Portfolio
Selected security engineering work — Zero Trust implementations, automation tooling, and compliance programs.
I integrate AI into security operations with a purposeful, risk-based approach. I built a custom knowledge MCP (Model Context Protocol) server that puts authoritative Zscaler and security guidance one query away, and authored a suite of AI "skills" that encode our triage decision trees for Tier 1 to 3 incidents and service tasks across internet access, private access, and endpoint clients. Connected to ServiceNow, Splunk, and Zscaler through MCP, the assistant pulls ticket context, runs the diagnostic gates, and drafts consistent, policy-aligned dispositions compressing hours of manual triage into minutes while keeping a human in the loop for every decision.
Built a custom Model Context Protocol (MCP) server that crawls and indexes ~19,000 chunks of vendor and internal security documentation into a local searchable store, giving an AI assistant instant semantic access to authoritative guidance during triage. Turned scattered PDFs and KB articles into a single queryable knowledge layer.
Authored a suite of AI assistant skills that triage Tier 1–3 security incidents and service tasks — internet access allow requests, private access connectivity incidents, and endpoint client log analysis. Each skill encodes the team's decision trees, policy gates, and approved response language, so the assistant drafts consistent, policy aligned dispositions with a human reviewing every decision.
Python CLI that ingests carrier billing documents, detects sensitive (CPNI) data patterns, and proposes ready to deploy DLP dictionary, engine, and policy configurations — including a regex compatibility checker that validates expressions against the DLP engine's constraints before they ship.
Pulled ~2 years and ~15,500 incidents and service tasks (including work note and comment journals) and analyzed them to surface recurring issue patterns and the highest value automation candidates, delivered as a prioritized report.
Designed a central policy store feeding a CI/CD pipeline that enforces security policy consistently across multiple vendor platforms (Zscaler ZIA/ZPA, firewall, CASB). Part of a cyber resiliency and disaster recovery initiative to make policy versioned, reviewable, and redeployable.
Deployed Zscaler ZIA & ZPA across legacy and data center environments, integrating SCIM provisioning with Microsoft Entra ID to enforce identity and policy based Zero Trust access.
Automated 42% of previously manual security and access management tasks, cutting response times across the security operations pipeline.
Participated in control effectiveness testing and remediation achieving 100% compliance with SOX, PCI, and CPNI requirements, and built standardized audit evidence templates adopted across the engineering org.
Designed and deployed hybrid cloud infrastructure aligned with Zero Trust principles, automating network operations and improving response times by 20%.
Led firewall and perimeter security operations for high priority applications and compliance audits, streamlining approval workflows to reduce firewall policy turnaround times by 25%.
Co-designed and built the hardware and software for a rocket-launchpad state warning system meeting USAF Space Systems Command range-safety standards (SSCMAN 91-710). Programmed safe/nominal/hazardous state change logic in Lua to drive warning lights and audio, installed and tuned a siren and speaker array (with custom circuits to oscillate siren pitch), augmented legacy wiring, and validated coverage with decibel-meter testing.
Built Splunk dashboards and recurring executive reporting that turn raw security telemetry and program status into senior leadership level visibility — from international data center web traffic monitoring to resiliency program status reporting.
Tooling & Automation: a library of PowerShell and Python utilities — port reachability testing, reverse DNS lookups, vRealize/VRA search helpers, presentation generation, and session keep-alive.