ToxSec: Turning Deep Security Expertise into Trusted AI Vulnerability Research✨The Career Pivot Playbooks Series
ToxSec shows how deep security expertise, disciplined synthesis, and public writing can evolve into trusted AI vulnerability research.
This Career Pivot Playbook features ToxSec (Asher), an ex-NSA hacker currently working in AI Security at a MAG-7 company. He writes technical breakdowns of AI vulnerabilities for people who’d rather read an exploit chain than another thought piece.
Asher’s career didn’t begin with writing or audience-building. It began with service, followed by a technical education and early work securing high-stakes systems where failure wasn’t an option.
From there, his path moved deeper into intelligence and security, work that reshaped how he thinks about risk, adversaries, and how systems actually break, even if much of it can’t be shared publicly.
ToxSec emerged quietly. Not as a brand or pivot plan, but as a place to synthesize the growing volume of AI security research he was reading. What started as personal notes became public documentation.
There was no dramatic turning point. Instead, Asher noticed a widening gap between how AI risk was discussed publicly and the technical attack surface practitioners were actually dealing with. So he wrote about the mechanics instead.
Drawing on long-standing skills in synthesis, analysis, and restraint, his work prioritizes clarity over hype. Substack became the natural home for this writing, not through strategy, but convenience.
This Playbook explores how deep expertise, disciplined synthesis, and documenting real work can quietly evolve into a respected public body of work… showing that some career pivots aren’t about reinvention but about making what you already know visible.
✨About Career Pivot Playbooks
A public archive of modern career blueprints…
Most careers no longer follow a straight line.
People pivot gradually.
They extend their work beyond institutions.
They combine roles, platforms, and income streams.
Career Pivot Playbooks is a weekly series documenting how professionals are building resilient, future-ready careers, with professionals often using Substack alongside research, consulting, teaching, creative work, or operating businesses.
The focus isn’t outcomes.
It’s about how careers are shaped in practice.
About ToxSec
Through ToxSec, Asher publishes practitioner-level analysis that sits between academic research and real-world application. His work focuses on understanding how AI systems fail under pressure and what those failures reveal about the broader threat landscape.
Rather than simplifying for reach, he writes with the assumption that careful readers are willing to think. Technical depth is layered, not performative, allowing different audiences to engage without losing coherence.
The result is a body of work that’s trusted not because it’s loud or prolific (yet), but because it’s precise, grounded, and built from first-hand analysis rather than abstraction.
You can follow his work here →
ToxSec reflects:
“Can you share a bit about your professional background and the path that led you to where you are today?”
I took an unconventional route. I did time in the Marine Corps, got out, and used the GI Bill to study software engineering at Arizona State. While I was working on my master’s in cybersecurity at UW, I landed a job with a defense contractor through some military connections. It was full-stack dev work on systems that secure communications with commercial aircraft.
After the master’s, NSA came knocking. I did a lot there, which I can summarize as purple team work. It’s the kind of stuff you can’t really talk about. Then Amazon recruited me to work in security, which is where I am now.
ToxSec started as a side effect of the job. I was reading so many AI security papers for work that I needed somewhere to dump my notes. I’d written some CTF walkthroughs before, so I figured I’d just... keep doing that, but for AI research. Then people started showing up.
“What sign, moment, or slow realization told you it was time to diversify, and what did you have to push through to actually act on it?”
There wasn’t a dramatic moment. It was more like: I kept reading AI security research, and I kept noticing that the public conversation about AI risk was almost entirely social. Bias, job displacement, existential doom. All still valid concerns for sure, but almost nobody was talking about the technical attack surface. Prompt injection. Training data poisoning. Model extraction. The stuff that actually lets you pop a shell.
So I started writing about it. Turns out there’s an audience for “here’s the actual exploit chain” that wasn’t being served.
“Which skills or experiences from your previous career unexpectedly became an advantage in what you do now?”
The intel background translated surprisingly well. At the Agency, you learn to read and write intelligence reports, which is really just “synthesize massive amounts of information into something actionable.” That’s... basically what I do now, except I publish it instead of classifying it.
OSINT skills are the real superpower. I find stories that most people miss because I know how to dig. The downside is I have to self-censor sometimes. Some things I know how to find, I probably shouldn’t write about.
