- In order to demonstrate proof - of-concept exploitation techniques, I have successfully compromised hundreds of private and public sector networks (black-hat and grey-hat penetration testing)
- Forensically identified numerous APT malware variants while assisting the FBI in post-breach wire, ACH, POS, and AML investigations
- Keynote speaker at Confidential
Confidential, Dallas, Texas
Senior Information Security Analyst
- Develop a 3-5 year Information Security Strategic Plan
- Create and implement an Information Security Risk Management Framework
- Establish an Information Security Program aligned to NIST and GLBA
- Participate in cybersecurity and incident response tabletop scenarios
- Coordinate SOX404, SSAE16, FFIEC, FINRA, COBIT, SEC, and Federal Reserve examinations
- Correlate (potential) attack patterns in database systems (Imperva) and web apps (WebDefend)
- Perform internal vulnerability assessments (Rapid7, HP WebInspect), eliminate false-positives, and if needed, develop proof-of-concept exploitations (LLMNR, SQLi, XSS, buffer overflow, SMB relay, etc.)
- Maintain strong working relationships with all agencies (SEC, FINRA, Federal Reserve, etc.) through collaboration, information sharing, and the timely resolution of exceptions
- Cyber-security oversight and due-diligence controls, including but not limited to:
- DLP, identity management, data classification, encryption, web application security, egress route and port testing, audit trails, etc. o Threat intelligence, various conferences, collaboration (various sources) HP WebInspect, Carbon Black, LogRhythm, SQLSecure, Rapid7, HEAT, Remedy, Imperva, WebDefend, FireEye, Nmap, Wireshark, Microsoft Development Studio.
Confidential, Irving, Texas
Vice President / Infrastructure Senior Manager
- Responsible for understanding all of Confidential lines of business: the customer segment, franchise critical services, and all of the infrastructure interdependencies supporting these business functions.
- TIBCO and middleware layers, WebSphere, Java Virtual Machines, webapplication and SSL, malware, VOIP, DDoS, network layers (2 and 3), mainframe batch, distributed AIX, Voice, Solaris, Oracle, etc.
- Ensure the rapid resolution of cyber incidents, where financial, reputational, or regulatory impact to Confidential may be at risk. Including, incident ownership, driving and managing incidents from identification to ServiceNow, SMART, OneNote, AlarmPoint, etc.
- Assist with various non-technical incident management scenarios: Money laundering (ACH, Wire, Payments) o Statement processing and check fraud Commercial banking / treasury services Confidential.
- Incident detection and recording Classification and initial support Investigation and diagnosis o Resolution and recover Incident closure
Confidential, Jonesboro, Arkansas
Partner / Director of Network Security
- Lead a group of talented (Red Team) offensive security professionals Drive growth, expansion, budgeting, vision, etc.
- National information security key note speaker at various associations and conventions
- IT auditing, compliance and customer relationship management
- Performed numerous presentations and webinars (information security, risk management, etc.)
- Firewall security, virtualization auditing, least privilege, policy and legal considerations, contingency planning, disaster recovery and co-location reviews
- SOX, SSAE16, GLBA, PCI, HIPAA, FIPS 140-2, PIN security and key management and FISMA
- Successful exploitation of hundreds of regulated environments (black-hat / grey-hat testing)
- Proof-of-concept exploitation techniques (SQLi, XSS, ARP cache, SMB relay, etc.)
- Numerous post-breach forensic investigations: money laundering, Trojan / malware identification and ensuring proper chain-of-custody for local law enforcement, the FBI and the Secret Service
- Forensically identified Zeus and Win32/Carberp banking Trojans within FBI hot-trail windows
- Host-based intrusion detection, file integrity testing, vulnerability exploitation
- AV evasion and payload creation - Veil-Evasion, Immunity Debugger, etc.
- In-depth security penetration testing: DDoS simulation, web application exploitation, social engineering, privilege escalation, persistence, pivoting, IDS/IPS evasion, etc.
- Coding: Python, Bash, PHP, HTML5 and .NET, DBMS: MySQL and MSSQL
- Routing Protocols and Concepts (Cisco Networking Academy) Accessing the WAN (Cisco Networking Academy) LAN Switching and Wireless (Cisco Networking Academy) o Linux System Administration
- Information Technology Project Management Network Fundamentals (Cisco Networking Academy)
- Curriculum development, modeling, and direction Student mentoring and advising
Confidential, Jonesboro, Arkansas
Owner, System Analyst
- Numerous coding projects in the logistics, healthcare, and information technology spaces
- Security hardening (egress points, policy-based remote access controls)
- Teach COMPTIA A+, Network+, programming, and additional technology-oriented courses Extensive GPO, client-server, Exchange, LAN and WAN experience Significant Linux distro experience: BackTrack, Redhat, CentOS, Ubuntu, etc.
- Sonicwall, Cisco, WatchGuard, Fortigate, etc.
- PHP, MySQL, ASP, MSSQL and various web-to-database integration projects