$ whoami
I am a senior Security-First Software, Application Security (AppSec) Engineer, and a Penetration Tester with over 9 years of experience building and securing robust digital ecosystems. My journey began in the trenches of backend development, and it has evolved into a passion for bridging the gap between high-performance code and ironclad security.
With a deep-rooted “geek” mindset, I don’t just write applications—I deconstruct them. I specialize in identifying vulnerabilities before they become threats, leveraging a unique blend of developer intuition and a researcher’s curiosity.
Technical Expertise
-
I have a polyglot background in programming and infrastructure, allowing me to audit and secure complex environments:
-
Languages & Frameworks: Expert-level proficiency in Node.js (Express, NestJS) and PHP (Laravel). I am also fluent in reading and auditing Java (Spring Boot) and C# (ASP.NET).
-
Cloud & DevOps: Extensive experience managing scalable infrastructure using Docker and AWS (ECS, EC2, S3, ALB, Route 53, and CloudWatch).
-
AI-Driven Security: I actively integrate Generative AI (GPT, Gemini, Claude) to perform agentic code generation and automated security analysis, staying at the forefront of the shifting tech landscape.
Security Credentials & Research
My approach to security is hands-on and offensive-minded. I thrive in competitive environments and have a proven track record in platforms like Hack The Box (HTB) and PortSwigger Academy.
Professional Certifications:
- CPTS (Certified Penetration Testing Specialist)
- CWES (Certified Web Exploitation Specialist)
My Philosophy
In an era where AI is rapidly changing how we build software, I believe the role of the security engineer is more critical than ever. As the sole security lead in my current professional engagements, I focus on building a “Security Culture” where code isn’t just functional—it’s resilient. Whether I’m hardening a CI/CD pipeline or performing a deep-dive manual code review, my goal is to ensure that innovation never comes at the cost of integrity.