Cybersecurity | Infrastructure | Systems
Cybersecurity engineer building secure infrastructure at the intersection of networking, cloud, and AI.
I've been taking things apart since I was a kid: computers, networks, anything I could get my hands on. That habit never went away. Now I get paid to put them back together and make sure nobody else can break in.
My focus is making systems that actually work in production. I've built CRMs, deployed infrastructure, configured enterprise networks, and automated the repetitive stuff so I can spend time on problems that actually matter.
Targeting cybersecurity infrastructure, cloud security, and GovTech roles. Hands-on experience with enterprise Cisco, production access controls, containerized deployments, and AI-powered security tooling. Security+ certified, graduating May 2026.
1st Place: Beyond the Ball
Title III Conference Presenter
TSU Cybersecurity Student Lead
Certified Professional Development
Created and delivered a structured prompt engineering lesson for NBA Tech Challenge students, bridging AI capability and practical application.
Mentoring non-technical peers on AI tools and app development fundamentals, making technology accessible beyond CS majors.
Contributing to cybersecurity curriculum and lab infrastructure development at TSU, supporting the university's growing cyber initiative.
Active engagement with defense and cybersecurity organizations including MITRE, Lockheed Martin, HII, and Leidos across the GovTech ecosystem.
Real systems solving real problems. Not tutorials, not toy projects.
Texas Southern University had no dedicated cybersecurity lab. Students lacked access to enterprise networking equipment for hands-on learning, limiting practical skill development in a field that demands it.
Multi-layer campus network with Cisco Catalyst 9200/8200 core switching, Meraki MS130 access layer, and Firepower 1000 for threat inspection. UCS C220 rack servers provide compute for lab workloads. Full VLAN segmentation isolates student traffic from production.
Firepower IPS/IDS providing real-time threat inspection. VLAN-based segmentation enforcing least-privilege access between zones. Dedicated management VLAN for infrastructure administration.
Insulation contractors were running their businesses out of text threads, spreadsheets, and sticky notes. No visibility into job profitability until it was done. Generic CRMs didn't fit the workflow; industry-specific ones were expensive.
Next.js App Router frontend connected to Supabase (Postgres + Auth). Row Level Security handles multi-tenancy so each contractor only sees their own data. Strict client/server split throughout. Playwright catches regressions before they reach production.
Core features complete and tested. Schema locked with migrations. Polishing UI and building the marketing site. Contractors are already using it.
Cloud voice assistants are a privacy liability, add noticeable latency, and get expensive fast. I wanted sub-second local voice processing that could still reach cloud APIs when needed, without giving an AI unrestricted access to my infrastructure.
Two-machine setup. RTX 3070 handles the real-time voice pipeline (wake word, speech-to-text, LLM, text-to-speech) within 8GB VRAM constraints. VPS runs Postgres, n8n, and Qdrant for semantic search, connected over an encrypted WireGuard tunnel. About 60% of queries stay local; the rest route to cloud APIs. Agent Zero on the VPS handles long-running autonomous tasks.
The AI never touches the Docker socket directly. Every container operation goes through an allowlist with rate limiting. Audit logs are stored separately where the AI cannot modify them. Network is segmented by trust level: WireGuard internally, Cloudflare Zero Trust for external access. Documented threat model covers prompt injection, container escape, and secret leakage.
Build a fan engagement solution for the Houston Rockets under competition time pressure while leading a team with mixed technical backgrounds.
Next.js frontend with Supabase backend for auth and data persistence. Tailwind for rapid UI development. AI-assisted ideation during design to accelerate user research and feature scoping.
Won 1st place in the NBA Beyond the Ball Tech Challenge. Demonstrated ability to ship under pressure, lead cross-functional teams, and combine technical execution with user-centered design.
Needed a way to run multiple projects without paying per-app platform fees and without losing track of how everything was configured six months later.
One VPS, everything containerized. Traefik routes traffic by domain to the right container. Cloudflare handles DNS, SSL termination, and DDoS protection. Everything is defined in Compose files so the environment can be rebuilt from scratch in minutes.
Fail2ban on SSH. UFW deny-by-default. Containers run non-root with dropped capabilities. Secrets in env files that never touch git.
Texas Southern University
Apr 2025 - Present
JosephOne Technologies / CCISD
Aug 2025 - Present
National Electrification Project
Jun 2022 - Aug 2022
Open to full-time roles, internships, and co-ops in cybersecurity and infrastructure. Feel free to reach out.