I'm Prince Sinha, an engineering leader and product builder working across AI agents, cybersecurity, SecOps, cloud infrastructure, and high-scale data systems — mostly the parts where products become technically inconvenient.
Lately that means AI-assisted investigations, autonomous alert triage, threat-intelligence research systems, workflow orchestration, internal developer platforms, and the quiet infrastructure work that lets all of it run in production without becoming theatre.
The recurring theme is practical AI: systems that understand context, use tools, follow approvals, integrate with the messy enterprise world, and leave enough traces that humans can still trust them.
Agents and copilots that connect to tools, retrieve the right context, route through workflows, ask before they act, and produce outputs another system can actually use.
Threat intelligence, alert enrichment, autonomous investigation, case context, SOC copilots, and workflow automation. The point is to reduce analyst fatigue without pretending judgment can be skipped.
Kubernetes, GitOps, Devtron, IAM, observability, deployment workflows, resource planning, and internal tools that make the safe path also the fast path.
Search, enrichment, ClickHouse analytics, Elasticsearch, object storage, queues, streaming pipelines, and data models that turn noisy signals into something operationally useful.
Project names are anonymized — titles below are field-note style, not marketing-deck style. Ask me about any of them. (no, really, ask)
A security team asks a question; the system retrieves threat intelligence, enriches indicators, correlates evidence, drafts an investigation brief, recommends next actions, and keeps the analyst in control of what happens next.
At Cyble, I have worked across AI innovation, cybersecurity product engineering, SecOps workflows, threat intelligence systems, and cloud-native platform modernization. The work sits across multiple layers: analyst UX, AI orchestration, backend services, security data, infrastructure reliability, and the engineering systems that help teams ship.
Contributed to AI-assisted security workflows for alert triage, enrichment, investigation, summarization, and analyst productivity, with human judgment kept in the loop.
Worked on agentic workflows that combine intelligence retrieval, enrichment, reasoning, traceability, guardrails, and quality checks for security operations.
Worked on systems that turn raw cyber data into structured intelligence: threat actors, malware families, breach data, exposures, cybercrime activity, search, filtering, and profile generation.
Alert prioritization, enrichment, evidence collection, related-signal grouping, investigation history, and playbook-style workflows for the repetitive work around security alerts.
Dockerized services, Kubernetes deployments, Devtron and Argo CD workflows, environment standardization, release visibility, rollback patterns, and more disciplined delivery.
Built and improved deployment workflows, IAM and access services, CI/CD automation, shared backend patterns, dashboards, logs, and operational visibility for engineering teams.
Converted large product goals into technical plans, milestones, and deliverable slices while mentoring engineers and improving code review, automation, and release discipline.
Worked on LLM-backed services, retrieval pipelines, model-backed APIs, prompt and workflow design, observability, latency, security boundaries, and human review loops.
Improved scaling, observability, resource planning, infrastructure standardization, and cost efficiency, including resume-backed infrastructure savings work.
Before Cyble, I spent a year at Postman working on Artemis — the web application — on Mock Servers, the OpenAPI design editor, and the real-time events plumbing the rest of the app depends on. The job, honestly described: ship the small pieces that make the everyday work of API designers a little less painful, and lead API-first as a real practice inside the team.
Shipped Mock Server features on Artemis — real-time events for tabs and sidebar, real-time call logs, "move mock server to workspaces." Small features, big daily rituals.
Added feature/rulesets validation to Postman's OpenAPI design editor — closer to schema-as-source-of-truth than schema-as-afterthought.
Cut API schema sync latency to GitHub by 100ms. A small number that compounds across thousands of pushes, across thousands of users.
Drove API-first design adoption inside my team — contracts before code, contracts as the contract. The reason I still believe in API-first today.
The future of cybersecurity is not more dashboards. It is intelligent operational systems.
The interesting AI problem is almost never the model. It's the boundary around the model.
AI should augment human decision-making, not replace operational understanding.
Approvals, audit logs, and undo aren't UX features — they're what makes automation usable in the real world.
Security platforms should reduce complexity, not move it into a prettier interface.
Automation without observability is dangerous. So is AI without a way to inspect what happened.
If your platform requires a Slack message to ship code, your platform isn't done.
Demos are easy. Tuesdays are hard. Build for Tuesday.
Not a logo wall — a board. things that earned their place, mostly in the order they joined the rotation. Hover to straighten.
↑ plus a stack of others not yet pinned.
Security operations do not need one more dashboard. They need systems that reason across context, orchestrate workflows, and keep analysts in control.
read note →Search is useful, but the real product is the operational explanation: retrieval, correlation, reasoning, and memory working together.
read note →Production AI is a distributed systems problem: retrieval, queues, workflow tracing, cost, observability, and failure handling all count.
read note →If you read this far, that's flattering. I'm open to a small number of conversations — for collaboration, hiring, advising, or just comparing notes on cyber/AI things. The fastest path is email. I usually reply within a day.
Six questions every cold email asks, answered up front - plus what I'm open to, what to skip, and how to make this easy on both of us.
read the letter