Welcome to my online portfolio.

Listed below are details about myself, including my personal projects.

Hero Imgs
About

Elijah Winter

Experienced Cyber Security Specialist in both the public and private sectors. I spend my time engineering, mentoring and consulting on identity and access management, cloud infrastructure, AI security and all things data related (engineering, analytics, security).

Skills

img

Hardware

  • HP
  • Dell
  • Apple
  • Lenovo

img

Operating Systems & Cloud Environments

  • AWS
  • GCP
  • Azure
  • Linux
  • Docker
  • OSX
  • Windows

img

Programming Languages

  • C
  • CSS
  • Java
  • HTML
  • Python
  • Javascript

img

Machine Learning

  • NLP (Topic Modeling)
  • Sentiment Analysis
  • Large Language Models (LLMs)

img

Software

  • FTK
  • NMap
  • Kibana
  • Encase
  • Ansible
  • VMWare
  • Wireshark
  • Metasploit
  • Aircrack-ng
  • Spark
  • ELK

img

Databases

  • SQL
  • ElasticSearch
  • PostgreSQL

img

Networking

  • VPNs
  • DHCP
  • VLANs
  • Routing
  • Subnetting
  • Switching
  • IP Addressing

img

Standards

  • FISMA
  • NIST 800
  • CIS 20 Controls
  • MITRE Attack Framework

My Personal Projects

Personal projects that I work on during my free time.

To see my full list of open source projects, visit thewintershadow.com.

img

Lock-And-Key

Multi-cloud security scanner that analyzes IAM and resource-based policies across AWS, Azure, and GCP, reporting potential access control issues and trust boundary crossings.

View Project
View Source Code
img

HorizonSec

Modular security suite consisting of GAIA, DEMETER, HADES, and ARTEMIS components covering a broad range of security engineering use cases.

View Project
View Source Code
img

Thought Smith

AI-powered journaling app that transforms journaling into an interactive experience. Supports OpenAI, Google Gemini, and Anthropic Claude with voice capabilities and Markdown export. Built natively for Android (Kotlin/Jetpack Compose) and iOS (Swift/SwiftUI).

View Project
View Source Code
img

Ghost Brain

Real-time voice AI virtual assistant for note-taking and idea development, enabling hands-free capture and organization of thoughts.

View Project
View Source Code
img

Obsidian Palace

MCP server that enables AI clients like Claude to access and interact with an Obsidian vault for reading, writing, and searching notes.

View Project
View Source Code
img

Owl-Watch

AWS-native ETL pipeline leveraging Glue and Bedrock for automated data curation and processing at scale.

View Project
View Source Code
img

The Data Packet

Automated pipeline that transforms tech news into podcast episodes, keeping up with the latest in technology through audio content.

View Project
View Source Code
img

Thoth

Semantic documentation search tool using vector embeddings to enable intelligent, context-aware search across documentation sets.

View Project
View Source Code
img

Whomping Willow

LDA topic modeling package for performing natural language processing and topic discovery on large text datasets such as the Enron email corpus.

View Project
View Source Code
img

Hogwarts

Personal dashboard that aggregates weather, news, IP data, and home network services into a single self-hosted landing page.

View Project
View Source Code

Experience

Senior Security Engineer


  • Worked with developer teams to use ABAC + FGAC for authorization
  • Advised healthcare businesses on ways to enhance security and privacy
  • Created tool to manage and visualize an application’s security posture at scale
  • Created tool to standardize security and privacy detections
  • Worked with application security teams to review new products to ensure secure launches
  • Spoke with customers to advise them on the security of their products and companies
  • Worked with Vulnerability Management Team to overhaul Security Campaign Management
  • Created security profiling tool to monitor and risk rank business applications
  • Created Security Analytics Data Lake, orchestrating large-scale analytics jobs and customer platform
  • Assisting in creating 5 Year Data Governance Strategy
  • Ran Engineering Bootcamps for junior engineers to expand their skillset
  • Created compliance, regulatory and investigations platform for auditors and investigators
  • Created security and compliance detection platform

Senior AI Security Engineer


  • Assisted in creating Amazon’s AI Security Org
  • Created standards and guidance for AI Security across Amazon
  • Created builder guidance on how to develop AI securely
  • Assisted in creating tooling to automate security of AI
  • Created metrics framework and automation to monitor security of developed AI systems
  • Consulted on Application Security issues across the company
  • Worked with VPs and CISOs to ensure AI Security Bar is met on internally developed software
  • Completed Secure Design Reviews for developed systems with Software Development Engineers
  • Created data discovery and classification tool
  • Applied Cyber Security best practices to systems

Insider Threat Security Engineer


  • Built foundation for investigations team:
  • Methodology
  • Scope Definition
  • Policy Creatio
  • SOPs
  • Investigated insider threat issues from machine and human reported events
  • Created new insider threat detections
  • Created automated response workflows
  • Created automated communicate bots to gather information
  • Created Risk Scoring Tool

Cyber Security Specialist


  • Researched APTs and IOCs, creating a correlation database
  • Worked in automating tasks to improve work efficiency
  • Created new workflows for data analytics
  • Coordinated efforts with other offices
  • Worked on Data Science projects
  • Was a Systems Administrator on several networks
  • Applied Cyber Security best practices to systems

Digital Forensics Engineer Intern


  • Researched new file formats, mobile devices and storage devices
  • Assisted with scientific research, collection, processing, analyzing and presented findings in support of vulnerability mitigation, data recovery, and assessing and identifying malicious behaviors within digital datasets
  • Wrote scripts/code to help develop new information recovery techniques and threat identification methods

E-Discovery and Digital Forensics Intern


  • Prepped assets for imaging
  • Preserved data from assets and documented Chain of Custody
  • Updated Licenses
  • Imaged computers for internal use