Director of Managed Security Operations with deep expertise in SOC operations, detection engineering, and MSSP service delivery.
I lead SOC operations at scale, overseeing managed security services across diverse environments. My work sits at the intersection of detection engineering, team development, and operational excellence.
I specialize in building out threat detection programs, optimizing SIEM and EDR tooling, and developing the people and processes that make security operations actually work. I bring an engineering-minded approach to everything from staffing models to incident response.
Currently focused on detection-as-code practices, SOC automation, and advancing the maturity of managed security delivery.
Leading SOC operations at scale. Overseeing detection engineering, staffing models for 24x7 coverage, and MSSP service delivery. Driving adoption of detection-as-code and SOC automation initiatives. Primary toolset includes Splunk, Microsoft Defender/Sentinel, and CrowdStrike.
Replace this section with your earlier career history. Include key accomplishments, team sizes, and technologies you worked with.
Building and managing 24x7 security operations centers, staffing models, shift handoff processes, and analyst development programs.
Threat-informed detection development, detection-as-code practices, SIEM content engineering in Splunk and Sentinel.
Deep expertise in Splunk, Microsoft Defender, Microsoft Sentinel, and CrowdStrike Falcon across enterprise environments.
Scaling managed security services with consistent quality and operational maturity across diverse environments.
Root cause analysis, escalation frameworks, and building repeatable IR processes across complex environments.
Evaluating and implementing SOAR and triage automation platforms to accelerate SOC workflows and reduce noise.
I'm open to conversations about security operations leadership, detection engineering, and building high-performing security teams. Reach out below or connect with me on LinkedIn.