I work in security incident response, analyzing how attackers interact with real systems and applying machine learning techniques to help surface meaningful signals during investigations.
My day-to-day work is about understanding incidents in context — how systems failed, how attackers operated, and which signals actually mattered under real operational constraints.
Things I currently focus on:
- Security architecture, threat modeling, and risk analysis
- Incident response and adversary simulation
- Applied ML and NLP for security analysis and triage
- Reliability, observability, and operational visibility in production systems
Python / Jupyter-based NLP project for security alert triage
- Exploratory and applied NLP using Python and Jupyter notebooks
- Focused on text classification, feature extraction, and systematic model evaluation
- Designed to support analyst judgment rather than automate conclusions
- Emphasizes transparency, reproducibility, and measurable signal quality
➡️ https://github.com/texasbe2trill/AlertSage
Deterministic dependency reasoning engine for distributed systems
- Models service architectures as explicit dependency graphs
- Identifies failure blast radius and critical services before incidents occur
- Makes hidden coupling and cascading failure paths explicit
- Focuses on deterministic, reproducible reasoning over probabilistic scoring
This project reflects how I approach incident response at the system level:
understanding structure, dependencies, and what actually breaks when something fails.
➡️ https://github.com/texasbe2trill/constellation-engine
R package for analyzing internet-exposed services using Shodan
- Programmatic access to Shodan data for exposure analysis and research
- Supports enrichment, aggregation, and reproducible reporting
- Useful for threat research, attack-surface analysis, and analytics workflows
➡️ https://github.com/texasbe2trill/ShodanR
Data analysis and modeling project using R
- Data ingestion, feature engineering, and exploratory analysis
- Demonstrates statistical reasoning and reproducible research practices
- Separate from security work, but representative of analytical rigor
➡️ https://github.com/texasbe2trill/hooplyticsR
- Languages: Python, R, Bash
- Security: Incident response, threat modeling, adversary simulation, security architecture & assurance
- Data & AI: NLP, embeddings, model evaluation, applied statistical analysis
- Systems: Linux, service & application APIs, distributed systems, logging & telemetry, automation
I approach security and AI work with a focus on:
- Evidence over assumptions — models and controls should be testable and measurable
- Engineer partnership — security should enable delivery, not obstruct it
- Operational realism — designs must hold up under incident conditions
- Simplicity at scale — the best solutions are understandable and maintainable
I’m currently focused on:
- Applying ML and NLP to real security workflows
- Improving incident response through better analysis and tooling
- Building systems that balance security, reliability, and developer experience
