Hi there

I'm Jason P. Burns

InfoSec Manager Lethal Forensicator Security Automator

About Me


Cybersecurity has been my passion for years now. I'm most comfortable when I'm able to design and create security solutions myself. I have designed and implemented complete SOC operations overhauls for multiple multi-billion dollar organizations. My SOC workflows are industry best practices married with military operations planning to form a uniquely effective security program. I just love securing the things.

Skills

Here are a few cool things I can do (not all inclusive)


Management

I'm experienced at translating CEO-level objectives into actionable and achievable objectives. I can break long-term goals down until they are daily or hourly tasks for analysts. I can create a checklist unique to a single problem, or broad enough in scope to be applicable to anything you want to call an incident. I can train them so that they don't need me, then I'll change the dynamic of company security knowing they're taking care of the day-to-day operations. I determine what business processes are critical, what makes them critical, what IT assets facilitate their delivery, and ensure the SOC knows how to secure those things like they know their ABCs.

Technical

My experience is a mile wide. Windows forensics, linux security, mitigating vulnerability on a custom OS that side-boots in memory off of a FreeBSD base, penetration testing, security research, attribution, leading IR. ELK/Splunk/Sumo, any SIEM you have I'll create actionable dashboards, tie in some automation to query that and send high fidelity alerts to Slack in an interactive message, or open a Jira ticket with the relevant data, or Redmine, or whatever else you want me to do with it. If it has an API I can integrate it into our automation. SSC/Bitsight/Shodan, yeah we can pull that and use Airflow DAG to run python scripts that integrate into XYZ other app. I've found Russian APTs in DoD networks, I've automated finding, isolating, and containing crypto miners in AWS. I'm technical.

OSS Engineering Wizard

Nobody likes a huge security budget. If it can be done with open source software, I'm going to get it done with open source software without even asking you for a budget for this deliverable. If it can't be done with open source software, just joking, of course it can, we just need some time to script some stuff out. There are very few tools I think are worth the money all the time, don't worry about me bloating the security budget to the point where you're begging the CEO to expand our budget so we can renew our whatever contract.

Things I've done

Here are a few cool things I've done


Ground up SOC build for 45k+ node network

Found an 8 year outdated SIEM with a single shared account nobody had access to that was only getting /var/log/messages. When I was done with that system it was a marvel of Elastic engineering, collecting over 1TB of logs per day, multiple high fidelity dashboards, Airflow integration to query ES and push alerting in interactive messages to Slack that allowed a user to jump straight the the relevant dashboard with 1 click, and open a Jira ticket from the message that would include all relevant data.

Penned company policies & procedures at a Fortune 500

Incident Response procedure, data loss prevention policy, server hardening policy, drafted the master information security policy, cryptography and key management policy, TPRM policy. I don't just know this stuff. I know it at a level to dictate how it should be done at scale at large organizations.

United State Air Force Experience

I was the cyber operations planner for the highest tasked cyber protection team (CPT) in the USAF. I planned dozens of missions involving sending a server room full of equipment to partner organizations to perform 2-4 week threat hunting, vulnerability detection, mitigation, security training, and threat emulation missions. I can plan short and long term objectives, manage dozens of people to meet those objectives, work within budgets, and look good in a uniform.

Certifications

CISSP, OSCP, GCFA, AWS Certified Professional - Security, Sec+, CEH, and more. It's not just about passing the course, I'm effectively able to take these skills and apply them to any environment to enhance its security posture.

Education

MS of Cybersecurity from WGU. BS of Information Technology Management from AMU. AS of Cybersecuirty from CCAF. Always high GPAs. Honor Society member.