Cybersecurity and Threat Intelligence with over 23 years of experience architecting resilient defenses and delivering actionable intelligence for global enterprises and financial institutions. My expertise lies in transforming complex cyber risks into strategic advantages by integrating an "attacker's mindset"—validated by top-tier HackerOne rankings—with robust security architecture and executive-level threat reporting.

• 🔍 Threat Intelligence & Hunting - Dark Web/OSINT analysis, TTP tracking, proactive threat hunting
• 🏗️ Security Architecture & Engineering - NIST/ISO 27001 frameworks, cloud transformations (AWS, Azure)
• 🏴‍☠️ Offensive & Proactive Security - Ethical hacking, bug bounty programs, CTF competitions
• 📋 Governance, Risk & Compliance (GRC) - Policy creation, certifications (PCI, SOC2 for FedRamp)
• 🔐 Identity & Access Management (IAM) - Zero Trust RBAC, SSO/MFA, Privileged Access Management
• 🚀 DevSecOps & Cloud Security - CI/CD security integration, containerized environments (K8s, Docker)

Sep 2023 - Feb 2024 | Doha, Qatar

• ✅ Proactively hunted threats targeting critical government infrastructure using AI security competencies
• 🤖 Integrated AI technologies into threat detection and response workflows for evolving cyber threats
• 🔬 Conducted vulnerability testing on AI models, ensuring security standards and ethical AI principles
• 📊 Applied prompt engineering, AI model training, and LLMs for threat modeling and intelligence
• 🛡️ Utilized RAG for malware analysis and removal with ethical AI principles
• 📈 Key player in security compliance and malicious activity tracking

Sep 2012 - Present | Remote

• 🎓 Build and manage cybersecurity training programs, forensics, and emerging technologies
• 🧠 Design and operate threat intelligence frameworks to strengthen organizational security
• 🔍 Research threat intelligence risks and analyze security vulnerabilities

• 🥇 Top ranked in Colombia (Q4 2020, Q3 2021, Q4 2024, Q4 2025)
• 🎯 Active HackTheBox competitor with advanced penetration testing skills
• 🔍 Pop-up window stored XSS discoveries via advanced payload techniques

const currentWork = {
    research: ["XSS Vulnerabilities", "Web App Security", "OWASP Top 10"],
    platforms: ["HackerOne", "Bugcrowd", "TryHackMe", "HackTheBox"],
    learning: ["Advanced Penetration Testing", "Red Team Operations"],
    building: ["Security Automation Tools", "Vulnerability Scanners"]
};

• 🏆 HackerOne Profile: akax - Top Ranked Colombia (Multi-quarter champion)
• 🎖️ Critical Findings: XSS vulnerabilities, Authentication bypasses, AI model exploits
• 🔥 Specializations: Stored XSS, DOM-based XSS, Advanced payload techniques

• 🎓 IBM AI Security Specialist - Advanced threat hunting with AI/ML
• 🛡️ NIST Cybersecurity Framework - Architecture & implementation
• 📋 ISO 27001 Security Management - Governance & compliance
• 🏅 CTF Competitions: Regular top performer in cybersecurity challenges

• 🚀 23+ Years of enterprise cybersecurity leadership
• 🏢 Fortune 500 threat intelligence consulting
• 🛡️ Government Infrastructure protection (Qatar, Colombia)
• 💼 C-Suite Advisory on cyber risk strategy

graph LR
    A[Web Security] --> B[Advanced XSS]
    B --> C[Mobile Security]
    C --> D[Cloud Security]
    D --> E[Red Team Operations]

• 🎯 Bug Bounty Programs - Joint vulnerability research
• 🏗️ Security Tool Development - Open source security projects
• 📚 Educational Content - Security awareness and training
• 🔬 Research Projects - Novel attack vectors and defenses

"Security is not a product, but a process." - Bruce Schneier