SUMMARY:

• System forensics Investigation and Response Network Traffic Analysis
• E thical Hacking Experience VMware / Virtual Machine Experience
• N etwork Penetration Testing Patch Management
• M alware Methods & Reverse Engineering Web Application Security
• O WASP Top 10 Application Security Risks Hardware & Software Support
• S ANS Top 25 Dangerous Coding Errors Source Code Review / Static Code Analysis
• D ynamic Code Analysis / Scanning Offensive Security Techniques
• W ireless Penetration Testing IT Security Policy review
• M obile Device Penetration Testing Car / Vehicle Penetration Testing Knowledge
• V ulnerability Discovery PCI Compliance & NERC Compliance
• I ndustrial Equipment Hacking / Vulnerability Awareness Medical Device(s) Hacking / Vulnerability Awareness
• C rypto Currency / Blockchain Technology I nternet - of-Things (IOT) Device Penetration Testing

TECHNICAL SKILLS:

Security Auditing: Shavlik Protect, Qualys Guard, Nessus, OpenVAS, Retina, Nexpose, Wireshark, etc.

Web Auditing: SQL Injection, Cross Site Scripting, Cookie manipulation, etc.

Vulnerability: Metasploit, Nmap, Kali Linux, SQLMap, Burp Suite, etc.

Coding: HTML, JavaScript, Delphi, VB, SQL; Learning Python, Bash, Perl, Ruby, C++

Platforms: Mobile devices (iOS, Android), Linux / Unix, Windows XP, 7, 8, 10, 2003, 2008

Networks: LAN / WAN, firewalls, network scanning, intrusion detection products and authentication technologies

Goals: Offensive Security Certified Professional (OSCP) (Currently Taking Class..)

PROFESSIONAL EXPERIENCE:

Network Engineer

Confidential, Detroit, MI

Responsibilities:

• Conducted internal Vulnerability Assessment for entire Monroe Power Plant, following North American Electric Reliability Corporation standards (NERC).
• Organized, Reviewed, and compared vulnerability assessment information and discussed results with upper management.
• Described attacks and methods offensive hackers use to gain access to sensitive information and propagate throughout the network.
• Created PowerShell scripts to collect information needed to complete an internal vulnerability assessment.
• Provided guidance on avoiding WannaCry / Petya ransomware attacks.
• Contributed to the vulnerability management program at Detroit Energy.
• Shared and discussed vulnerability discoveries to upper management.
• Provided guidance on security recommendations and upgrades.
• Experience with Shavlik Protect, WhatsUp Gold, and Dameware software applications to support and secure the network infrastructure.
• Worked in a NERC business unit / team and contributed to solving IT Security compliance related issues.
• Followed strict and very specific safety measures: Physical and Technical.
• Worked with mission critical equipment and highly sensitive machinery.
• Utilized the PowerShell scripting language for vulnerability assistance and data asset management.

Sr. Security Engineer / Vulnerability & Penetration Test Support

Confidential, Auburn Hills, MI

Responsibilities:

• Conducted internal penetration tests using vulnerability scanning tools such as QualysGuard. Scanning results were reviewed on a daily basis, and depending on severity and compliancy, were manually verified by the security team with tools in Kali Linux such as Burpsuite, Nmap, Metasploit.
• Ensured compliance with strict Federal Regulations and regularly performed vulnerability tests, risk assessments and audits.
• Reviewed, provided recommendations, and followed PCI Compliancy requirements throughout the role.
• Communicated with various Application Security and Technical Analysis teams to remediate any vulnerabilities found through dynamic/static code tests across the enterprise.
• Utilized subject matter expertise to proactively communicate and prevent intrusions.
• Provided guidance and recommendations procurement of security products and solutions, security policies, and risk awareness to senior leaders.
• Reviewed and provided recommendations on Windows and Linux-based technical baseline standards / policies.
• Independently researched and analyzed mobile devices upon availability or request.

IT-Support / Vulnerability Tester

Confidential, Brown City, MI

Responsibilities:

• Tested and supported oversight of intrusion monitoring and detection across the financial institutions solution portfolio. Ensured compliance with strict Federal Regulations.
• Closely followed PCI compliance by maintaining and updating technologies such as Anti-viruses, firewalls, etc..
• Performed vulnerability and risk assessments using tools available in the Backtrack Linux distribution such as Burpsuite, Nmap, Nessus, Wireshark, etc..
• Utilized subject matter expertise to proactively communicate and prevent banking/fraud scams.
• Provided guidance and recommendations procurement of security products and solutions, security policies, and risk awareness to senior leaders.
• Produced mitigation procedures and code level changes as needed.
• Worked with a technical team to install vulnerability/exploitation software across the enterprise for testing; Providing guidance on tools when needed.
• Provided additional IT support as needed at regional branches.

Web Developer

Confidential, Brown City, MI

Responsibilities:

• Created, managed and supported organization’s website.
• Responsible for full web-site design, including frames, functionality, usability, and image creation.