• Built an end-to-end risk detection pipeline over 30-day programmatic ad logs to identify potentially manipulative MFA sites, validating BigQuery joins, aggregating events to the hostname level, and combining behavioral signals with website embeddings for scalable failure detection

• Labeled 50k+ hostnames with a high-value-device heuristic, engineered burstiness and session features, and used statistical tests to isolate robust indicators of suspicious traffic behavior and reduce noise in downstream risk scoring

• Trained an interpretable XGBoost classifier achieving ROC-AUC 0.81, then used SHAP and threshold calibration to convert model outputs into analyst-facing triage decisions for scalable risk review and mitigation prioritization

• Investigated retrieval-grounding tradeoffs in an AWS Bedrock RAG pipeline, benchmarking Faiss and pgvector while improving Lambda-based context injection, reducing hallucination by 35 points and improving factual pass@1 by 40 points over 200k queries

• Developed a controlled multi-task research environment to study transferable skill acquisition, using Feynman-Kac inspired trajectory steering to shape policy behavior and benchmarking against multi-task training, reward shaping, and goal-conditioned control baselines to evaluate zero-shot generalization under held-out task families and controlled distribution shift

• Assessed credential-security exposure using Hashcat to measure exploitability of legacy password storage, identified MD5 usage, and supported migration toward stronger hashing schemes such as bcrypt and Argon2, reducing estimated security risk by about 40%

• Framed findings in terms of control-failure probability and remediation impact, prioritizing fixes by expected loss reduction and translating security analysis into an actionable risk-reduction roadmap