A decade in cyber threat intelligence.
From front-line malware analysis to agentic AI for analyst workflows, built end-to-end.
-
Feb 2021 — Present
Product Researcher & Innovation
Cyber threat intelligence vendorDesign and ship AI systems that combine LLMs, RAG, structured extraction, tool orchestration, and verification, applied to autonomous feed enrichment, AI-assisted investigation flows, and knowledge-driven assistants for analysts. Built the original NER models for malware and threat-actor entity extraction.
- Python
- LLMs / RAG
- OpenAI Agents SDK
- Model Context Protocol
- spaCy / NER
- PostgreSQL
- FastAPI
-
Feb 2017 — Feb 2021
Malware Researcher / Technical Lead
Cyber threat intelligence vendorLed reverse-engineering work on advanced malware (process injection techniques, API hooking, anti-debugging and anti-VM mechanisms, and unpacking strategies) and shaped the analytical playbook used by the wider research team.
- IDA Pro
- x86 / x64
- Windows internals
- Reverse engineering
- YARA
- Python
-
Dec 2014 — Feb 2017
Malware Analyst
Cyber threat intelligence vendorProduced technical reports on ransomware, botnets, exploit kits, and remote-access trojans. Identified and extracted indicators of compromise and authored YARA rules used for internal infection detection.
- YARA
- Sandboxing
- IOC extraction
- Threat reporting
-
2014
Research Intern — Secure Virtual Cloud Project
Public research labAutomated test campaigns to assess the robustness of target infrastructure defense mechanisms using the Metasploit framework.
- Metasploit
- Linux
- Python
- Test automation
The detailed resume goes deeper.
Bullet-by-bullet experience, selected AI & cybersecurity systems, the consolidated technical stack, and education.