Skip to content

Career & Security Expertise

Senior Cyber Security Engineer @ Aave Labs

Current Focus: Web3 Security Architecture & Offensive Operations

At Aave Labs, I own the full security perimeter: from smart contract invariant monitoring to infrastructure hardening, bridging offensive tradecraft with high-fidelity defensive operations in an environment where a single exploited vulnerability can result in nine-figure losses. My role bridges the gap between traditional infrastructure security and the cutting-edge requirements of Web3.

  • Security Architecture: Designing and hardening infrastructure for Web3/Web4 environments, ensuring resilience against both classic and protocol-specific attack vectors.
  • Offensive Security: Conducting deep-dive audits and penetration tests on web3 applications and smart contracts to identify vulnerabilities before they can be exploited.
  • On-Chain Threat Detection & SOC Operations: Designed and operate a multi-layer on-chain monitoring stack combining:
    • Tenderly — custom invariant monitors covering Aave V3's core solvency guarantees: health factor violations, liquidity index monotonicity, cash-vs-availability divergence, oracle staleness, supply/borrow cap breaches, and post-liquidation state correctness.
    • Hypernative — behavioural anomaly detection for protocol-level threats: price manipulation patterns, flash loan abuse, unusual borrow spikes, and cross-protocol correlation attacks.
    • CrowdStrike, AWS GuardDuty, CloudTrail — host EDR and cloud-layer coverage completing the detection surface.
    • Sumo Logic — centralised telemetry aggregation (SIEM) with structured Field Extraction Rules per source, unified severity normalisation, and correlation dashboards that surface simultaneous Tenderly + Hypernative signals — a strong indicator of real exploit activity vs. false positives.
  • Certifications: I hold the CW3H (Certified Web3 Hacker) and Certified Smart Contract Auditor designations.

Professional Journey

With over 18 years in software development and 13 years dedicated to the Secure Software Development Lifecycle (SSDL), I have built a career at the intersection of engineering and elite-level security.

Offensive Security & Threat Simulation

  • AttackIQ (6 years ago): Focused on offensive security and Breach & Attack Simulation (BAS). I specialized in automating threat actor scenarios under the MITRE ATT&CK framework, providing customers with actionable intelligence on their security control effectiveness, mastering controls like Splunk and Crowdstrike.

Security Engineering & Operations

  • Qustodio (10 years ago): Transitioned to a Blue Team operations role, where I spearheaded security architecture and engineering projects.
  • Telefónica R+D (13 years ago): Early career focused on SSDL and web development, laying the foundation for my expertise in secure coding and systems design.

Core Security Pillars

1. Security Architecture & Hardening

  • Cloud & Infrastructure: Expert-level knowledge of AWS, with deep experience in Azure, GCP, and OpenStack. I design secure network, compute, and storage architectures.
  • Container Security: Orchestrating secure environments using Docker and Kubernetes.
  • Distributed Systems: Applying patterns like Saga, CQRS, and Sharding within a security-first framework.
  • Protocols: Low-level mastery of TCP/IP, TLS, HTTP/S, and specialized protocols like SPICE.

2. Web3 & Smart Contract Security

  • Languages: Expert in Solidity, Python, and NodeJS.
  • Auditing: Comprehensive smart contract exploit development and auditing (EVM).
  • Cryptography: Deep understanding of DLP, Factorization, and primitives (SHA, AES, RSA, ECC). Currently preparing for new Post-Quantum Cryptography (ML-KEM/Lattice-based).

3. Engineering & Research

  • Low-Level & Performance: Development in Assembly x86-64, C, Rust, and Go.
  • AI/Agentic: Implementing Secure Architectures for agents to use wallets without compromising the private key with HSM, and securing the rest of the secrets.
  • Data Analysis: Leveraging Python (Pandas, TensorFlow, Jupyter) for security data science and alerting automation.