As an AI Penetration Tester for the TrIP Offensive Cybersecurity Team, I discover and exploit end-to-end vulnerabilities to assess the security of AI systems. My responsibilities include executing Red Team operations on production AI systems using real-world adversarial tactics and techniques to identify failures. I develop tools and techniques to scale and accelerate offensive emulation and vulnerability discovery specific to AI systems. Additionally, I collaborate with cross-functional teams to measure and mitigate these vulnerabilities, ensuring robust security measures. I stay current with penetration testing tools, methodologies, and emerging threats, conducting research to inform the organization and improve red teaming efficacy and accuracy. My work involves producing high-quality papers, presentations, and recommendations for key stakeholders while leveraging the latest trends and identifying opportunities for attack in collaboration with other Offensive Security personnel at Microsoft.

• Spearheaded the development and implementation of a comprehensive penetration testing program for an international fintech company, identifying and mitigating critical vulnerabilities in web applications, mobile platforms, and cloud infrastructures, resulting in a 40% improvement in system security within the first year.• Designed and executed advanced red team exercises across global financial systems, successfully simulating cyber-attack scenarios to test the resilience of security measures. This proactive approach led to the discovery and rectification of previously undetected security gaps, significantly reducing potential financial and reputational risks.

Senior DevSecOps Engineer . • Led the integration of security into the DevOps lifecycle for a leading digital lending platform, implementing automated security scanning and compliance checks within CI/CD pipelines. This initiative drastically reduced deployment times by 30% while ensuring robust security posture, enabling swift yet secure product releases.• Conducted comprehensive offensive security assessments and ethical hacking campaigns to identify and exploit vulnerabilities in the digital lending company's infrastructure. Developed custom scripts and utilized cutting-edge penetration testing tools, contributing to the strengthening of defenses against APTs and ransomware attacks, and ensuring the integrity and availability of critical financial services.

• Orchestrated the end-to-end project management of vulnerability assessments, penetration testing, and ISO 27001 security auditing processes for a pioneering virtual real estate company. This included coordinating with cross-functional teams to ensure comprehensive coverage of digital assets and compliance with international security standards, resulting in zero breaches over the project lifecycle.• Implemented a strategic project framework that facilitated the timely and budget-conscious delivery of security initiatives, enhancing the company's cybersecurity posture while supporting rapid virtual property expansion. This approach led to the identification and remediation of critical vulnerabilities, significantly mitigating risk exposure.• Fostered a culture of continuous improvement and knowledge sharing within the organization by leading workshops on best security practices and emerging threats. This initiative improved team capabilities and awareness, contributing to the development of a resilient security infrastructure capable of adapting to new challenges in the virtual real estate market.

• Led a Reconnaissance, Surveillance, and Target Acquisition (RSTA) company as an Army Ranger Reconnaissance Commander at U.S. Army, McChord, WA, overseeing the strategic operations and security management of 150 personnel and assets valued over $150MM. Developed and executed comprehensive security strategies to safeguard sensitive information and critical infrastructure• Spearheaded the planning, deployment, and management of enterprise-level cybersecurity operations across both foreign and domestic environments. This included the secure integration and maintenance of Secure Internet Protocol Router Networks (SIPRNet), Citrix Systems, Non-classified Internet Protocol (IP) Router Networks (NIPRNet), and advanced 3G/4G Mobile Networks, ensuring uninterrupted communication and data integrity under high-threat conditions.• Applied rigorous IT security management principles to the establishment and enforcement of robust network security protocols, effectively mitigating risks and protecting against cyber threats. Led the team in implementing cutting-edge cybersecurity measures, contributing to the development of a resilient IT infrastructure capable of supporting complex military operations.