Blue Team

Defense With Purpose

Cybersecurity isn’t just about firewalls and logs — it’s about protecting people, systems, and mission-critical processes from real harm. My background in emergency response taught me that clarity, speed, and trust are essential under pressure. I bring that same mindset into every defensive engagement I lead.

Cybersecurity defense graphic

Email Security

I manage the full stack — from secure gateways to M365 hardening. I tune rulesets, enforce policies, and monitor mail flow behaviors to proactively detect impersonation and payload-based threats. From detection to user education, I handle every aspect of phishing defense.

My Defensive Toolkit

I work across the defensive stack — from endpoint to email to cloud — applying layered defense and adaptive response principles.

  • Security Monitoring

    Analyze logs, refine detections, and hunt for threats across diverse telemetry sources.

  • Endpoint Defense

    Respond to alerts, investigate suspicious behavior, and enforce policy through endpoint tooling.

  • Email Threat Protection

    Manage phishing defense — from secure gateway tuning to message trace analysis and impersonation detection.

  • Scripting & Automation

    Write utility scripts to speed up analysis, automate responses, and parse data efficiently.

  • Threat Emulation

    Apply red team awareness to better defend — using simulated adversarial behavior to harden defenses.

  • Cloud Security

    Secure identity and access across cloud services, configure policies, and monitor risky behaviors.

Real-World Scenarios

Defense is more than tools — it's calm clarity in moments of chaos. Here's how I respond when it counts.

🔗 Credential Phishing Campaign

A multi-user phishing attempt triggered elevated login risk indicators. I isolated impacted users, reviewed login metadata, reset MFA, and traced the lure to a compromised third-party site. I tuned detections and led a company-wide awareness update within 24 hours.

📩 Insider Email Impersonation

A convincing spoof email tried to initiate wire fraud. I inspected headers, identified a spoofed vendor, blocked the domain, and followed up with internal education and sender authentication policy adjustments.

⚙️ OT/IT Segmentation Response

Scanning activity from an IT host near OT assets raised red flags. I validated network paths, confirmed it was a misconfigured monitor, then proposed enhanced firewall segmentation and traffic rules to leadership.

Defensive Philosophy

Every control, every script, every email I secure — it’s not just about uptime. It’s about protecting the mission and the people behind it.

“Defense is more than just a job. It's a discipline, a culture and a responsibility.”

My approach is rooted in service. I protect systems because they power missions. I investigate not just to find answers, but to keep people safe and informed. Whether I’m triaging phishing attempts, configuring mail flow, or writing detection logic, I treat it with purpose.

Coming from physical security and EMS, I’ve lived the stakes of getting it right under pressure. I bring that urgency and clarity to every control, alert, and strategy conversation I enter.

Let’s Talk Blue Team

If you're building secure systems or need a resilient defender on your side, I’d love to connect.