A security leader with a builder's spine.
Most of my career was spent on the grittier end — running detection on 24/7 SOC floors in Lahore, writing IaC at About You in Hamburg, investigating and mitigating the Codecov incident (among many others) at HelloFresh. Then four years at Moonfare building a security function from the first hire to a 16-person org — and learning, honestly, what it takes for security to move a business forward instead of slow it down.
These days I'm VP of Cybersecurity Strategy & WAAP Product at Link11. Link11's ambition is to be the web firewall Europe actually trusts — a real alternative in a market the US has dominated for a decade. I'm here to help build that, partly because the ambition is real, mostly because I know what a CISO needs from a product like this. I want to build it that way.
Building WAAP product at Link11. Writing more — this site is the start of that. Spending real time on AI for defensive security: what actually earns its keep in detection, triage, and IR versus what's just a demo with a good PM behind it. And thinking about what "10× engineer" means when the leverage is an LLM, not a better IDE — and how that reshapes what a small security team can do.
Different hats. Same muscle.
Supply-chain incidents are a leadership test more than a technical one — you can do all the IR right and still fail if your communication and prioritization are off.
First as the engineer leading technical response to Codecov at HelloFresh. Later as CISO at Moonfare, coordinating response to a third-party incident where a business counterparty’s breach created potential exposure on our side. Different technical profiles, same operational problem: scan fast, scope impact accurately, brief the board honestly, don’t let the noise derail the business.
I’ve come to think of supply chain as the most under-rated part of the threat model — and the part that’s hardest to run well when everyone’s already tired.