The most important thing to know about me is that, on any team, I am a 'tabula in naufragio' —a steadfast debugging presence in challenging times.

- Godfrey Lebo, 2022.

I help teams ship production LLMs and copilots without turning customer data into a compliance incident: boundary controls, evidence for auditors, and safer retrieval and agents.

• Production LLM & AI application security — PII redaction, logging, and controls mapped to GDPR, SOC 2, HIPAA, and EU AI Act expectations (the bundle you see in LLM security and AI governance roles).
• Founder of Sether — streaming-native PII redaction (@raeven-co/sether, MIT). Tokenise sensitive fields before they cross your boundary to model providers.
• Senior Engineer, Must Company (Seoul-headquartered team) on a high-traffic crypto / fintech product with 70,000+ daily active users—NestJS, AWS, and production AI features.
• Secure RAG, agents & MCP — LangChain, LangGraph, and Model Context Protocol toolchains for grounded, injection-aware systems.
• Rust plus full-stack delivery — supply-chain security tooling (e.g. npm_sentinel, g-recon) alongside TypeScript (NestJS, Next.js) and Flutter.
• Abuja, Nigeria · 7+ years in production · remote-first, proven async with international teams.

When your app sends customer data to OpenAI or Anthropic without controls, that is often a GDPR Article 28 sub-processor gap. With EU AI Act enforcement ramping through 2026–2027, the same flows are board-level risk. I build the boundary layer and evidence so engineering and compliance can answer auditors with specifics—not vibes.

I have shipped real incident response: forensics and remediation for a DPRK PolinRider supply-chain attack on a developer machine—so I am unusually sensitive to trust boundaries end to end.

Technical Skills

Experience

Education