whoami // 0x00000400 permissions read only
Both sides of the glass
I started by standing post — a security guard watching a door, protecting people and property the old-fashioned way. Now I’m the one getting through the door, breaking into networks before real adversaries can. The path between those two points shapes how I work.
I’ve lived on both sides of the glass. On defense I ran 24/7 threat detection inside Google’s Global Security Operations Center — global data centers, executive protection across four continents, corporate investigations, and security teams under pressure. Then I crossed to offense, because the best way to defend something is to understand exactly how it falls.
Today I run full attack-lifecycle engagements across enterprise infrastructure, Active Directory, web, API, and cloud — initial access, privilege escalation, lateral movement, persistence, the whole chain. I build my own tooling when off-the-shelf won’t cut it, and every finding maps back to MITRE ATT&CK so it becomes a fix, not a report that collects dust. I speak fluently to the blue team because I was the blue team.
The fun is the break-in. The value is the fix.