Experience
Cybersecurity Specialist at Bell Canada [BCE Inc]
Led major automation initiatives in the Security Perimeter Team to automate threat intelligence, incident response, and security configurations.
Developed an automated reporting application that uses APIs to generate interactive HTML reports with statistics, such as top events with timelines and their sources.
Created an IP-based lookup system that processes 2.5 billion IP addresses in just 3 hours. Saved around 1,800 hours by automating repetitive tasks with custom workflows.
Worked with clients across residential, enterprise, and government sectors to configure optimal security settings, reducing false positives while more precisely addressing true positives.
Llama-phish
A tool that replicates the behaviour of a chat-based Large Language Model (LLM) like ChatGPT. It uses phishing-like tactics to deceive users into interacting with a fake AI Chatbot interface to capture user prompts while giving them actual output as well.
Velociraptor PrintNightmare Artifact
This artifact checks the Windows registry for the NoWarningNoElevationOnInstall key. If set to 1, the system is vulnerable to remote code execution via the Print Spooler service. If the key is missing or set to `0`, the system is not vulnerable.
AI SOC Lab
Developed a fully automated, local-first Security Operations Center (SOC) lab using Docker - a unified stack including Graylog, TheHive, and Cortex and a custom Python-based AI SOC Analyst on top utilizing local LLM (Ollama) for real-time log analysis, automated incident response, and interactive dashboard.