Security Operations , Cloud & AI Security Architecture
RSOC analyst lead and CS graduate researcher. I run detection & response across 20,000+ endpoints and build at the intersection of cloud infrastructure, AI systems, and security architecture — including ThreatScaper, an AI-powered threat-intelligence enrichment tool.
Focus Areas
Detection & response, threat hunting, and malware analysis across a 20,000+ endpoint environment. Leading student analysts at a regional SOC.
Multi-cloud security and infrastructure-as-code across AWS, Azure, and GCP — Wazuh monitoring, zero-trust design, and secure connectivity at scale.
Domain-adaptive LLM pre-training and agentic tooling for security operations — from NeMo pipelines to ML anomaly detection in production defenses.
Work
AI-powered threat-intelligence enrichment tool for security and business operations — automated IOC enrichment and machine-speed triage.
Blockchain-backed IoT architecture with post-quantum crypto and ML anomaly detection, sustaining ~397 TPS.
Tines + LimaCharlie pipeline for LLM-augmented, machine-speed triage and enrichment across the detection lifecycle.
Reproduced NVIDIA's domain-adaptive pre-training pipeline for Llama 2 7B — data curation, custom tokenization, DAPT, and SFT with NeMo.
Terraform-provisioned Wazuh agents on EC2 with Tailscale for secure home-manager connectivity.
Speaking
BSides RGV 2026
2026
UTRGV STEM Conference
April 2026
6th Annual BSides RGV
May 31, 2025
Region One ESC Cybersecurity Summit
Edinburg, TX · Oct 30, 2025
Research
Training security-domain language models across multiple tenants without sharing raw data — combining federated learning with domain-adaptive pre-training to preserve privacy in multi-tenant SOC environments.
Does an AI co-presenter reduce presenter anxiety and cognitive load while maintaining audience engagement and perceived authenticity? Measured via NASA-TLX, self-report, and audience perception. Targeting CHI / CSCW.