and software licensing — eliminating manual evidence gathering and accelerating compliance programs

• Singlehandedly architected and launched an InsurTech platform from the ground up, delivering 99.9% availability, scalable endpoint services, serverless AI inference, big data ingestion pipelines, and a Forensic Security Operations Center (FSOC)
• Designed and operationalized an AI inference testing lab for active malware detection, improving true positive rates by 5% and reducing false positives by 10%
• Drove end-to-end compliance single-handedly, obtaining SOC 2 Type 1 within 3 months, SOC 2 Type 2 within 1 month post-observation, and HIPAA compliance within 2 weeks
• Authored and embedded organizational best practices across incident response, continuous delivery, and technical SOPs — establishing standards adopted at the leadership level
• Executed a strategic infrastructure cost optimization initiative, achieving 40% month-over-month cost savings

• Led a security analyst team within an SRE organization through a Big Tech acquisition, ensuring vulnerability management requirements were met and delivering comprehensive audit reporting
• Spearheaded a large-scale cloud uplift initiative that reduced total cost of ownership by 20% and cut audit cycle time by 50%
• Automated end-to-end vulnerability management workflows, reducing mean time to patch (MTTP) by 33% and enabling daily zero-day reporting to security leadership
• Aligned AI-based solutions with enterprise security and privacy frameworks, achieving compliance across PCI DSS, HIPAA, ISO 27001, SOC 2, and HITRUST

• Led a cross-functional developer team within an incubator using Agile methodology to deliver scalable software solutions across platform pillars — identity, policy, data storage, and security
• Architected a hybrid private PKI solution achieving full X.509, ACME, and FIPS 140-2 compliance for seamless on-premises and public cloud deployment
• Engineered a high-performance policy engine for a Fortune 500 client’s physical access control system, meeting stringent cost targets ($0.01/user) and a 99.99% availability SLA
• Drove major architectural refactoring of the company’s core access control platform, applying Domain-Driven Design (DDD) and event-driven architecture principles to improve scalability and maintainability
• Delivered IoT integration for third-party access control software on integrated systems, leveraging functional programming paradigms to improve code reliability and maintainability

Azure Security Engineer Associate certification covering identity and access management, platform protection, security operations, and data and application security.

Cryptoworks21 program — advanced training in cryptography and quantum-safe security.

Master of Science in Computer Science with a focus on Quantum Computing.

Bachelor of Science in Physics and Computer Science.