Security Engineer at IT Audit Labs focused on SOC operations, SOAR playbook development, and security automation.
I design and ship automated response workflows that support incident detection, investigation, and remediation: phishing, suspicious access, anomalous behavior.
Beyond security ops I build full-stack products on the Cloudflare edge — Workers, Durable Objects, D1, Astro SSR, Hono, React 19 — and care a lot about reducing manual toil through detection engineering, process optimization, and aligning technical work with audit standards.
02 · Experience
Where I've worked
IT Security Engineer
IT Audit Labs
Jan 2026 – Present
United States · Hybrid
- Design and ship SOAR playbooks for SOC environments — phishing, suspicious access, anomalous behavior — standardizing and automating incident response.
- Analyze security alerts, investigate incidents, and improve SOC efficiency by reducing manual effort through automation and process optimization.
- Collaborate with security and audit teams to align technical SOC operations with security controls, procedures, and industry best practices.
- Build and improve automated response flows; integrate security processes with monitoring and orchestration tooling.
Information Technology Intern
IT Audit Labs
Dec 2024 – Jan 2026
Minnesota, USA · Hybrid
- 1 year 2 months of cross-functional IT work spanning security operations, infrastructure support, and tooling — the foundation that led directly to the Security Engineer role.
Interactive Developer
App Zone Web
Aug 2022 – Aug 2023
Remote
- Built virtual / mixed / augmented reality experiences and web applications.
- Delivered website sales projects, social media content, and SEO work for client portfolios.
- Skills focus: Google Ads, WordPress, content production.
Technical Support Specialist
Sinergia Sistemas y Soluciones
Nov 2021 – Dec 2022
Bogotá, Colombia · Hybrid
- First-level user support: database management, web application support, software installation, account creation, and case logging in Mantis.
- Generated database reports and managed PostgreSQL databases for ongoing client engagements.
- Skills focus: PostgreSQL, Ubuntu, troubleshooting, ticketing workflows.
Master of Science
Minnesota State University, Mankato
Information Technology · Jan 2024 – Dec 2025
ID: 26Zw-M1ZP-S2A1
Bachelor's Degree
Universidad Central (Colombia)
Systems Engineering · Jan 2019 – Aug 2023
04 · Certifications
Licenses & training
SOAR & SOC · Palo Alto Networks
(EDU-380) Cortex XSOAR: Automation and Orchestration
Palo Alto Networks · Aug 2025
C81426
Cortex XSOAR: Features
Palo Alto Networks · Aug 2025
Cortex XSIAM SPS Specialization Exam
Palo Alto Networks · Jan 2025
354913955
Cortex XSOAR 6 Security Orchestration and Automation
Udemy · Jan 2025
UC-5332e657-810e-40c7-892c-08a130f298e0
Cortex XDR: Profiles and Policy Rules
Palo Alto Networks · Dec 2024
352634649
Cortex XDR: Management Console
Palo Alto Networks · Dec 2024
352577292
Cortex XDR: Main Components
Palo Alto Networks · Dec 2024
352568514
Palo Alto Networks Certified Cybersecurity Apprentice
Palo Alto Networks · May 2025 (exp. May 2027)
Google Cloud Security
Google Cloud SecOps Sales Credential
Google · Nov 2025 (exp. Nov 2027)
436469069
Google Cloud SecOps Technical Credential Assessment
Google · Nov 2025 (exp. Nov 2027)
436695647
Google Cloud Sales Credential
Google · Nov 2025 (exp. Nov 2027)
434401366
Security Training
Defending M365 & Azure with Kevin Klingbile
Antisyphon Training · Oct 2025
The Human Factor in AI-Driven Cybersecurity
Antisyphon Training · May 2025
144165795
Rapid Endpoint Investigations
Antisyphon Training · May 2025
143687790
HRM Product Sales Training
KnowBe4 · Sep 2025
KnowBe4 Sales Evangelist Training
KnowBe4 · Sep 2025
Compliance
Security and Privacy: Privileged Role
CJIS Security and Privacy Training · Oct 2025 (exp. Oct 2026)
DevOps & Foundations
Ansible for the Absolute Beginner — Hands-On DevOps
Udemy · Jan 2025
UC-a2fe44d4-1869-4307-9649-5f66b295c951
AI for Excel
Excel Dictionary · Jun 2025
vk52cqfufj
Build Basic Generative Adversarial Networks (GANs)
Coursera · Feb 2024
Technical Support Fundamentals
Coursera · Feb 2023
4U7KXBC9ZMR2
The Bits and Bytes of Computer Networking
Coursera · Feb 2023
Y889LBFC43Z9
Introduction to Databases
Coursera · Feb 2023
FS9QK4AMQSZB
Operating Systems and You: Becoming a Power User
Coursera · Feb 2023
UVHGAB2JKRST
Security
SOAR SOC operations Detection engineering Incident response Cortex XSOAR Cortex XSIAM Cortex XDR Azure / Intune Rapid7 InsightVM ThreatLocker Cisco XDR / Umbrella Microsoft Defender / Graph M365 security Phishing analysis OAuth / SSO security
Edge & Cloud
Cloudflare Workers Durable Objects D1 KV Workers AI Pages Wrangler
Languages & Runtimes
Python TypeScript JavaScript SQL Bash Java
Frontend
Astro React 19 Tailwind v4 shadcn/ui TanStack Router TanStack Query Vite
Backend & Data
Hono Drizzle PostgreSQL SQLite (DO) OpenAPI 3 REST
DevOps & Tooling
Ansible Git pnpm Turborepo Strict TDD Spec-Driven Development Linux / Ubuntu
06 · Selected work
Engagements
Detailed write-ups of recent client and product work — companies omitted under NDA, technical surface described in full —
live on /work.