Designs done whilst working at IBM Security
Some of these are confidential and hence only limited visuals will be provided. Contact for more details.
IBM Security Connections Customs Connector
Problem:
The platform lacked a scalable UI for creating custom connectors, forcing customers to rely on limited prebuilt integrations. This prevented teams from ingesting specialized data sources critical to their security and observability workflows, creating friction, workarounds, and operational risk.
Approach and Scope:
I led the design of an end-to-end custom connectors experience, partnering closely with engineering and product to define workflows that balanced flexibility, error resilience, and enterprise usability.
Rather than focusing on surface-level UI, I prioritized:
Clear mental models for adding and configuring connectors
Actionable error feedback and recovery paths
Transparency into system behavior during failures
Design decisions were validated through iterative research with users and stakeholders.
Original As-is
To-Be end design
Impact:
Delivered the first platform-level UI for custom connectors, enabling customers to integrate specialized data directly into the system.
Improved three critical workflow areas: connector setup, error troubleshooting, and log visibility.
Achieved a 100% task completion rate in moderated testing, with consistent positive feedback from 7+ users and stakeholders via Respondent.
Iterated designs continuously based on real user feedback to reduce ambiguity and increase confidence in error states.
User & Stakeholder Validation:
“If anything goes wrong, just being able to pull logs by that button is very nice. It’s very helpful.”
— Security Operator (User Research)
“In Datadog, there’s no feedback or explanation. It’s good that we have the reason in this design.”
— Security Operator (User Research)
“Your leadership on our UCP workflow-related squads has not gone unnoticed… You directly contribute to the success of our team by using critical thinking, keeping users in mind, and leveraging strong stakeholder relationships.”
— JP, Connections Team Lead
IBM Security Data Explorer
Simplified Threat hunting experience for analysts
Led the redesign of the MSS threat-hunting experience, delivering support for 10 core hunt commands and significantly lowering the barrier for SOC analysts to investigate threats efficiently within existing constraints.
The redesigned experience enables analysts to:
Execute threat hunts without requiring prior knowledge of the Kestrel hunt language
Leverage out-of-the-box examples to learn, modify, and run hunts quickly
Move from hypothesis to investigation with greater speed and confidence
To achieve this, the MVP introduced a dual-mode workflow — a Visual Builder for accessibility and an Advanced Builder for expert users while expanding platform capabilities through:
Support for new and updated hunt commands
Import and export of Jupyter notebook files
Inline documentation embedded directly within workflow steps
A more intuitive model for composing and managing multiple statements
This approach improved usability for both novice and experienced analysts while maintaining flexibility for advanced threat-hunting scenarios..
IBM Security SOAR Playbooks
SOAR Playbooks (A Red Dot Award–winning platform) enables security teams to respond to threats through configurable tools, business logic, and automated workflows that orchestrate actions across complex security environments.
On the SOAR Playbooks team, I owned the end-to-end design of multiple high-impact initiatives, including Essentials offerings, dashboard diagnostics, looping and control logic (Looping/Goto), and role-based access and audit functionality. My work focused on balancing flexibility, security, and usability within a highly technical, rule-driven system.
Given the complexity of the domain, I collaborated daily with engineers, security architects, and product managers, driving alignment across disciplines while navigating technical and organizational constraints.
Beyond delivery, I conducted competitive audits and user research that directly informed product strategy across the SOAR ecosystem. Through sustained engagement with end users, sales, and marketing teams, I quickly developed deep domain expertise and became a design SME for SOAR workflows, enabling more informed design decisions and stronger cross-team collaboration..