Background
Operator first. A decade in the defense sector — reconnaissance, protective and counterterrorism operations, command in airborne and special structures; left as a major. Accountable for people, decisions, and outcomes where a mistake had a real cost.
Second background — technical. Warsaw School of Computer Science: engineering degree in IT, thesis on MITRE ATT&CK and the Cyber Kill Chain in AD attack analysis. Collegium Civitas: postgraduate studies in terrorism and hybrid threats.
Now
Offensive security — independent practice. Penetration testing and red team: web, infrastructure, social engineering, OSINT, multi-vector scenarios. The last years of service ran on the cyber track — threat and adversary analysis, campaign and TTP identification (including APT groups), OSINT attribution, hardening, inter-agency reporting.
The specialization I'm building hardest right now: AI systems security — red teaming agentic systems, tool chains, and the organizational processes around them. Agents, LLMs, integrations and delegated permissions form a new attack surface most organizations are only starting to model.
The second lane is OSINT and OPSEC — the same skills pointed two ways. Investigative attribution and due diligence on one side; privacy and footprint hardening for executives and at-risk people on the other. Drone-assisted recon where online OSINT needs ground truth. Investigative work runs under contract and NDA, licensed under Polish detective-services law. Full practice → /osint .
Certs: OSCP, eWPTX, BSCP, BTL1, C-AI/MLPen, AIRTP+ → OSAI → OSWE → OSCE³ . Full log on /path .