Security professional with 3+ years of experience, including administration, development, exploitation, and policy practices. This encompasses both offensive and defensive roles.
Tools: Burp Suite Pro, nessus, Web Inspect, Nexpose, Acunetix, Acunetix, Splunk, ArcSight, SourceFire, Cobalt Strike, Core Impact, SQLMAP,Wireshark, Nmap, .
Protocols: DNS, DHCP, HTTP, HTTPS, ARP, SSL/TLSCompliance FISMA, PCI - DSS
Soft Skills: Ability to convey technical details to a non-technical audience, training and mentorship, Attention to detail, analytical mindset
Other: Source Code Review, Vulnerability Assessments, Network Penetration Testing, Web Application testing, Wireless Penetration Testing, Log analysis, OWASP Top 10, Patch Management, Cisco Routers & Switches, Windows Server, Linux/Unix Server, TCP, Tradecraft, Social Engineering, Security Research, Cryptography
Red Team Tester
Confidential, Norfolk, VA
- Tasked as a SME for penetration testing and vulnerability analysis.
- Conducts Adversarial assessment and cooperative assessments on various networks and in - house applications.
- Assisting with the development and vetting of tools to aid in Penetration Tests.
- Review and update TTPs according operational needs and capabilities, along with a team of individuals.
- Assisting in the continual revamp of policies and procedures, and giving expert opinion on each matter.
- Conduct security research for enhancement of organizational capabilities.
Software Security Tester
Confidential, Houston, TX
- Creating Test Cases.
- Code Review
- Testing for common vulnerabilities and Fuzzing possible bugs in pre-production applications.
- Suggesting course of action, based on test findings, to a wide knowledge base.
- Server maintenance, installation, and administration.
- Continued Education
Confidential, Pensacola, FL
- Review and correlation of raw log files.
- Analysis of network packets via network monitoring tool.
- Creating and running task oriented scripts.
- Incident Response and digital forensic responsibilities.
- Working with both Windows & Linux from the command line.
- Research of attack vectors, threat tactics, and attacker techniques in order to thwart possible attacks.
Confidential, Fort Eustis, VA
- Utilized Confidential Vulnerability Scanner for the purpose of resolving network vulnerabilities.
- Patching and Updating Systems, based on CVEs reported by Vulnerability Scanners.
- Installed and configured various network and software applications.
- Updated and configured Active Directory regularly.
- Utilized Remedy Action Request system for the purpose of tracking and quickly troubleshooting user issues.
- Worked with a variety of network peripherals, including: laptops, desktops, printers, and servers.
- Performed computer imaging with CD and through PIXI server.
- Helped Establish remote or VPN connections for clients.
- Utilized (STIGs) Security Technical Implementation Guides in order to fully harden network nodes and devices.
Confidential, Norfolk, VA
- Installed, configured, serviced, and repaired, and maintained Information Technology systems in both a stand-alone and client-server environment.
- Troubleshoot and maintained software and hardware components in an enterprise environment.
- Integrated multiple information systems in a network environment.
- Evaluate and addressed customer information system problems.
- Provided support for various IT services to over 300 users.
- Installed and configured workstation hardware and software on critical and mission essential IT assets.