About Me
I'm a Security Engineer focused on detection engineering: building and tuning SIEM correlation rules, EDR and IDS detections, and high-fidelity alerts mapped to MITRE ATT&CK. I pair that with security engineering work—instrumentation, defensive architecture, and SOAR—to turn telemetry into reliable detection pipelines and faster response.
What I'm Doing
Detection Engineering
Authoring and tuning detection logic across SIEM, EDR, and network sensors—correlation searches, behavioral rules, false-positive reduction, and MITRE-aligned coverage.
Threat Hunting
Hypothesis-led hunts across endpoint, network, and SIEM telemetry—surfacing stealthy behavior that slips past alerts, tied to MITRE ATT&CK to close coverage gaps and shorten dwell time.
Security Engineering
Designing visibility and controls end-to-end: log pipelines, endpoint and network instrumentation, and integrations that keep detection and response workflows dependable.
SOAR Automation
Designing and operating SOAR playbooks with Shuffle, Tines, and n8n to enrich high-fidelity alerts, orchestrate cross-tool response.