Cybersecurity Professional · Calgary, AB

Andre Seguin

Detection as code. AI-accelerated. Built to scale.

CISSP CCNP LFCSA Security+ PCCSA

Profile

Built security from scratch.
Scaled it globally.

10+ Years in field
0→1 Startup to scale
AI Native workflow
D&R Detection & response

I build security infrastructure from scratch and scale it — detection pipelines, data lakes, IaC-driven controls, and the tooling that ties it all together. My background starts at the network layer (PKI, AAA, zero trust) and runs all the way up through cloud, container, and identity — rare depth that shows up in architecture decisions and incident response. I write production-quality code, ship with AI-assisted tooling (Claude Code, GitHub Copilot, Cursor), and operate at the speed engineers expect from a peer, not an audit function.

Stack & Domain

What's in the toolkit.

AI & Developer Tooling
Claude Code GitHub Copilot Cursor Python Bash PowerShell REST APIs SOAR
Cloud & Infrastructure
AWS Azure GCP Terraform Kubernetes Docker GitLab CI/CD GitHub Actions Ansible
Security & Detection
Detection as Code Databricks KQL Splunk Datadog Microsoft Defender Entra ID Threat Modeling Threat Hunting Incident Response Zero Trust PKI / TLS SIEM / XDR

Experience

What I've built
and where.

01
Detection-as-Code Pipeline Detections versioned in Git, CI-tested, and auto-deployed across cloud, identity, endpoint, and network telemetry. Zero manual deploy steps.
02
Security Data Lake — Databricks at Scale Architected and operates a high-volume telemetry pipeline: ingestion, normalization, and enrichment from AWS, Azure, GCP, endpoints, and network into Databricks for threat hunting and long-term analytics.
03
AI-Accelerated Engineering Claude Code, GitHub Copilot, and Cursor are daily dev tools — shipping automation, detections, and tooling at the pace engineering teams expect. AI isn't a curiosity; it's in the workflow.
04
IaC & Policy-as-Code Terraform-driven security control deployment through GitLab and GitHub CI/CD. Consistent policy enforcement across AWS, Azure, and GCP — no snowflakes.
05
Threat Modeling & Secure Architecture Security design reviews embedded in the engineering lifecycle. Risk-based remediation with engineering partners — not handed down from above.
06
High-Severity Incident Response End-to-end IR ownership across distributed cloud environments — scoping, containment, remediation, and executive briefing. Keeps leadership and legal in the loop without putting the room to sleep.
07
0→1 in High-Growth Tech Built security infrastructure where none existed, inside fast-moving startup environments — then scaled it as the org grew. Comfortable with ambiguity, greenfield problems, and moving at product speed.
08
Network-Layer Foundations Enterprise AAA, NAC, RADIUS/TACACS, PKI, and TLS at critical infrastructure scale. Network internals fluency is rare in cloud-first security roles — it shows up in zero-trust architecture and incident scoping.

Environments

High-Growth Tech Cloud-Native Startups Critical Infrastructure Distributed & Remote-First

Contact

Have a hard problem?
Let's talk.

Calgary, AB · Available remotely.

acseguin@hotmail.com