“How did you decide where to build visibility or credibility (Substack or elsewhere), and what role does that platform play in your overall career or income mix?”
Honestly? I picked Substack because I could link it directly to my domain through DNS. That was the whole decision. I set it up, forgot about it, and didn’t even realize I’d joined a community until I got a random subscriber and thought “wait, where did you come from?”
Turns out Substack has a whole social layer. I stumbled into it by accident. No grand strategy.
“Who is your work really for, and what problem do you solve so well that people are willing to pay for it?”
I write for people with some technical background who want to secure their products. Developers, security engineers, people building AI systems who need to understand the threat landscape. But I also try to make it accessible enough that a curious non-technical person can follow the high-level threat model.
Recently I added a “deep dive” section for the readers who want the nitty-gritty. Best of both worlds.
“What turned out to be harder than you expected when you started — and what was easier than you imagined?”
The hard part is calibrating for your audience. When I say “prompt injection,” I assume everyone gets it. But then I’ll build on that foundation and lose people because they didn’t have the baseline I assumed. Knowing what the average reader is familiar with is trickier than it sounds.
What’s been easier than expected? Growth. People really like the art style for some reason.
The visual aesthetic came from my terminal setup. Nuclear green and magenta (00ff00 and ff00ff, complementary colors). Classic hacker vibes. Then I added robots as characters because I write about AI. It wasn’t some branding strategy. It’s just how my screen looks when I’m working.
Apparently that resonates. The lesson, I guess, is that authenticity reads better than polish.
“What nearly made you quit, and what actually kept you going?”
Nothing’s nearly made me quit. It’s a side project with no pressure. I’m fortunate enough that my day job pays well, so I don’t need to monetize ToxSec. It’s pure passion. I have an optional subscription, but I’m not chasing revenue.
“What advice would you give to someone considering a similar pivot or looking to monetize their skills in a more flexible way?”
If you’re in cybersecurity and thinking about writing publicly: write about actual research. Not generic theory. Go crack a box. Hack an LLM. Do a CTF. Then write about what you learned.
The world has enough “Top 10 Security Best Practices” listicles. What it doesn’t have is enough people documenting real exploitation, real vulnerabilities, real attack chains. That’s the gap.
“What other platforms, audiences, or income streams are part of your portfolio career, and how do they work together?”
Right now it's just ToxSec and the day job. I do offer security consulting for my members. I've had to debrief everyone from high-ranking government officials to journalists, so I have experience explaining the concepts to a wide audience.
“Looking back, what’s one decision that changed everything, and what’s next for you?”
The intel experience changed everything. It’s unusual for a Substacker, and it gave me a lens that most security writers don’t have. The OSINT skills, the writing discipline, the exposure to how sophisticated attackers actually think. All of that shows up in ToxSec whether I mention it or not.
What’s next? I want ToxSec to be the go-to source for technical AI security content. Not the doom-and-gloom think pieces. The actual exploit breakdowns. The stuff practitioners need.
Links & Resources
LinkedIn: linkedin.com/in/cijams
Related Articles
OpenClaw and Moltbook: The Viral AI Agent and Security Nightmare 🦀
Pwned by Haiku: The Poetry of Prompt Injection
How DAN and Roleplay Prompts Bypass LLM Guardrails
Read More
🎯The Career Pivot Archive
Real-world career pivots, portfolio paths, and lessons you can apply to your own next move.
✨I appreciate you being here and supporting this growing archive.
❤️ Loved it? Restack 🔁 and share ✅
I work as a future-focused career advisor, helping professionals adapt and grow in real time. If this resonates, explore my Substack here →
Katharine from Learn Grow Monetize
🎁 Subscribe to the Free Plan and receive your gift: “Your Skill-to-Income Discovery Tool.”
🤔Is there a question you wish had been asked?
Drop it in the comments, and let’s keep the conversation going.
 | A guest post by
|
this was a ton of fun and it was great to work with you. as always i’m around to anyone in the comments feel free to ask any :)
This is the kind of work the public conversation desperately needs – grounded, precise, and built from real technical observation rather than speculation. What stands out is how clearly you show that credibility in AI security doesn’t come from volume or hype, but from disciplined synthesis and first-hand analysis – and that’s exactly why voices like yours become trusted over time!!