Open to work · Remote
Detection & Security Automation Engineer
I work in security operations and build detection systems that identify real threats. My background spans business management, cloud infrastructure, and SOC analysis — giving me a view of security that goes beyond the IT department.
Based in Trinidad & Tobago · Available remotely
What I do
Custom MITRE ATT&CK-mapped correlation rules written against live endpoint data. Brute force, privilege escalation, multi-stage breach confirmation — built from evidence, not assumptions.
Detection without response is just noise. I build the workflows that classify threats, enrich alerts with reputation intelligence, and trigger automated actions — reducing manual triage.
AWS-hosted SIEM, VPC architecture, IAM policies, CloudWatch monitoring. The full stack secured from the ground up — not bolted on afterwards.
About
My path into security didn't start in IT — it started in business.
I spent several years studying and working in business management, learning how organisations actually function, how departments connect, and how processes break down when people don't understand each other. That foundation shapes everything about how I approach security today. I don't see it as an IT problem. I see it as an organisational one.
When I moved into a NOC role, then into a SOC analyst position, I carried that perspective with me. Where most technical people see a user who clicked a bad link, I see a process gap — a moment where security didn't map to how that person actually works. Bridging that gap is what I'm good at.
Outside of my day job I build. I've deployed cloud-hosted SIEM infrastructure on AWS, written custom MITRE ATT&CK-mapped detection rules in Wazuh, automated security workflows end to end, and documented everything the way a team would need to maintain it. Not because someone told me to — because I could see exactly how it would be useful.
I'm not coming from a traditional IT background. I'm coming with something harder to teach — the ability to understand a business, identify where security fits, and build something that works within it.