Practitioner-built threat intelligence and cybersecurity education — sourced, cited, and built from real-world operations.
I've spent 13+ years working across the full stack of IT and security, from endpoint management and infrastructure to security operations, threat intelligence, and compliance. My day job is Senior Manager of IT and Cybersecurity, where I oversee everything from device fleet management and MDM to SOC design and security roadmap planning.
Outside of work, I build and maintain CyberGrind as a hands-on research environment. I run live threat intelligence pipelines, self-hosted AI tooling, and security automation projects. It's where I test ideas, break things on purpose, and document what actually works.
CyberGrind is my personal knowledge base and lab, a place to document what I'm learning, build tools I actually use, and share practitioner-grade content without the fluff. Everything here is sourced, tested, or built by me. If something is uncertain, I say so.
- Security operations & incident response
- Endpoint management & MDM (Microsoft Intune, Android Enterprise)
- Threat detection & vulnerability management
- SOC design & security roadmap planning
- Infrastructure & cloud security (Azure, M365)
- Nonprofit security program buildout & consulting
- Not all indicators labeled "malicious" are inherently harmful in every context
- Some IPs may belong to shared infrastructure, research scanners, or legitimate services
- Data is continuously evolving and should be validated before taking action