Senior Technical Lead - AI Security Researcher @ Cisco | Ex-Meta | Ex-AWS
I'm an AI Security Researcher specializing in securing AI systems at scale. Currently at Cisco, I lead initiatives to secure AI systems across networking, security, and infrastructure products. My expertise spans model safety guardrails, prompt-injection protections, compute isolation, and secure token management.
Previously, I've held senior security roles at Meta and Amazon Web Services (AWS), where I pioneered GenAI security practices for flagship products like Amazon Q and Bedrock.
Beyond my corporate roles, I'm deeply involved in the open-source security community through OWASP, where I co-lead initiatives to establish industry-wide security standards for AI systems.
- π‘οΈ Securing agentic AI systems and multi-agent architectures
- π Developing security frameworks for Model Context Protocol (MCP)
- π Authoring research papers and security standards for GenAI
- π€ Speaking at security conferences (RSA, OWASP Global AppSec, BSides)
| Role | Company | Period |
|---|---|---|
| Senior Technical Lead - AI Security Researcher | Cisco | Nov 2025 - Present |
| Senior Security Engineer | Meta | Jul 2025 - Present |
| Senior Generative AI Security Engineer | AWS | Jun 2024 - Jul 2025 |
| Application Security Engineer | AWS | Nov 2021 - Jun 2024 |
| Security Engineer (DevSecOps, Threat Intel, BCDR) | Nordstrom | May 2020 - Nov 2021 |
- Co-Lead & Founding Member - OWASP AIVSS (AI Vulnerability Scoring System)
- Workstream Co-Lead - OWASP GenAI Security Project - Agentic Security Initiative (ASI)
Contributing to the development of comprehensive threat modeling guides for multi-agentic systems and establishing security best practices for generative AI applications.
Scan MCP servers for potential threats & security findings. An open-source tool to identify vulnerabilities in Model Context Protocol implementations.
Scan Agent-to-Agent (A2A) frameworks for potential threats and security issues. Helps organizations secure interconnected networks of autonomous agents.
A community-maintained database of known vulnerabilities, limitations, and security concerns with the Model Context Protocol.
A comprehensive security framework for protecting LLM applications from tool poisoning and rug pull attacks through cryptographic verification and OAuth integration.
Comprehensive security standards and resources for agentic AI systems.
| Title | Organization | Year |
|---|---|---|
| Securing Agentic Applications Guide | OWASP | 2025 |
| Multi-Agentic System Threat Modelling Guide | OWASP GenAI Security Project | 2025 |
| AIVSS Scoring System for OWASP Agentic AI Core Security Risks | OWASP AIVSS | 2025 |
| LLM and GenAI Data Security Best Practices | OWASP | 2025 |
Regular speaker at major security conferences including:
- RSA Conference (San Francisco)
- OWASP Global AppSec (Boston)
- BSides (Harrisburg, Austin, Seattle, Baltimore)
- CypherCon (Milwaukee)
Security Domains:
AI/ML Security Cloud Security Application Security Threat Modeling Penetration Testing Vulnerability Assessment Malware Analysis Incident Response
Cloud Platforms:
AWS Azure GCP Oracle Cloud
Programming:
Python Java SQL Infrastructure as Code
I'm always interested in collaborating on AI security challenges and advancing the security of agentic AI systems.
- πΌ LinkedIn
- π Personal Website
- π Cisco Blog
"Defending Digital Frontiers - Securing AI systems at scale"