Profile
My work centers on protecting operations that cannot fail. I partner with plant engineers, site leads, and executive stakeholders to define threat models, validate controls, and implement practical security roadmaps.
I bring a balanced offensive and defensive perspective: years of penetration testing and red teaming combined with architecting resilient systems for regulated industries.
Operating Principles
- Lead with context first. Understand the business process and constraints before prescribing controls.
- Deliver measurable outcomes. Every engagement ends with metrics that track resilience over time.
- Invest in enablement. Documentation, workshops, and tabletop exercises turn improvements into habits.
- Build for the long game. Favor changes that scale, automate, and reduce toil for operators.
Engagement Highlights
- Designed an OT security reference architecture adopted across 12 production plants within one fiscal year.
- Created a red team maturity roadmap that guided clients from pilot exercises to continuous purple teaming.
- Advised on managed detection and response onboarding, including log strategy, playbooks, and success metrics.
Speaking and Writing
- SecCon Europe 2024: Securing converged networks without halting production.
- ICS Village Workshop: Rapid threat modeling for OT operators.
- Blog series: Practical playbooks for bridging SOC and plant operations.
Community and Mentoring
I actively contribute to local security meetups and mentor practitioners entering the OT security space. Recent efforts include building lab environments for training and releasing open source tooling for asset profiling.