Ryan Niemes

Lead Security Engineer & AI Consultant
Cincinnati, OH · github.com/niemesrw · ryanniemes.com
Summary

Security engineering leader with 25+ years of experience spanning network security, cloud infrastructure, and applied AI. Currently focused on the intersection of AI adoption and cybersecurity — building LLM-augmented detection systems, deploying AI tools securely at scale, and enabling teams to use AI effectively. Background includes Cisco, Northrop Grumman (DoD), Illumina, and Helix.

AI Security LLM Infrastructure Detection Engineering MCP Servers AWS Claude Code Python TypeScript Go Swift Flutter
Experience
Helix
2015 — Present
Lead Security Engineer · Cincinnati, OH
  • Lead security engineering for a ~250-person organization, managing AWS microservices, CI/CD pipelines, and security tooling
  • Built AI-augmented security detection systems using AWS Security Lake, GuardDuty, CloudTrail, Azure AD, Duo, Google Workspace, and Netskope
  • Deployed and manage LiteLLM proxy for organization-wide LLM access with model routing, cost controls, and usage monitoring
  • Built internal AI tools for non-technical staff including a macOS SwiftUI chat app with Duo SSO integration
  • Designed detection-as-code pipelines using Sigma rules over AWS Security Lake with Athena
  • Manage Semgrep and CircleCI for DevSecOps across engineering teams
  • Created Claude Code skills and MCP servers to automate security workflows
Illumina
2010 — 2015
Manager, Networking & Information Security → Sr Staff InfoSec Analyst · San Diego, CA
  • Managed a team of 10 responsible for global network design and security operations
  • Deployed and maintained Splunk and Splunk App for Enterprise Security
  • Led information security architecture and third-party security evaluations
  • Evaluated next-generation networking technologies (ACI, NSX, OpenFlow)
  • Deployed internal PKI with SafeNET HSMs and MS ADCS infrastructure
Cisco Systems
2006 — 2009
Network Consulting Engineer · San Diego, CA
  • Post-sales engineering support for military customers including tactical satellite and wireless systems
  • High-level engineering support for the 400,000-seat NMCI network
  • Troubleshot complex routing and switching issues across DoD infrastructure
Northrop Grumman
2004 — 2006
Sr. Network Security Engineer · Heidelberg, Germany
  • Security team lead for US Army network infrastructure across European theater
  • 24x7 support of classified and unclassified networks including routers, firewalls, and IPS
  • Installed Army security stacks for border connectivity using Nokia firewalls, Cisco 6500, and McAfee IPS
  • Incident response directed by military intelligence agencies
Fifth Third Bank
2003 — 2004
Sr. Network Security Engineer · Cincinnati, OH
  • Production firewall management for banking environment (Check Point on Nokia)
  • VISA CISP/PCI compliant infrastructure for Verified by Visa
  • Compliance with HIPAA, GLBA, and SOX with federal auditors
SkyTel / WorldCom
1998 — 2003
Sr. Network Engineer · Jackson, MS
  • Engineered RADIUS-based AAA authentication systems and global server load balancing
  • UNIX server administration, SAN infrastructure, and network optimization
Consulting — blanxlait, LLC
blanxlait, LLC
Present
Founder · AI & Security Consulting
  • Security + AI integration consulting for organizations adopting LLMs and AI agents
  • AI infrastructure design: LiteLLM proxy, MCP servers, Claude Code customization
  • Team enablement and training programs for AI adoption
  • iOS (Swift) and Flutter application development
Selected Open Source
SERAPHAutonomous security monitoring hackerbot-claw-scannerCI/CD security scanner duocliDuo Security CLI + MCP server pantry-agentKroger API MCP Server workspace-security-platformGoogle Workspace behavioral analysis argus-scannerNetwork security scanner
Certifications & Education
CCIE #7966
Cisco · 2001 · Emeritus
CCDE #20090006
Cisco · 2009
CISSP #357429
ISC² · 2010
GCFE
SANS/GIAC · 2012
DoD Top Secret
Clearance · 2007
B.S. Computer Info Systems
University of Dayton · 1998