> security engineer

Antonio Karam

Security engineer working on critical vulnerability analysis and security workflow automation.

I work on high-severity triage, risk modeling, remediation review, and AI-assisted tooling for security operations.

View Selected WorkResume.pdfLinkedIn

// About

I'm a security engineer working on vulnerability research, risk assessment, and the tooling that supports security operations. My work includes investigating high-severity reports, reproducing exploit paths, reviewing remediation depth, and helping engineering teams prioritize the issues that are most impactful.

I also build AI-enabled workflows and cloud-native tooling that make analysis faster, more consistent, and easier to scale. My computer engineering background plays a crucial role when working on security issues that span code, systems, and operational context.

B.S. Computer Engineering · University of Notre Dame · Magna Cum Laude

// Selected Work

01

AI-Enabled Security Workflow Automation

Built a security workflow application that moved vulnerability intake and validation toward faster, auditable, AI-assisted review.

  • Developed backend, frontend, infrastructure, CI/CD, and deployment from greenfield build to beta.
  • Designed AI validation and suggestion flows using prompt engineering, few-shot prompting, evaluation, caching, and guardrails.
  • Improved targeted validation accuracy to as high as 98.2%.

React · Node.js · OCI · Jenkins · Docker · Prompt Engineering · Evaluation Pipelines

02

Zero-Day Root Cause Analysis and Remediation Review

Investigated critical vulnerabilities through exploit reproduction, source analysis, and remediation review.

  • Reproduced exploit paths and identified root causes for critical vulnerabilities.
  • Found bypasses and additional vulnerable code paths, then translated technical findings into concrete fix guidance.
  • Helped engineering teams validate remediation depth during high-severity response windows and security alerts.

Vulnerability Research · PoC Development · Source Analysis · Risk Modeling · Remediation Review

03

Rapid Exposure Analysis for Emerging Vulnerabilities

Analyzed newly disclosed critical vulnerabilities and connected public exploit intelligence to internal exposure and remediation decisions.

  • Studied exploit activity, mitigation guidance, and technical root cause for fast-moving vulnerabilities.
  • Built and validated PoCs and produced exposure assessments used to guide response decisions.
  • Worked across threat intelligence, technical analysis, and remediation.

Exposure Analysis · Threat Intelligence · IoCs · PoC Development · Triage

04

Security Risk Reporting and Prioritization

Built and improved reporting workflows that surfaced high-priority vulnerabilities and supported risk-based decision making.

  • Created reporting views and metrics for vulnerability exposure, prioritization, and execution status.
  • Reduced churn during bug surges by consolidating findings and clarifying risk-based priorities.
  • Helped keep security tooling reliable through code review, troubleshooting, and operational fixes.

Reporting · Prioritization · Security Metrics · Code Review · Workflow Design

// Public Projects

FreeCell Reverse Engineered AI Agent

Reverse engineered Windows XP FreeCell using static and dynamic analysis. Implemented AI search algorithms to find an optimal win strategy.

LLM Cybersecurity Knowledge Evaluation

Evaluated cybersecurity knowledge of LLMs against questions from CompTIA Security+, CISSP, and OSCP.

Encryption Utility

Implemented RSA, El Gamal, Elliptic Curve, and CKKS cryptographic schemes using GMP and HEAAN in C.

// Skills

Security Analysis

Vulnerability AssessmentExploit ReproductionRoot Cause AnalysisRemediation ReviewRisk ModelingExposure AnalysisCVSS

Security Tooling

PythonJavaScriptTypeScriptNode.jsReactJavaREST APIs

Cloud & Delivery

OCIDockerJenkinsCI/CDAnsibleLoad BalancersMonitoringLogging

AI for Security Operations

Prompt EngineeringFew-shot PromptingEvaluation PipelinesRAGWorkflow AutomationGuardrails

Research & Systems

Source Code AnalysisStatic AnalysisDynamic AnalysisNetworkingReverse Engineering

// Archive

[ + ]

Earlier academic and personal work.

Beating the Bookmakers

Ensemble voting binary classifier (Random Forest, Gradient Boosting, Neural Networks) predicting NFL game winners. 0.831 F1 / 0.884 AUC.

NavigAIte

AI-powered itinerary planner using LLMs for dynamic travel plans with real-time bookings, mapping, and calendar sync.

Linear Feedback Shift Register Chip

8-bit LFSR chip in Verilog. Won the Google-sponsored eFabless GF180nm shuttle. Passed Multi-Project Wafer and Tapeout tests.

Semiconductor Diode Laser Research

Multi-input parallel test-bed software with GUI for semiconductor laser data acquisition and long-term parameter tracking in Python.

Dunne Hall Website

Built, deployed, and managed dunnehall.com.

Music & Happiness

Spotify user trends correlated with happiness index, education, and GDP by country over time.

Storage Finder

Tool for researchers to identify appropriate data storage given visibility, scale, and compliance constraints.

Peer to Peer File Sharing

Server/client programs for peer-to-peer data exchange using fundamental networking principles.

Multithreaded HTTP Client/Server

Parallel HTTP client and Pub/Sub server with channels in Python, Bash, and C/C++.

Operating Systems Fundamentals

Process Scheduler (FIFO, Round Robin), Heap Management (malloc, calloc), and File System (Unix) in C/C++.

// Contact

For work inquiries, collaboration, or interesting security problems, feel free to reach out.

emailantonio.c.karam@gmail.com linkedin/in/antonio-karam github@AntonioKaram