I am a "Code-First Architect" specializing in the convergence of Data Engineering, Security, and Observability. I architect and build high-throughput security data lakes that ingest, normalize, and analyze 10M+ daily events.
Currently, I am modernizing legacy SIEMs by replacing them with Google Chronicle, Kafka, and BigQuery, bridging the gap between SRE and SecOps.
| Domain | Technologies |
|---|---|
| π‘οΈ Security Engineering | Google Chronicle (SecOps), YARA-L (Detection-as-Code), Security Command Center, Splunk, Azure Sentinel |
| π Data Streaming | Apache Kafka (Confluent), Apache Flink, Google Dataflow, Pub/Sub, BigQuery Omni |
| π Observability | OpenTelemetry (OTel), Prometheus, Grafana, Distributed Tracing |
| ποΈ Cloud & Code | GCP (GKE, Cloud Functions), Go (Golang), Python, Terraform, Kubernetes |
I specialize in building Unified Analytics Platforms that decouple ingestion from analysis.
- Ingestion: High-scale Go-based gateways processing 50k events/sec.
- Transport: Apache Kafka & Pub/Sub for reliable, buffered delivery.
- Storage: "Hot" data to Chronicle (threat hunting) and "Cold" data to BigQuery (compliance).
- Automation: Automated remediation bots using Cloud Tasks and Vertex AI.
I believe in contributing back to the tools I use in production:
- pydantic/FastUI: Implemented dataclass support for Table component (PR #385)
- google/adk-go: Fixed Windows test compatibility issues (PR #344)
- WinMerge: Authored translation contribution guide