Software Engineer | Security Engineer | DevSecOps | Cloud Security Specialist
💡 15+ years designing and defending fintech, e-commerce, and AI systems.
☁️ Builder of resilient CI/CD pipelines, secure infrastructures, and fraud-detection platforms.
🔒 Zero-breach record against APT-level threats.
A transparent reverse proxy built in Go that automatically injects tracking code into HTML responses to collect telemetry data for security, fraud detection, and operational analytics.
- HMAC-authenticated event collection with pluggable sinks (NDJSON, Kafka, PostgreSQL).
- Privacy-aware and compliance-minded by design (GDPR/HIPAA safe).
- Production-hardened with Prometheus metrics, health checks, and a distroless Docker image.
📂 github.com/telhawk-systems/telhawk-proxy
An OCSF-compliant, Go-based SIEM platform using OpenSearch for log storage and analysis.
- Modular microservices for auth, ingestion, query, and visualization.
- CLI tool (
thawk) for token management, event ingestion, and SPL-style searches. - Splunk HEC-compatible ingestion for easy migration from proprietary platforms.
📂 github.com/telhawk-systems/telhawk-stack
A security-hardened CI/CD reference implementation that integrates automated scanning, compliance enforcement, and code-quality gates within GitHub Actions.
- Implements SAST (Bandit, CodeQL), DAST (OWASP ZAP), and secret detection (Gitleaks).
- Enforces merge-blocking security gates to prevent vulnerable builds.
- Uploads SARIF reports for visibility in GitHub’s code-scanning dashboard.
- Demonstrates modern DevSecOps principles: shift-left security, automation, and compliance-by-default.
📂 github.com/shortontech/secure-ci-pipeline
Python • Go • TypeScript • Docker • Kubernetes • AWS
Terraform • Postgres • Kafka • GitHub Actions • Grafana
- Founder of TelHawk Systems, an open-source security analytics suite 🦅
- Mentor & red-teamer turned builder of safer pipelines
- Motto: “Modern attackers automate — so defenders must too.”
Re-architected the crypto transaction pipeline (Prime Trust → Fortress Trust) to triple throughput and remove single points of failure. Led a team of five engineers implementing containerized dev environments that cut setup time from hours to minutes. Built incident-response playbooks that halted an insider-assisted breach and were later adopted company-wide.
Developed secure ETL pipelines and React dashboards unifying ad, payment, and analytics data across Google Ads, Facebook, Stripe, and PayPal. Designed anomaly detection systems that identified fraudulent ad spend in real time. Rolled out org-wide DKIM/SPF/DMARC, improving deliverability by 40%.
Directed a four-person engineering team modernizing an e-commerce analytics platform. Rebuilt core services into Dockerized microservices supporting thousands of concurrent users. Launched automated CI pipelines that reduced release rollback rates to under 1%.
Introduced OWASP Top 10 remediation and secure SDLC practices across internal projects. Refactored legacy PHP applications into modular, secure systems with improved performance and maintainability. Led internal security workshops to improve code quality organization-wide.