InfoSec Manager • Lethal Forensicator • Security Automator
Cybersecurity has been my passion for years now. I'm most comfortable when I'm able to design and create security solutions myself. I have designed and implemented complete SOC operations overhauls for multiple multi-billion dollar organizations. My SOC workflows are industry best practices married with military operations planning to form a uniquely effective security program. I just love securing the things.
Here are a few cool things I can do (not all inclusive)
I'm experienced at translating CEO-level objectives into actionable and achievable objectives. I can break long-term goals down until they are daily or hourly tasks for analysts. I can create a checklist unique to a single problem, or broad enough in scope to be applicable to anything you want to call an incident. I can train them so that they don't need me, then I'll change the dynamic of company security knowing they're taking care of the day-to-day operations. I determine what business processes are critical, what makes them critical, what IT assets facilitate their delivery, and ensure the SOC knows how to secure those things like they know their ABCs.
My experience is a mile wide. Windows forensics, linux security, mitigating vulnerability on a custom OS that side-boots in memory off of a FreeBSD base, penetration testing, security research, attribution, leading IR. ELK/Splunk/Sumo, any SIEM you have I'll create actionable dashboards, tie in some automation to query that and send high fidelity alerts to Slack in an interactive message, or open a Jira ticket with the relevant data, or Redmine, or whatever else you want me to do with it. If it has an API I can integrate it into our automation. SSC/Bitsight/Shodan, yeah we can pull that and use Airflow DAG to run python scripts that integrate into XYZ other app. I've found Russian APTs in DoD networks, I've automated finding, isolating, and containing crypto miners in AWS. I'm technical.
Nobody likes a huge security budget. If it can be done with open source software, I'm going to get it done with open source software without even asking you for a budget for this deliverable. If it can't be done with open source software, just joking, of course it can, we just need some time to script some stuff out. There are very few tools I think are worth the money all the time, don't worry about me bloating the security budget to the point where you're begging the CEO to expand our budget so we can renew our whatever contract.
Here are a few cool things I've done
Found an 8 year outdated SIEM with a single shared account nobody had access to that was only getting /var/log/messages. When I was done with that system it was a marvel of Elastic engineering, collecting over 1TB of logs per day, multiple high fidelity dashboards, Airflow integration to query ES and push alerting in interactive messages to Slack that allowed a user to jump straight the the relevant dashboard with 1 click, and open a Jira ticket from the message that would include all relevant data.
Incident Response procedure, data loss prevention policy, server hardening policy, drafted the master information security policy, cryptography and key management policy, TPRM policy. I don't just know this stuff. I know it at a level to dictate how it should be done at scale at large organizations.
I was the cyber operations planner for the highest tasked cyber protection team (CPT) in the USAF. I planned dozens of missions involving sending a server room full of equipment to partner organizations to perform 2-4 week threat hunting, vulnerability detection, mitigation, security training, and threat emulation missions. I can plan short and long term objectives, manage dozens of people to meet those objectives, work within budgets, and look good in a uniform.
CISSP, OSCP, GCFA, AWS Certified Professional - Security, Sec+, CEH, and more. It's not just about passing the course, I'm effectively able to take these skills and apply them to any environment to enhance its security posture.
MS of Cybersecurity from WGU. BS of Information Technology Management from AMU. AS of Cybersecuirty from CCAF. Always high GPAs. Honor Society member.