Code should survive contact with reality

Technical Leader · AI Systems · Detection at Scale

I lead small teams building AI-assisted security systems for noisy, adversarial environments. I help analysts, engineers, product teams, and partners turn good ideas into shipped solutions.

See selected work Contact
/ 01 · Selected work

Case studies from systems shipped at scale

A few systems I've built, scaled, and shipped. Examples shown are sanitized; nothing here exposes proprietary data or internal implementation details.

Outcomes from the cases below
~30×
increase in adversarial campaign visibility
65%
faster detection-response resolution
Global
child-safety data leveraged by partner organizations
CASE 01 Threat intelligence Global spamtrap footprint
World map highlighting global spamtrap coverage across multiple regions

Expanding Threat Visibility

Problem

Limited visibility into adversarial email campaigns left detection teams reacting to fragments of the threat landscape.

Solution

Designed and operated an at-scale spamtrap pipeline for threat collection and analysis, turning a sparse signal into a continuous, high-volume stream of campaign telemetry.

~30× increase in campaign visibility
Continuous adversarial telemetry
↑ Top
CASE 02 Gen-AI tooling Closed-loop rule generation
Ticket intake
Gen-AI rule generation
Deterministic validation
Analyst feedback

Accelerating Detection Response

Problem

The support desk needed a way to convert campaign evidence into detection coverage that was fast, repeatable, and didn't escalate every case to engineering.

Solution

Built Gen-AI rule generation with deterministic validation, structured feedback, and dynamic content enrichment. The validation layer kept the model honest and the output production-ready.

Cut resolution time by 65%
Materially decreased escalations
↑ Top
CASE 03 Trust & safety Correlated abuse infrastructure
Network graph visualization of correlated abuse infrastructure

Supporting Global Child Safety

Problem

Online abuse networks rapidly shift infrastructure to evade detection. Static signatures and one-off takedowns can't keep up.

Solution

Telemetry analysis paired with AI-driven detections at scale, surfacing high-confidence signal even as adversaries pivot.

Supporting
National Center for Missing & Exploited Children (NCMEC) INTERPOL Thorn
↑ Top
/ 02 · About

I build security where the stakes are highest

I'm a security engineer and technical leader building AI-driven systems for the messy edge of the internet, where adversaries move quickly, telemetry is noisy, and the cost of being wrong is real.

My work sits at the intersection of large-scale data pipelines, applied machine learning, and operational detection. The interesting part isn't the models. It's turning them into systems actually used by analysts, by support teams, by partner organizations. Not dashboards that look good in a deck.

I lead by shipping. I prefer small, sharp teams and problems that matter. The hard ones tend to be the interesting ones.

Detection
  • Detection engineering
  • Telemetry collection & crawling
  • Infrastructure analysis
  • Attribution at scale
AI & LLM systems
  • Foundation model pipelines
  • Gen-AI w/ deterministic guardrails
  • QR & content deobfuscation
Data & infrastructure
  • Databricks, Spark, MLflow
  • AWS & GCE
  • PostgreSQL
  • Python, Bash, JavaScript, Go
Leadership
  • Cross-functional technical lead
  • Mentoring engineers & analysts
  • Partner & stakeholder alignment
  • Bias toward shipping
/ 03 · Experience & education

Two decades of building systems where reliability isn't optional

From SDR architectures to AI-driven detection pipelines. A working history of shipping at scale.

2019–Present

Cybersecurity AI Researcher

Cisco Talos

  • AI / LLM pipelines
  • Attribution at scale
  • Detection engineering
2014–2019

Principal Engineer

Feather Information Technology, Government Programs

  • Infrastructure emulation
  • Multi-stage attack workflows
  • Rapid-response tooling
2013–2014

Systems Engineering Technical Advisor (SETA)

TASC

  • Tactical SDR architecture
  • ~$20M program
  • Signal processing pipelines
2007–2013

Senior Software Engineer

Lockheed Martin

  • Large-scale deployment
  • Lifecycle automation
2004–2007

Web Developer

State of Oregon

  • Web automation
  • Input validation
2000–2003

Technical Assistant

Dallas School District #2

  • Sysadmin
  • End-user support
Education
  • MS, Cybersecurity Johns Hopkins University
  • BS, Computer Science Oregon State University
When I'm not at a terminal
  • 7 yrs supporting species-survival planning for animals on the IUCN Red List
  • 12 yrs coaching K–8 soccer
  • 9 yrs mentoring middle-school students in my church youth group
  • 3 yrs as a member of Cisco's competitive CTF team; ranked top 3% in the 2026 Global Challenge
/ 04 · Contact

Let's talk.

I'd love to hear what you're working on, especially if it involves adversarial data, large-scale detection, AI-assisted investigation, or production systems that need to hold up under pressure.

Columbia, MD Joel.Callicrate@gmail.com

mailto: +1 240-801-0993
resume.pdf portfolio.pdf