~/work

Proof, not promises.

Every project below shipped, and every number was measured in production — across 6+ years at Microsoft, independent full-stack products, Morgan Stanley, and published research.

#

Case studies

enterprise
// Microsoft Threat Protection · Seattle2024 — present

Cut auth overhead 90% — and unblocked an 11-month migration

The stakes: a security platform protecting millions of enterprise email seats, stuck on a legacy desktop client because authentication couldn't move to the cloud.

Engineered a reusable, thread-safe OAuth 2.0 On-Behalf-Of library with distributed token caching — now the platform's standard integration framework. That foundation unblocked the migration of Defender for Office spam-rule authoring to a cloud-native web platform.

90%
less auth overhead
11 mo
bottleneck resolved
Millions
of enterprise seats protected
OAuth 2.0 OBODistributed caching.NET 8AzureMulti-tenant security
// Microsoft Threat Protection2024 — present

Re-platformed a 4M+/day pipeline — and cut seven figures of cost

The stakes: a threat-sample ingestion service the whole detection org depends on, running blind and expensive.

Led the re-platforming: OpenTelemetry distributed tracing, single-click staged releases, and multi-tenant sandbox abstractions that onboard new detonation environments while preserving strict per-customer isolation.

4M+
submissions per day
$1–2M
monthly platform savings
Event-driven servicesOpenTelemetryRBACCI/CDAzure
// Microsoft Cloud + AI Security · RedmondJun 2020 — May 2023

Made security analysts 20× faster

The stakes: analysts triaging global malware detections were waiting 20+ seconds per sample preview, with false positives slipping through.

Developed diagnostic and sample-clustering tools for tracing false positives and negatives. Re-architected multi-source ingestion with per-source fault isolation, accelerated previews, and built replication that made far more samples immediately analysis-ready.

20×
analyst throughput
<3s
preview latency, from 20s+
~75%
analysis-ready availability
Fault isolationRBACAzure StoragePerformanceKey Vault
// Microsoft Unified Security Intelligence · Vancouver2023 — 2024

Shipped an isolated malware-investigation browser — and killed every recurring outage

The stakes: investigators handling live malware needed isolation from the corporate network, and the existing tooling failed by region, repeatedly.

Built and launched a cloud-hosted remote browser for malware investigations. Authored its threat models and data-exfiltration controls, moved workloads off the corporate network, and debugged crash dumps to eliminate the failures for good.

100%
of recurring multi-region outages eliminated
Browser isolationThreat modelingData-exfiltration controlsCloud platform
#

Independent products

full-stack
// admissions platform

UniAccess

A complete multi-portal product for students, university partners, and administrators — applications, document management, interviews, onboarding, payments, and an Azure-hosted deployment. Built end to end by one engineer.

ReactTypeScript.NETPostgreSQLAuth0Azure
// social & events platform

Vibaze

A real-time social and events platform with messaging, media, automated delivery, structured observability, and browser-to-backend testing — production practices applied to an independent build.

ASP.NET Core 8PostgreSQLSignalRContainer AppsPlaywright
// event planning platform

EventPilot

A Go API and React/TypeScript front end connected through generated OpenAPI clients, with scoped payment, messaging, and object-storage integrations.

GoChisqlcReactOpenAPICloudflare
#

Research

publication
// ACM FPGA '20 · University of Rochester, Horizon Lab

Energy-Efficient 360-Degree Video Rendering on FPGA via Algorithm-Architecture Co-Design

Co-author, ACM/SIGDA International Symposium on Field-Programmable Gate Arrays (FPGA 2020). View publication →

open for new engagements · booking August 2026

$ want results like these?

Bring me the hard problem — you'll get a reply within two business days.