Kansas City, Missouri
Blue team practitioner specializing in incident response, digital forensics, and detection engineering. Based in Kansas City — built for the frontlines of defense.
01 — Expertise
End-to-end IR engagements from triage through remediation. Rapid scoping, evidence preservation, and stakeholder communication under pressure.
Host-based and memory forensics, disk imaging, artifact analysis, and chain-of-custody documentation. Windows, Linux, and cloud environments.
Threat-informed detection development using MITRE ATT&CK. SIGMA rule authoring, SIEM tuning, and detection validation pipelines.
Building and maturing defensive capabilities — SOC processes, playbooks, alert triage workflows, and analyst enablement programs.
02 — About
I'm a Kansas City-based cybersecurity professional focused on the defensive side of the house. My work lives at the intersection of incident response, digital forensics, and detection engineering — the unglamorous, critical work that happens when things go wrong and when preparing to stop them from going wrong in the first place.
I believe in sharing what I learn. You'll find my technical writing, open-source detection rules, and IR playbooks published publicly — because the community gets stronger when practitioners share the work.
When I'm not hunting threats, I'm writing about them at BBQ & Bytes.
03 — Contact
Available for consulting engagements, speaking opportunities, and collaboration. Based in Kansas City — remote-friendly everywhere else.