Cybersecurity · AI Security · Builder

Muhammed
Kilic

I attack systems for a living — and build AI tools to make defenders faster than the attackers. 8 years across threat intelligence, offensive security, cloud engineering, and Fortune 500 advisory.

View Projects Download Resume
8
Years in Security
F500
Clients Advised
5
AI Projects Building
CISSP
Sep 2026
Industries secured
Financial
Services
Insurance
Energy
Telecom
Aerospace
Healthcare
Government
Technology
About

The practitioner
who builds.

Most security consultants assess controls and write reports. I do that too — but I also build the tools to fix what I find. At PwC, I lead cybersecurity risk assessments for Fortune 500 companies across financial services, energy, aerospace, and telecom, advising CISOs on cloud security architecture and regulatory compliance across NIST, ISO 27001, and IEC 62443.

Before advisory work, I spent years on the offensive side — penetration testing at Intel Corporation, threat intelligence research at CYR3CON tracking adversary TTPs on the deep web, and hands-on red team lab work that continues today. That background means I assess controls as an attacker, not just an auditor.

Right now I'm building AI-native security tools — including PromptWatch, an LLM red-teaming framework that simultaneously attacks Claude, GPT-4o, and Gemini to surface model vulnerabilities before adversaries do. The goal: close the gap between finding security problems and actually solving them.

Currently
Cyber Defense & Engineering Consultant at PwC · Phoenix, AZ
Building AI-native security tools · CISSP candidate (Sep 2026)
Education
B.S. Computer Science
Arizona State University — Ira A. Fulton Schools of Engineering
RSA Conference Security Scholar · Medallion Scholar
Certifications
CISSP — exam Sep 19, 2026
Microsoft Azure Fundamentals AZ-900
Oracle Cloud Infrastructure Foundations
AWS Solutions Architect Associate (renewing)
RSA Conference Security Scholar 2018
Areas of Focus
AI Security · LLM Red-Teaming · Cloud Security (AWS/Azure) · Cybersecurity Risk Advisory · NIST / ISO 27001 / IEC 62443 · Threat Intelligence · Penetration Testing · Security Architecture
Projects

Tools I've built.
All open source.

In Development
PromptWatch
LLM red-teaming framework that fires adversarial prompts at Claude, GPT-4o, and Gemini simultaneously. A Claude judge model evaluates each response for manipulation severity, maps findings to OWASP LLM Top 10, and generates pentest-style reports.
Claude API GPT-4o Gemini Python Flask OWASP LLM
View on GitHub
In Development
ThreatNarrator
Multi-model threat intelligence briefing generator. Pulls from CISA KEV, NVD CVE API, and AlienVault OTX. Claude writes the CISO-level brief; Gemini writes the technical analyst version. Same threat data, two audiences, side by side.
Claude API Gemini API CISA KEV NVD API Python
View on GitHub
Coming Soon
SentinelMind
AI-powered SIEM alert triage engine. Ingests raw GuardDuty and CloudTrail alerts, maps each to MITRE ATT&CK using Claude, detects multi-step attack chains across correlated events, and surfaces analyst-quality reasoning for each verdict.
Claude API AWS GuardDuty MITRE ATT&CK Python
Experience

Where I've operated.

PwC Jul 2022 — Present
Phoenix, AZ
Cyber Defense & Engineering Consultant
PricewaterhouseCoopers
Lead cybersecurity risk and control assessments for Fortune 500 clients across financial services, insurance, energy, telecom, and aerospace. Advise CISOs on cloud security posture (AWS CSPM), regulatory compliance (NIST CSF, NIST 800-53, ISO 27001, NYDFS Part 500, IEC 62443), and remediation strategy. Conduct high-risk protocol analysis and access governance reviews.
CYR3CON / CSW Feb 2017 — May 2022
Tempe, AZ
Cybersecurity Engineer
Cyber Security Works
Infrastructure and product security assessments, internal penetration testing, and configuration audits. Conducted deep web and dark web threat intelligence research, tracking adversary TTPs and emerging malware. Secured AWS and on-premise infrastructure; developed identity lifecycle management procedures.
Intel Corporation May — Aug 2019
Chandler, AZ
Penetration Testing Intern
Intel Corporation
Researched BIOS/UEFI security and performed vulnerability assessments on Intel system components. Discovered vulnerabilities in military-grade system firmware using Intel's internal penetration testing framework. Studied Intel Architecture internals and hardware-level attack surfaces.
Skills

Technical depth.

Advisory & Risk
Risk Assessment & Gap Analysis
NIST CSF / NIST 800-53
ISO 27001 / IEC 62443
NYDFS Part 500
Executive / CISO Reporting
Cloud & Engineering
AWS Security (IAM, GuardDuty, CSPM)
Azure Fundamentals
Network Security & IAM
Python / Bash Scripting
Penetration Testing
AI Security
OWASP LLM Top 10
Prompt Injection & Jailbreaks
Multi-model API (Claude/GPT/Gemini)
LLM Red-Teaming Methodology
AI Threat Modeling
Contact

Let's work
on something
that matters.

I'm currently open to senior cybersecurity roles — particularly in AI security, cloud security engineering, and security program leadership. If you're building something interesting or want to talk security, reach out.

Send an Email
Email mskilic98@gmail.com
in
LinkedIn linkedin.com/in/mkilic
GitHub github.com/mkilic
Resume Download PDF