About Ian Cooper | Ian Cooper

Ian Cooper — Detection Engineer at Expel

Cybersecurity professional with a current focus in automating SOC alert triage and deep investigations. Experienced in cloud security research, automation, and detection engineering.

I work at Expel, where I build detections and automate workflows that help security teams cut through noise and focus on what matters. My work spans AWS, Google Cloud, and multi-cloud environments, with a particular interest in the visibility gaps that attackers exploit.

Outside of work, I’m based in Bend, Oregon. I’m passionate about the outdoors and spend a lot of my free time whitewater kayaking.

When I’m not engineering detections, I share what I learn — both on this site and on Expel’s blog.

What I Work On

Automating SOC alert triage and investigation workflows
Building cloud detections for AWS and GCP
Research into logging blind spots and visibility challenges
Multi-cloud security strategy

Get in Touch

Find me on LinkedIn or GitHub. You can also reach me through the contact page.