Staff Security Engineer · Cloud, Identity & AI-Enabled Security Platforms

Adnan Koroth

I build internal security platforms where commercial tools are costly, fragmented, or miss the risk that is specific to the company. End to end: the problem, the architecture, the implementation, and the operational feedback loop once it is in production.

Most recently at Pintu, a regulated Indonesian fintech supervised under OJK. Cloud posture, multi-cloud IAM attack-path analysis, secrets governance, and AI-enabled detection — across AWS and GCP, run by a small team. AI is used as a force multiplier, kept under deterministic classification, confidence thresholds, and human review.

Selected systems

01 Cerberos A four-scanner cloud-posture suite, one scanner per attack surface. 4 services · AWS + Kubernetes · OpenSearch + ticketing 02 IAMGuru Multi-cloud IAM analysis: privilege-escalation paths, blast radius, cross-cloud trust. AWS + GCP · attack-path engine · ~$8/month to run 03 Pentagon A unified findings warehouse with bounded AI agents for triage and compliance. 6+ scanners · one taxonomy · agents under human review 04 Watchman AI-enriched SOC: raw EDR/WAF alerts become attributed, actionable assessments — with a human in the thread. real-time · Claude · confidence-gated, human-reviewed 05 JIT Access Slack-native just-in-time AWS access — request, approve in-channel, bounded session, auto-revoked at expiry. ECS + DynamoDB · Slack Socket Mode · no standing elevation

Each write-up covers the problem, the design, the decisions and their trade-offs, what it cost to run, and what I would change. Architecture and reasoning only — no internal identifiers, by deliberate policy.

There is also a short note on how I decide what to build versus buy, and a CV.

Status

Open to: Senior / Staff / Lead Security Engineer · Cloud Security Architect · AI Security Engineer.