01 路 Core Service
AI Security Engineering
Threat modeling for LLM apps, prompt injection defenses, data leakage controls, and evals/red-teaming.
AI + Security
Build and defend AI-powered systems.
Helping teams secure LLM applications and automate security operations with practical, high-impact controls.
Threat modeling, automation with n8n, and cloud detection engineering for modern products.
12+ years 路 AI Engineer 路 Security Expert
Focus Areas
What I do
Practical services across AI security engineering, automation, and detection operations.
02 路 Core Service
Security Automation (n8n)
SIEM-driven alert enrichment, IOC triage, SAST/DAST and DevSecOps workflows, Jira/Slack orchestration, evidence collection, and reporting.
03 路 Core Service
Cloud & Detection
Monitoring pipelines, detection engineering, and incident response readiness.
Automation Playbooks
Automation Use Cases
Security automations designed for real operations. Each playbook reduces manual work and improves response quality.
- 01 路 Playbook
AI Alert enrichment pipeline
SIEM -> context enrichment -> Slack/Jira triage with severity hints and recommended next steps.
- 02 路 Playbook
Secrets & leakage validation
Automated checks for prompt/output data leakage, exposed credentials, and unsafe content paths before incidents escalate.
- 03 路 Playbook
Evidence collection for audits
Workflow-driven evidence gathering for controls, incidents, and policy checks to keep audit artifacts current and traceable.
- 04 路 Playbook
LLM Sec Ops orchestration
Operational pipelines for AI security events: prompt abuse triage, model misuse signals, escalation routing, and response playbooks.
Method
The Castle Approach (AI + Security Edition)
A practical, structured approach to secure AI systems and cloud environments while keeping delivery measurable and efficient.
- 01
Assess
Foundations & attack paths: security risk assessment and threat modeling extended to AI systems, mapping prompts, files, APIs, RAG sources, trust boundaries, and likely attacks (prompt injection, data leakage, tool abuse) across infrastructure and cloud risks.
- 02
Build
Walls, guardrails & automation: turn findings into practical implementation with access control, secrets handling, safe tool permissions, filtering where needed, and n8n automations for alert enrichment, triage routing, evidence collection, reporting, logging, and evaluation hooks.
- 03
Validate
Pressure-test the castle: validate with security testing and realistic adversarial checks, including AI red-team scenarios, misuse/abuse monitoring, and verification of incident signals, detection coverage, and auditability.
- 04
Operate
People, practice & proof: sustain playbooks, ongoing monitoring, and team training; map controls to PCI DSS / ISO / NIST where relevant, and keep documentation current for audits and incident readiness.
Want help applying this to your team?
Proof
Selected outcomes
Representative results from security and automation projects, with anonymized metrics and concrete before/after impact.
Reduced triage time by 25%
Before: analysts manually stitched context across SIEM, tickets, and chat.
After: enrichment pipelines delivered incident context and action hints in one place.
Cut alert noise by 30%
Before: high-volume low-signal alerts created fatigue and slow response.
After: automation added deduplication, prioritization, and routing logic to reduce noise.
Implemented AI security best practices for Agentic and LLM workflows
Before: AI feature risk was implicit and inconsistently documented.
After: structured threat models defined controls for prompts, tools, data paths, and response playbooks.
Next Step
Ready to secure AI systems and automate security operations?
Start with a focused review of your highest-risk workflows and leave with a practical plan for controls, automation, and rollout.