Professional Summary
Threat intelligence and detection content analyst with 15+ years of enterprise technology experience and an MS in Information Systems. Built ArgusX, an independent threat intelligence platform processing 1,000+ posts/day from 20+ public and vendor research sources, with classification taxonomy and methodology designed for predictive threat analysis. Architect systems, design detection logic, and ship working security tools using AI development assistants for implementation. Published 15+ threat analyses and 2 detection rules submitted to Sublime Security's open-source ruleset. Russian/English bilingual. CompTIA Security+ scheduled June 2026.
Most candidates studying for Security+ have a homelab. I have a working threat intelligence platform ingesting 1,000+ posts/day, classifying threats by category, and tracking nation-state actors. The work itself is the credential.
Professional Experience
Founder & Independent Security Researcher
2023 – Present
SiteWave Studio LLC · Milford, CT
- Founded LLC operating as parent entity for ArgusX threat intelligence platform, threat research, and detection content authoring
- Built ArgusX — independent threat intel platform aggregating data from 20+ public and vendor research sources, processing 1,000+ posts/day. Designed methodology for capability commodification analysis and trigger-based forecasting. Live system; demo available under NDA
- Published 15+ threat analyses on nation-state operations (Volt Typhoon, Apple Watch attack surface, UNC1069/Lazarus npm supply chain), criminal infrastructure (TeamPCP Telnyx, Glassworm, Lumma Stealer), and identity research (38-breach exposure study, LinkedIn verification gap)
- Authored 2 detection rules submitted to Sublime Security's production ruleset (Glassworm, homoglyph BEC); built Ladon static analysis tool validated against Gamaredon (Russian APT), ValleyRAT (Chinese APT), and live phishing. Zero false negatives
- Mapped Lumma Stealer C2 infrastructure via Wireshark/Zeek analysis, identified TLS-encrypted domains invisible to standard filters, published IOCs to ThreatFox
Senior UI/UX Designer
2022 – 2024
SylvanRoad Capital · Remote
- Rebuilt core rental application experience for national housing platform, increasing application completion rates ~30%
- Led end-to-end UX design across custom web and mobile applications collaborating with product managers, developers, and C-suite stakeholders
Lead UI/UX Designer
2019 – 2022
605 · Media Analytics · Remote
- Accelerated project delivery 30%+ by establishing reusable design framework adopted across full product team
- Led complex B2B analytics product design from discovery through developer handoff for media measurement clients making multi-million dollar advertising decisions
- Translated technical constraints into user decisions — directly transferable to making security findings and threat intelligence actionable for non-technical stakeholders
Senior UX/UI Designer & Consultant
2013 – 2019
Housing Tech, SaaS & E-Commerce Clients · New York / Remote
- 15 years designing enterprise web and mobile applications across housing tech, media analytics, and e-commerce sectors
- Extensive C-suite and VP-level communication — presenting risk tradeoffs and strategic recommendations directly transferable to compliance and advisory roles
- Early adoption of AI-assisted workflows; experimented with GPT-2 for form intelligence in 2018
Published Research & Security Tools
ArgusX — Threat Intelligence Platform Build
Built independent threat intel platform from scratch. Multi-source ingestion, AI classification at $0.27/month, 61,000+ auto-detected relationships. No engineering budget.
Apple Watch as Nation-State Attack Surface
Original threat research on nation-state actors exploiting Apple Watch always-on radio stack and inherited Wi-Fi trust relationships. Three documented attack chains with MITRE ATT&CK mapping. Identifies policy gap leaving boardrooms unprotected.
60 Seconds — North Korean npm Supply Chain Hijack
UNC1069 (BlueNoroff/Lazarus) compromised the axios npm maintainer account, injecting WAVESHAPER.V2 cross-platform RAT into releases with 100M+ weekly downloads. Three-hour exposure window. Attack reconstruction and four detection gaps analyzed.
Sublime Security · Open Source Detection Rules
Two detection rules authored for Sublime's open-source production ruleset: Unicode homoglyph BEC detection and Glassworm invisible Unicode payload detection. Currently in active review with Sublime engineer.
Ladon · Document Security Analyzer
Static analysis tool for PDF and calendar invite triage. Validated against 5 malicious samples including ValleyRAT (Chinese APT), Gamaredon (Russian FSB-linked APT), and live phishing that bypassed Gmail. Zero false negatives. IOCs published to ThreatFox.
Volt Typhoon — Living Off the Land
China's APT campaign targeting US critical infrastructure using LOTL techniques. Years-long persistence, audit log deletion patterns, detection gaps in standard SIEM rules, defensive recommendations.