RootReap3r.
Focus areas
Nation-state TTP attack engine
Built a red team engine auto-generating live attack scenarios from nation-state TTPs via MITRE ATT&CK/ATLAS, compressing adversary emulation cycles from weeks to hours.
RAG & MCP exploitation research
Red-teamed multi-modal RAG pipelines and MCP exploitation chains on nuclear-classified infrastructure; hardened findings into enforceable governance controls.
TS/SAP vulnerability discovery
Surfaced previously unknown TS/SAP vulnerabilities through adversarial analysis beyond automated tooling, converting findings into IR tabletop scenarios to close gaps before nation-state exploitation.
NC3 / nuclear ATO authorship
Authored ATO packages (~2,500 controls, SCTMs, SSPs) as Lead ISSO for Sentinel and Nuclear Command & Control programs. Performed 2,730 adversary-informed Security Impact Assessments, correlating 524 ACAS scans and 476 audits.
Experience
Senior Cybersecurity Engineer · Accenture Federal Services
Built a red team engine auto-generating live attack scenarios from nation-state TTPs via MITRE ATT&CK/ATLAS, compressing adversary emulation cycles from weeks to hours. Red-teamed multi-modal RAG pipelines and MCP exploitation chains on nuclear-classified infrastructure. Performed 2,730 adversary-informed Security Impact Assessments across unclassified/Secret/TS-SAP environments, correlating 524 ACAS scans and 476 audits. Authored ATO packages (~2,500 controls, SCTMs, SSPs) as Lead ISSO for Sentinel and Nuclear Command & Control programs.
Security Program Manager · DS&S
Directed personnel, physical, information, cyber, and operations security programs from the ground up across SCIF/vault operations and classified courier. Owned security for $43M SAP/TEMPEST facilities safeguarding 2,350+ AFNWC personnel and Restricted Data nuclear weapon design assets, with zero attributable incidents.
Cybersecurity Automation Lead · Sebastian Tech Solutions (DISA)
Built SOAR automation and scripting for triage, remediation, and access provisioning across DISA — White House, Pentagon, 7th Fleet.
Cybersecurity Incident Response Lead · Netflix
Investigated 900+ compromised accounts and dismantled credential-stuffing campaigns via IP correlation and behavioral fingerprinting, converted into SIEM detection signatures.
Cybersecurity Incident Response Lead · Results Company
Conducted root-cause analysis and dwell-time elimination across firmware, OS, application, Windows, Linux, and network layers.
Projects
AI-Powered Active Defense & Threat-Hunting Platform
Multi-source detection engine (Windows Event Logs, Sysmon, Linux auditd, PCAP/Zeek) with 20 behavioral signatures (Cobalt Strike, Sliver, Metasploit, Mimikatz, BloodHound) and ML-based jittered-beacon detection via inter-arrival timing analysis. Passive attacker-attribution pipeline (IP/ASN/JA3 fingerprinting, AbuseIPDB/ThreatFox/VirusTotal/Shodan cross-referencing) with kill-chain reconstruction and automated STIX 2.1/IOC reporting for FBI/CISA submission.
LLM Safety-Evaluation Harness
Falsifiable LLM safety-evaluation harness — canary-based extraction/PII/injection detection gates scored via LLM-judge quorum (precision/recall/F1) against a labeled dataset, with a recon agent hard-blocked outside an authorization allowlist even under prompt injection.
Claude-Powered Host Security Analysis
PowerShell-to-Claude pipeline for five-phase host analysis: LOLBin/fileless malware detection, MITRE ATT&CK TTP mapping, persistence/beacon analysis, executive threat reporting.
Education & Awards
M.S. Artificial Intelligence · Georgia Institute of Technology
In progress (part-time). Research: adversarial robustness and red-teaming of LLM agentic systems.
B.A.S. Cyber Operations / Defense & Forensics · University of Arizona
NSA Center of Academic Excellence in Cyber Operations; malware reverse engineering, digital forensics.
Security Team of the Year · Air Force Nuclear Weapons Center
Also: Minuteman III Personnel Award, ICBM Personnel Award.
Tooling & frameworks
certs SecAI+ (Beta Cohort) · Azure AI Fundamentals · SecurityX (CASP+) · PenTest+ · PNPT · PWPE (Early Cohort, <100 holders worldwide) · eCPPTv3
in progress OSAI+ (OffSec Offensive AI Red Teamer) · COAE (HTB AI Red Teaming)