I'm based in San Diego and have worked in cybersecurity for the majority of my career. I've done security consulting work - including red team and penetration testing, policy and GRC work, and building technical teams for incident response and other security functions.
When I'm able, I try to compete in the occasional CTF and particularly like towrite detailed solutions that actually explain the methodology, not just the flag. They cover memory forensics, network analysis, reverse engineering, cryptography, and industrial control systems. I use tools like Volatility, Wireshark, and custom Python scripts to solve challenges and document the process.
I've written up competitions including HouSecCon, LayerOne, and others. I do it both to learn and hopefully help others—I try to explain not just what I did, but why it worked and how you could apply the same techniques elsewhere.
Sometimes I write about projects I'm working on or other technical topics that seem worth documenting. I also read a lot and write reviews to help me remember what I learned. These range from cybersecurity texts to sci-fi to philosophy.
Most of my technical background is in cybersecurity, product security, and governance these days but I used to do a lot of sysadmin and I dabble with the occasional software development project. I'm interested in understanding how systems work, where they break, and how to fix them.