hi, i'm -

Prince.

I build AI-native systems for security, automation, and trust.

I'm Prince Sinha, an engineering leader and product builder working across AI agents, cybersecurity, SecOps, cloud infrastructure, and high-scale data systems — mostly the parts where products become technically inconvenient.

Lately that means AI-assisted investigations, autonomous alert triage, threat-intelligence research systems, workflow orchestration, internal developer platforms, and the quiet infrastructure work that lets all of it run in production without becoming theatre.

← this one's a polite way of saying
"the model is not the whole product"
§ chapter one

what I build, when the problem gets real.

The recurring theme is practical AI: systems that understand context, use tools, follow approvals, integrate with the messy enterprise world, and leave enough traces that humans can still trust them.

one.

AI systems that do real work.

Agents and copilots that connect to tools, retrieve the right context, route through workflows, ask before they act, and produce outputs another system can actually use.

agentic workflowsRAGHITLtool-calling
two.

AI-native SecOps platforms.

Threat intelligence, alert enrichment, autonomous investigation, case context, SOC copilots, and workflow automation. The point is to reduce analyst fatigue without pretending judgment can be skipped.

SOCthreat intelcase managementcopilots
three.

Platforms engineers trust under load.

Kubernetes, GitOps, Devtron, IAM, observability, deployment workflows, resource planning, and internal tools that make the safe path also the fast path.

k8sArgo CDDevtronobservability
four.

Intelligence systems at uncomfortable scale.

Search, enrichment, ClickHouse analytics, Elasticsearch, object storage, queues, streaming pipelines, and data models that turn noisy signals into something operationally useful.

GoClickHouseElasticsearchobject storage
✦ ✦ ✦
§ chapter two

the work, annotated.

Project names are anonymized — titles below are field-note style, not marketing-deck style. Ask me about any of them. (no, really, ask)

Cyble
a longer one ⤵

Scaling AI, security, and platform engineering at Cyble.

At Cyble, I have worked across AI innovation, cybersecurity product engineering, SecOps workflows, threat intelligence systems, and cloud-native platform modernization. The work sits across multiple layers: analyst UX, AI orchestration, backend services, security data, infrastructure reliability, and the engineering systems that help teams ship.

↬ the climb at Cyble -
Senior Software Engineer Jul 2021
Engineering Manager Aug 2022
Director of Engineering Apr 2024
Senior Director, Innovations May 2025 - present
0→1new cybersecurity products and internal platforms
5m → 200msAPI response improvement on platform work
140+apps dockerized and moved toward Kubernetes
40%infrastructure cost reduction on platform optimization
01 · AI-native SecOps

Autonomous investigation, human supervised.

Contributed to AI-assisted security workflows for alert triage, enrichment, investigation, summarization, and analyst productivity, with human judgment kept in the loop.

02 · Blaze AI

Multi-agent SOC systems, built for operators.

Worked on agentic workflows that combine intelligence retrieval, enrichment, reasoning, traceability, guardrails, and quality checks for security operations.

03 · Threat intelligence

Noise → profiles.

Worked on systems that turn raw cyber data into structured intelligence: threat actors, malware families, breach data, exposures, cybercrime activity, search, filtering, and profile generation.

04 · SOC automation

Triage that respects analysts' time.

Alert prioritization, enrichment, evidence collection, related-signal grouping, investigation history, and playbook-style workflows for the repetitive work around security alerts.

05 · Cloud-native

From manual deploys → GitOps.

Dockerized services, Kubernetes deployments, Devtron and Argo CD workflows, environment standardization, release visibility, rollback patterns, and more disciplined delivery.

06 · Developer platform

Internal tooling, used voluntarily.

Built and improved deployment workflows, IAM and access services, CI/CD automation, shared backend patterns, dashboards, logs, and operational visibility for engineering teams.

07 · Architecture

Ambiguous ideas → milestones.

Converted large product goals into technical plans, milestones, and deliverable slices while mentoring engineers and improving code review, automation, and release discipline.

08 · AI in production

Prototypes that survive Tuesday.

Worked on LLM-backed services, retrieval pipelines, model-backed APIs, prompt and workflow design, observability, latency, security boundaries, and human review loops.

09 · Cost & scale

Reliability without surprise bills.

Improved scaling, observability, resource planning, infrastructure standardization, and cost efficiency, including resume-backed infrastructure savings work.

Postman
↗ before that -

An API-first year at Postman.

Before Cyble, I spent a year at Postman working on Artemis — the web application — on Mock Servers, the OpenAPI design editor, and the real-time events plumbing the rest of the app depends on. The job, honestly described: ship the small pieces that make the everyday work of API designers a little less painful, and lead API-first as a real practice inside the team.

01 · Mock Servers

The plumbing API designers depend on.

Shipped Mock Server features on Artemis — real-time events for tabs and sidebar, real-time call logs, "move mock server to workspaces." Small features, big daily rituals.

02 · API design editor

Validation rulesets for OpenAPI.

Added feature/rulesets validation to Postman's OpenAPI design editor — closer to schema-as-source-of-truth than schema-as-afterthought.

03 · GitHub sync

100ms shaved off schema sync.

Cut API schema sync latency to GitHub by 100ms. A small number that compounds across thousands of pushes, across thousands of users.

04 · API-first practice

Led API-first as a habit.

Drove API-first design adoption inside my team — contracts before code, contracts as the contract. The reason I still believe in API-first today.

§ chapter three

things I've come to believe about building.

i.

The future of cybersecurity is not more dashboards. It is intelligent operational systems.

ii.

The interesting AI problem is almost never the model. It's the boundary around the model.

iii.

AI should augment human decision-making, not replace operational understanding.

iv.

Approvals, audit logs, and undo aren't UX features — they're what makes automation usable in the real world.

v.

Security platforms should reduce complexity, not move it into a prettier interface.

vi.

Automation without observability is dangerous. So is AI without a way to inspect what happened.

vii.

If your platform requires a Slack message to ship code, your platform isn't done.

viii.

Demos are easy. Tuesdays are hard. Build for Tuesday.

← I keep
this one
on my wall
("agents" included)
✦ ✦
§ chapter four

the toolkit, pinned to the wall.

Not a logo wall — a board. things that earned their place, mostly in the order they joined the rotation. Hover to straighten.

AI & agents cybersecurity cloud & infra backend & data frontend tools & ops

↑ plus a stack of others not yet pinned.

§ chapter five

lately, I've been thinking about

2026 · 05

Rethinking SecOps as an AI-native platform.

Security operations do not need one more dashboard. They need systems that reason across context, orchestrate workflows, and keep analysts in control.

read note →
2026 · 05

Building deep research systems for cybersecurity.

Search is useful, but the real product is the operational explanation: retrieval, correlation, reasoning, and memory working together.

read note →
2026 · 05

Why infrastructure discipline matters for AI systems.

Production AI is a distributed systems problem: retrieval, queues, workflow tracing, cost, observability, and failure handling all count.

read note →
see all notes