My career roots formed at MITRE as a cybersecurity engineer to fulfill a federally funded cybersecurity scholarship. There, I worked on several impactful efforts, including the industry-transforming ATT&CK® framework, while gaining hands-on experience in detection engineering, adversary emulation, and security research. After several research initiatives required custom endpoint monitoring tools, I realized that directly contributing to a vebdor in the industry was the ideal way to broaden my impact on the cybersecurity space.
This led me to Endgame research and development, where I expanded its core offering by driving design and development of critical path features. On that team, I authored numerous detections and saw a vital gap in the ability to create stateful detection logic. This led me to design the Event Query Language (EQL) with a stateful, real-time rule engine to detect and prevent malicious behavior on endpoints. To incorporate EQL across the product, I worked directly with several engineering teams and stepped into backend engineering to ensure its success.
Following Endgame’s acquisition by Elastic, integrating the Event Query Language (EQL) into the Elastic Stack became a critical initiative. Bringing EQL to Elasticsearch required embedding myself in another team, to directly develop and guide its implementation. On the endpoint side, I stepped in to lead the design of a custom interpreter, enabling faster real-time preventions and integration with the Elastic agent. These efforts significantly expanded the capabilities of the security solution, and pushed me to impact the industry further, by building security product from the ground up.
Now at Sublime, I leverage my leadership, engineering expertise, and cybersecurity background to tackle complex problems while building a next-generation email security platform.