I combine a deep understanding of security principles with hands-on development skills. From IAM and RBAC implementation to AppSec reviews and audit logging—I build security into systems from day one, not as an afterthought.
Combining hands-on engineering experience with a security-first mindset to protect systems and data.
Azure Entra ID, OIDC/OAuth, RBAC implementation, SSO configuration, and access governance.
Secure-by-design development, vulnerability assessment, authorization enforcement, and security testing.
Azure security configuration, secure migrations, infrastructure hardening, and cloud-native security controls.
SIEM operations (Splunk, Dynatrace), audit logging, detection engineering, and alerting strategies.
Investigation workflows, forensic analysis, incident documentation, and coordinated response.
Security-focused work demonstrating real-world skills
A Secure-by-Design SOAR platform featuring Microsoft Entra ID (Azure SSO) authentication, real-time threat detection (impossible travel, privilege escalation), RBAC with least-privilege, and IDOR protection. Includes SAST/DAST scanning with Bandit and OWASP ZAP.
View Case StudyGreat security isn't about adding controls after the fact—it's about designing systems that are secure by default. My background blends formal cybersecurity education with real-world engineering experience, allowing me to bridge the gap between security requirements and practical implementation.
B.B.A. in Cyber Security from UTSA with coursework in network security, IDS/IR, and digital forensics.
Security engineering at GM, implementing RBAC, Azure SSO, SIEM operations, and supporting incident response.
I don't just audit code—I write secure code. TypeScript, React, Astro, Python, and infrastructure automation.