About

I'm currently a cyber lead / L3 tech at Propulsion Tech, a next-gen MSP helping organizations focus on advanced cybersecurity, compliance, and AI & Automation. Day to day that means managing the security stack, building MCP clients and servers, detection pipelines, and red-team evaluations that turn frontier models into something a SOC can actually rely on. Most of the work lives in the Microsoft stack — Defender XDR, Sentinel, Entra — because that's where the customers are. I also operate a full MSP security stack day to day: Huntress (EDR, ITDR, SAT), ThreatLocker for zero-trust app control, and a long tail of email-security, DLP, and RMM/PSA tools that I won't bore you with here. Currently studying for SC-200.

How I think about this work

The interesting thing about doing this work inside an MSP is that you can't hide behind theoretical threat models. Every detection has a customer attached. Every false positive is a real analyst getting paged at 2am. That constraint makes the AI-security questions sharper than they are in a vacuum — you can't ship a clever evaluation harness if it doesn't survive contact with a fifteen-tenant queue on a Monday morning.

How this site is built

Strict Content-Security-Policy. HSTS preload. No third-party trackers. The headers are the proof. I do not ship personal infrastructure that fails Mozilla Observatory.

The rest of the working history is on LinkedIn. The interesting parts are on GitHub.