Most AI consultants are developers.
I'm a security engineer who builds AI.
That order matters when your business data is on the line.
The AI security consultant you actually need.
The cybersecurity AI consulting market is full of developers who learned to build chatbots and started calling themselves AI consultants. They make impressive demos. They wire up APIs. They can build you a chatbot that talks to your database.
What they usually can't tell you is where your data is going, who has access to it, or what happens when something goes wrong. Security is an afterthought. Something they bolt on after the build, if they think about it at all.
That's backwards. When you're dealing with client data, financial records, or anything sensitive, security isn't a feature you add later. It's the foundation you build on.
Typical AI consultant
- Builds the demo first, thinks about security later
- Uses whatever API is easiest, not safest
- Ships fast, deals with compliance when someone asks
- Senior person sells it, junior team builds it
- "We can add security later"
How I work
- Maps data flows before writing a single line of code
- Chooses infrastructure based on where data needs to live
- Compliance built into the architecture from day one
- You talk to me. I build it. Same person.
- "Security is the foundation, not a feature"
12 years learning to protect information that matters.
I spent 12 years in the U.S. Army, starting in Military Intelligence and Counterintelligence. The kind of environment where a security failure isn't a fine or a bad headline. It's a national security incident.
That's where I learned to think about data protection before anything else. Where the data lives, who can access it, what happens if it moves, what happens if someone gets in. You learn to think that way when the stakes are that high. And once you think that way, you can't turn it off.
After the Army, I went into enterprise systems administration. Microsoft 365 environments, endpoint security, compliance policies, identity management. The same stack most businesses run on today.
Now I build AI infrastructure for businesses. AI is the next thing that needs the same thinking I've been applying since the Army. The tools change. The security problems don't.
Certifications and background.
CISSP
The Certified Information Systems Security Professional is the hardest certification in information security. Requires 5+ years of experience across 8 security domains, a rigorous exam, and ongoing education. Fewer than 170,000 people worldwide hold it.
12 Years U.S. Army
Military Intelligence (35M) and Counterintelligence. Over a decade securing systems that handle classified information. Where security failures have real consequences, not just compliance checkboxes.
CompTIA Security+
The baseline cybersecurity certification required by the U.S. Department of Defense. Threats, vulnerabilities, cryptography, identity management, and security architecture.
Microsoft 365 Endpoint Administrator
Certified to manage enterprise endpoint security, compliance policies, and device management across Microsoft 365 environments. The same stack most businesses run on.
You talk to me. I build it. I support it.
I'm Jose Lugo. I spent 12 years in U.S. Army intelligence learning how to protect information that matters. Now I apply that discipline to building AI systems for businesses.
When you hire me, you get me. Not a junior team, not a handoff to someone you've never met. Same person on the call, in the build, and on support.
Let's talk about your AI security.
30-minute call. I'll look at your current setup, show you where you're exposed, and walk through what a secure AI environment looks like for your business.
No cost. No pitch deck. Start with a pilot: 5 users, 3 weeks.