Ian Young

Security Data Scientist

Colorado Springs, CO | resume@ianyoung.xyz | (719) 666-5551

LinkedIn | GitHub | GitLab

Summary

Security engineer cosplaying as a data scientist. I build intelligent systems that learn from threats and streamline security workflows. I focus on production-grade automation and reproducible processes. If it can be automated, measured, or graphed, I’ve probably tried it in my homelab first.

Core Competencies

AI & Automation for Security: Threat detection and vulnerability prioritization; anomaly and time‑series analysis; clustering; feature engineering; evaluation/tuning; LLM guardrails; feedback loops that turn telemetry into automated actions via policy engines and observability.

Data Engineering & Analytics: Python, SQL, pandas, Jupyter; ETL/ELT from SIEM/EDR/cloud APIs; Elasticsearch/Beats/Logstash; LGTM (Loki/Grafana/Mimir) with OpenTelemetry; dashboards and ad‑hoc analysis; log/metric pipelines with long‑term retention.

MLOps & Systems: Model serving via unified LLM proxy; inference logging/monitoring; experiment tracking and registries; CI/CD and GitOps; Docker/Kubernetes; IaC (Terraform/Ansible); model/pipeline observability with PromQL/LogQL.

Security Engineering Stack: SIEM/SOAR; EDR/XDR; cloud (AWS/Azure); DevSecOps with vuln scanning; runtime monitoring; policy enforcement (admission controllers); attack‑surface mapping; frameworks (OWASP, MITRE ATT&CK, CWE).

Languages & Tools: Python, SQL, Bash, Elastic Stack, Grafana/Prometheus/Loki/Mimir, Splunk, Git, REST, JSON/Parquet, Kubernetes, Docker, Helm, Kustomize, Flux, Gateway API.

Professional Experience

Quanata — Senior Security Engineer (AI & Automation)

September 2022 – Present

• Built ML-powered vulnerability prioritization models reducing false positives by 75% and shortening remediation cycles by 40%.
• Automated data pipelines ingesting CVE telemetry, asset metadata, and exploit feeds.
• Developed Python microservices integrating model inference into CI/CD workflows.
• Collaborated with data scientists to optimize machine learning methods for threat detection.
• Implemented KPI dashboards visualizing lifecycle metrics and program effectiveness.

Checkr, Inc. — Director of Information Security / Tessera Data

May 2021 – September 2022

• Designed and deployed SIEM/SOAR architectures feeding normalized telemetry into data science pipelines.
• Partnered with engineering teams to embed security analytics into observability systems.
• Led automation initiatives across DevSecOps pipelines using Python and Terraform.
• Acted as interim CISO, maintaining ISO 27001 and SOC 2 compliance while modernizing infrastructure.

PeopleTec — Information Systems Security Manager

January 2020 – May 2021 | Colorado Springs, CO

• Built centralized monitoring and alerting pipelines for classified enclaves.
• Designed metrics collection frameworks to analyze compliance and risk performance data.

Sentar, Inc. — Cyber Security Architect

May 2017 – September 2019 | Huntsville, AL

• Integrated SAST/DAST into CI/CD pipelines for secure software delivery.
• Developed Ansible playbooks for patch automation and validation.
• Conducted research to refine vulnerability scoring models.

SAIC — Senior Cyber Security Analyst

February 2016 – May 2017 | Huntsville, AL

• Automated NIST RMF compliance reporting using Python data extraction.
• Developed dashboards in Splunk to visualize system posture and control coverage.

Education

Ph.D. (2019–2024, paused) – Security Engineering, University of Colorado Colorado Springs

Research areas: AI for IoT security, data science, adversarial modeling

Ph.D. (2016–2018, partial) – Security Engineering, University of Alabama in Huntsville

M.S. Cyber Security – University of Alabama in Huntsville

B.S. Information Technology – University of South Alabama

Certifications

CISSP | CEH | CompTIA Security+ | Linux+ | Network+ | Splunk Certified Admin

Homelab Projects

• Production-Grade Kubernetes Infrastructure: Designed and maintain a highly available Kubernetes environment with four-node control-plane redundancy, GitOps-driven infrastructure-as-code, distributed storage, and automated certificate and secret management — forming the foundation for secure AI and automation workloads.

• Observability and Data Pipeline Stack: Built an integrated LGTM observability stack with automated telemetry ingestion, aggregation, and long-term retention. Developed unified dashboards that surface infrastructure, application, and model performance metrics for real-time analytics and anomaly detection.

• AI Gateway and Security Automation Framework: Developed a scalable LLM gateway supporting 100+ model providers with unified API access, Model Context Protocol (MCP) integration for Kubernetes and security tooling automation, multi-agent orchestration, and guardrail validation enforcing content and output security. Implemented analytics tracking to measure operational efficiency and model utilization trends.