Engineering for an Internet that doesn't play nice

Technical Leader · AI Systems · Detection at Scale

I lead small teams building AI-assisted security systems for noisy, adversarial environments. I help analysts, engineers, product teams, and partners turn good ideas into shipped solutions.

See selected work Contact
/ 01 · Selected work

Case studies from systems shipped at scale

A few systems I've built, scaled, and shipped. All examples are sanitized.

Outcomes from the cases below
~30×
increase in adversarial campaign visibility
65%
faster detection-response resolution
Global
child-safety data leveraged by partner organizations
CASE 01 Threat intelligence Global spamtrap footprint
World map highlighting global spamtrap coverage across multiple regions

Expanding Threat Visibility

Problem

Limited visibility into adversarial email campaigns left detection teams reacting to fragments of the threat landscape.

Solution

Designed and operated a Databricks-based spamtrap pipeline for threat collection and analysis, turning a sparse signal into a continuous, high-volume stream of campaign telemetry.

~30× increase in campaign visibility
Continuous adversarial telemetry
↑ Top
CASE 02 Gen-AI tooling Closed-loop rule generation
Ticket intake
Gen-AI rule generation
Deterministic validation
Analyst feedback

Accelerating Detection Response

Problem

The support desk needed a way to convert campaign evidence into detection coverage that was fast, repeatable, and didn't escalate every case to engineering.

Solution

Built a foundation-model rule generator with deterministic validation, structured feedback, and dynamic content enrichment. The rule-based validation layer kept the model honest and the output production-ready.

Cut resolution time by 65%
Materially decreased escalations
↑ Top
CASE 03 Trust & safety Correlated abuse infrastructure
Network graph visualization of correlated abuse infrastructure

Supporting Global Child Safety

Problem

Online abuse networks rapidly shift infrastructure to evade detection. Static signatures and one-off takedowns can't keep up.

Solution

Analyzed telemetry to connect related accounts, domains, and infrastructure, then turned those patterns into detections partners could act on as networks changed.

Supporting
National Center for Missing & Exploited Children (NCMEC) INTERPOL Thorn
↑ Top
/ 02 · Background

Two decades of building systems where reliability isn't optional

From SDR architectures to AI-driven detection pipelines. A working history of shipping at scale.

2019–Present

Cybersecurity AI Researcher

Cisco Talos

  • AI / LLM pipelines
  • Attribution at scale
  • Detection engineering
2014–2019

Principal Engineer

Feather Information Technology, Government Programs

  • Infrastructure emulation
  • Multi-stage attack workflows
  • Rapid-response tooling
2013–2014

Systems Engineering Technical Advisor (SETA)

TASC

  • Tactical SDR architecture
  • ~$20M program
  • Signal processing pipelines
2007–2013

Senior Software Engineer

Lockheed Martin

  • Large-scale deployment
  • Lifecycle automation
2004–2007

Web Developer

State of Oregon

  • Web automation
  • Input validation
2000–2003

Technical Assistant

Dallas School District #2

  • Sysadmin
  • End-user support
Notable
Education
  • MS, Cybersecurity Johns Hopkins University
  • BS, Computer Science Oregon State University
When I'm not at a terminal
  • 12 yrs coaching K–8 soccer
  • 9 yrs mentoring middle-school students in my church youth group
/ 03 · Contact

Let's talk.

I'd love to hear what you're working on, especially if it involves adversarial data, large-scale detection, AI-assisted investigation, or production systems that need to hold up under pressure.

Columbia, MD hello@grayarea.dev

mailto resume.pdf portfolio.pdf