Security engineer. Cloud focused. Still mostly just curious.

I work in cloud security during the day. Outside work, I usually end up pulling apart phishing kits, tracing delivery chains, mapping infrastructure, and writing down what the thread turns into.

Now:: Security engineer @ MLS
Focus:: Cloud security, automation, infrastructure-heavy security work
Online:: inf0stache

The work

Most of my day job is security engineering across cloud environments: tightening things, automating repeat work, and hardening various areas that deal with infra.

The work I keep coming back to after hours is the messy phishing infra, delivery chains and malware behavior that helps me see how or what the attacker was thinking.

Currently: deep in npm supply chain research — maintainer phishing, malicious package delivery, and what shows up in EDR/proxy/DNS logs when it lands.

I write because I want to contribute to the community in a meaningful way. Publishing forces me to slow down, prove what I think I saw, and share something useful with each case.

Want to trade notes or work on something?

I'm always down to talk shop.

@inf0stache substack me@heyosj.com