A senior engineering and security team, available for contract.
Qasten is a two-person consulting team combining deep engineering expertise (ex-AWS, ex-Uber) and offensive security (ex-OpenAI). We work remotely with technical teams on problems that require genuine seniority. We take on missions independently or together, depending on what the problem requires.
Meet the team
Engineering
I spent 3+ years at Amazon (AWS) building internal developer tooling with hard performance constraints, cutting graph loading times by 25x, pipeline execution times by 60x. During that time I also worked on AI-powered agents for large-scale mainframe modernization, automating code transformation and testing across COBOL-to-Java migrations.
Before that, I worked on reliability infrastructure at Uber, where I led failover monitoring and reduced failover time from 15 minutes to 2 minutes.
I work best on hard, ambiguous problems, slow systems, infrastructure that hasn't kept up with growth, codebases with years of technical debt. I'm autonomous, I communicate directly with stakeholders, and I don't need oversight on the engineering or infrastructure side.
- Amazon (AWS) - Software Engineer - 2022-2026
- Uber - Software Engineer - 2021
- Rank 2 - Raise Your Hack 2025
What I work on
-
Backend Engineering & Performance
Distributed services, high-throughput APIs, latency investigations, profiling. I've optimized systems processing millions of nodes and built reliability infrastructure at Uber's scale.
-
AWS & Cloud Infrastructure
Architecture reviews, infrastructure as code, security, observability and monitoring. I'm comfortable owning the full infrastructure layer, from design to production.
-
Agentic AI
Design and implementation of AI agents and multi-agent systems, task automation, LLM orchestration, tool use, and human-in-the-loop workflows. Built AI agents in production at AWS scale for large modernization programs.
-
Developer Tooling & Platform
Internal tooling, build systems, CI/CD pipelines at scale, developer experience. At AWS, the CI/CD system I built was used 10,000+ times by 50+ developers across teams.
-
End-to-End Ownership
I can own features end-to-end when the mission calls for it, from infrastructure to UI, without creating handoff bottlenecks.
Security
What I work on
-
Red Teaming & Adversarial Testing
Adversarial simulation, prompt injection, policy bypass, including AI system red teaming. Acknowledged in OpenAI's Operator System Card (2025).
-
Penetration Testing
Web applications, network infrastructure, Active Directory, banking and government-grade environments. 140+ pentests conducted.
-
Security Architecture
Secure-by-design architecture reviews, DevSecOps pipeline integration (SAST, dependency scanning), security posture assessment.
-
AI Security Evaluation
Safety evaluation of LLMs and AI systems pre-release. Identifying vulnerabilities in model APIs, image generation, and operator systems.
- Red Teaming
- Penetration Testing
- Active Directory
- OSINT
- Prompt Injection
- AI Safety
- DevSecOps
- SAST
- Bug Bounty
- Network Security
- Web App Security
- Python
- Golang
- Reverse Engineering
I'm a security engineer with a focus on offensive security, red teaming, penetration testing, and adversarial evaluation. I've conducted 140+ pentests across banking systems, government infrastructure (including 911 emergency services), and enterprise networks.
As a contractor for OpenAI, I contributed to the safety evaluation of 20+ pre-release frontier models and was acknowledged in their Operator System Card (2025). I currently also serve as Security Engineer at Accor, managing their bug bounty program and securing critical payment and reservation infrastructure.
- OpenAI - Red Teamer (contractor) - 2024-2026
- Accor SA - Security Engineer - 2022-2026
- Rank 2 - Raise Your Hack 2025
- Top 600 worldwide - Hack The Box