Available for Freelance Projects

AI-Powered SOC
Automation & Detection
Engineering

I design and deploy real-world SOC systems, automate security workflows, and build AI-driven detection pipelines — so your team spends less time triaging and more time defending.

Start a Project View My Work

400+

Endpoints Monitored

70+

Workflow Nodes Built

50+

CTF Labs Created

100K+

Blog Views

Services

What I build for you

Specialist engagements across SOC infrastructure, automation, and AI — delivered end-to-end.

SOC Architecture & SIEM Deployment

Design and deploy complete SOC infrastructures tailored to your environment — from day-zero to fully operational detection capability.

Includes

Wazuh SIEM deployment (multi-endpoint)

Log ingestion — firewalls, endpoints, cloud

Custom dashboard creation

Detection pipeline configuration

SOC Automation & SOAR

Automate your security operations using n8n and custom workflows — reducing manual triage and accelerating your mean time to respond.

Includes

Alert triage automation

Threat intel enrichment (VirusTotal, AbuseIPDB)

SSH log collection workflows

Incident workflow automation

AI SOC Agent Development

Build intelligent SOC assistants that reduce analyst workload — using local LLMs and custom pipelines tuned to your alert taxonomy.

Includes

LLM-powered alert analysis (Ollama)

Automated incident reporting

AI enrichment pipelines

Custom AI workflow design

Featured Work

Built in production, not a lab

Featured Project

AI SOC Analyst L1 Agent

Built a full AI-powered SOC agent with 60+ workflow nodes that autonomously handles alert triage, threat enrichment, and incident reporting — replacing the manual L1 analyst workload on routine alerts.

n8n Ollama Wazuh VirusTotal API

soc_agent.py

1class SOCAgent:

2 """AI-powered L1 analyst"""

4 async def triage(self, alert):

5 enriched = await self.enrich(alert)

6 verdict = await self.llm_analyze(enriched)

7 if verdict.severity >= HIGH:

8 await self.escalate(verdict)

9 return self.generate_report(verdict)

Process

How an engagement works

Analyze Your Environment

Assess your current infrastructure, log sources, tooling, and detection gaps before proposing anything.

Design Tailored Solution

Architect a solution specific to your stack — no generic templates, everything mapped to your threat model.

Deploy & Integrate

Hands-on deployment with full documentation. Every component tested before handover.

Optimize & Automate

Tune detection rules, reduce false positives, and layer in automation to cut analyst workload over time.

AI-Powered SOCAutomation & DetectionEngineering

What I build for you

Built in production, not a lab

How an engagement works

Analyze Your Environment

Design Tailored Solution

Deploy & Integrate

Optimize & Automate

Upgrade YourSOC Operations

AI-Powered SOC
Automation & Detection
Engineering

Upgrade Your
SOC Operations