Aave Labs

Senior Cyber Security Engineer

In charge of SOC operations, I manage the SIEM, a local LLM implementation, and Web3 security auditing and penetration testing. Proficient in leveraging tools like CrowdStrike and Sumo Logic to monitor, detect, and mitigate threats. Demonstrated expertise in deploying secure AI models with private knowledge and conducting comprehensive Web3 audits to safeguard decentralized applications. Adept at building robust security architectures, automating workflows, and ensuring compliance with industry standards.

Core Competencies

• SOC Tools: CrowdStrike, Sumo Logic, AWS GuardDuty and Cloudtrail, Groundcover, Falco
• On-chain monitoring: Tenderly, Hypernative, Blockaid.
• AI Agent Architecture: RAG (Retrieval-Augmented Generation), Secret management, Prompt injection
• Web3 Security: Smart Contract Auditing, Security Architecture, Cryptographic Protocols and Schemes
• Incident Response & Cyber Threat Intelligence
• Vulnerability Management & Compliance Audits: using tools like Vanta
• Cloud Security (mainly AWS and GCP) with focus on web3 and web4 with Zero-Trust mindset
• Programming Languages: Python, Solidity, Rust
• Operations: K8s, Docker, ArgoCD

Lead SOC operations by deploying and managing tools like CrowdStrike and Sumo Logic, achieving a increase of security posture.

Integrated Retrieval-Augmented Generation (RAG) mechanisms to enhance AI contextual accuracy while maintaining strict compliance with data protection policies.

Conducted advanced penetration testing and audits for Web3 ecosystems, identifying vulnerabilities in smart contracts and decentralized applications. Conducted advanced penetration testing and audits for Web3 ecosystems, identifying vulnerabilities in smart contracts and decentralized applications.

Collaborated with development teams to remediate blockchain-specific risks such as reentrancy attacks and cryptographic flaws.

Automated threat detection workflows using SOAR tools.