Experience

Amazon

March 2022 - Current
Infrastructure Security Engineer

Sure, Inc.

August 2020 - March 2022
Director of Infrastructure & Security
  • • Lead and supervise all Security, Infrastructure, and IT efforts.
  • • Assist in the planning, estimating, and prioritization of the IT, Infrastructure, and Security roadmaps.
  • • Design and plan hiring and onboarding pipelines, following the company’s standards.
  • • Build and maintain effective on-call rotations and incident response workflows, to meet the company’s SLAs and maintain uptime.
  • • Lead system security and vulnerability analyses.
  • • Lead risk assessments and build risk mitigation plans.
  • • Design and assist in an AWS organziation re-architecture to scale our AWS infrastructure to 30+ accounts.
  • • Rearchitect AWS account infrastructure; including VPC and subnet architecture, routing, security controls, and access management.
  • • Built and deploy corporate VPN solution.
  • • Managed corporate AV/EDR solution.
  • • Managed product infrastructure security moniroting solution.
  • • Perform 3rd party vendor evaluations.
  • • Coordinate external penetration tests by 3rd parties.
  • • Manage Sure's compliance and standards: SOC 2 Type 2 and PCI.
  • • Write Incident Response Playbooks.
  • • Created and maintain a Incident Response Plan.
  • • Built, deployed, and maintain a SIEM to ingest 50+ Gbs of logs daily.
  • • Implement security automations to continuously audit and monitor our environment and applications.
  • • Created and maintain IT Security policies: Acceptable Use, Password Protection, Clean Desk, Removable Media, PCI, Data Retention and Destruction, and Privileged Access.
  • • Deployed and manage WAF solution.

Blackline

May 2020 - August 2020
Information Security Engineer
  • • Managed security risk metric program to help identify key areas of risk throughout the company.
  • • Developed Kubernetes and container security tools and methods.
  • • Tuned LogRhythm SIEM.
  • • Improved internal security documentation including playbooks, processes and procedures.

GoodRx

April 2019 - March 2020
Senior Security Engineer
  • • Built and maintained security logging solutions (SIEM).
  • • Partnered with diverse teams to design and implement security best practices.
  • • Performed security assessments against cloud-based infrastructure.
  • • Deployed and managed endpoint security along with network monitoring.
  • • Generated incident response playbooks and respond to incidents.

Mandiant | A FireEye Company

June 2016 - April 2019
Red Ream Consultant
  • • Conducted and managed offensive penetration (red team) security assessments.
  • • Created technical reports for clients providing strategic and technical recommendations.
  • • Provided guidance on incident response investigations through real world testing.
  • • Managed infrastructure for red team training courses.
  • • Interfaced with potential clients to deliver bids, statements of work, and a scope of services.
  • • Wrote custom scripts to aid in penetration and vulnerability assessments.
  • • Domestic and International Clients Include: Banking, Financial, Fortune 500, Hospitality, Legal, Medical, Public Utility, Retail, Shipping, Startups, State Department (Elections), Tech, and Telecommunications.

Clemson University | Information Security

June 2015 - May 2016
Lead Security Analyst
  • • Performed vulnerability scans, validated results, and assessed criticality using Nessus.
  • • Monitored and investigated potential malicious activity using Stealthwatch and Bro IDS tools.
  • • Malware investigations using Cisco SourceFire AMP.
  • • Analyzed correlation of system, intrusion detection, and network logs, with Splunk, to identify threats and investigate malicious activity.
  • • Wrote custom scripts to automate threat detection.
  • • Trained new analysts on security operations and monitoring methodologies.

Education

Clemson University

2012 - 2016
Bachelor of Science
Computer Science
  • CPSC 322 - Operating Systems
  • CPSC 330 - Computer Systems Organization
  • CPSC 424 - System Administration & Security
  • CPSC 362 - Distributed Computing
  • CPSC 462 - Database Management
  • CPSC 360 - Networks & Network Programming

Certifications

Advanced Red Teaming

Mandiant | 2016

Enterprise Incident Response

Mandiant | 2016

HPC Intro to Thor

LexisNexis | 2015

HPC Intro to ECL

LexisNexis | 2015

Skills

Offensive Security Tools
  • Burp
  • Cobalt Strike
  • FiercePhish
  • Metasploit
  • Nessus/Security Center
  • Nmap
  • Wireshark
  • Empire
Defensive Security Tools
  • Bro/Zeek IDS
  • Cisco SourceFire AMP
  • Elastic Search/OpenSearch
  • Mandiant Redline
  • Splunk
  • StealthWatch
  • Crowdstrike
  • Threatstack
  • Signal Sciences
  • PerimeterX
  • TheHive
  • Cortex
Cloud Computing & Infrastructure
  • AWS
  • GCP
  • Digital Ocean
  • Fastly
  • CloudFlare
  • Kubernetes
Operating Systems
  • Debian
  • Fedora
  • MacOS
  • CentOS
  • Amazon Linux
  • Windows Server Suite
  • Containers/Docker
Web Servers
  • Nginx
  • Apache
  • IIS
Programming & Automation
  • Bash
  • C
  • Objective-C
  • HTML
  • Java
  • Javascript
  • Python
  • Powershell
  • Terraform
  • Packer
Databases & Secrets Management
  • MSSQL
  • MySQL
  • Oracle
  • PostgreSQL
  • Vault (Hashicorp)
Firewalls & Network Security
  • Cisco ASA
  • Palo Alto
  • OpenVPN
  • pfSense
  • Ubiquiti
Storage
  • FreeNAS
  • OpenMediaVault
  • MinIO
Cluster Computing
  • PBS
  • MPI
  • Hadoop
Version Control
  • Git
  • GitHub
  • GitLab
  • SVN
  • Gitea
Virtualization
  • VMVsphere/ESXi
  • VirtualBox
  • Vagrant
  • Proxmox
  • Ovirt
  • Hyper-V
Email Security & Technology
  • Google Workspace
  • Postmark
  • SendGrid
  • SMTP
  • SPF
  • DKIM
  • DMARC

Field Experience

Projects
  • SIEM Deployment (Opendistro Elasticsearch)
  • BLESS SSH Access Management
  • Terraform Infrastructure
  • Android Development (Nice Catch Tiger)
  • Android Development (Notes App)
  • Local Concert Aggregator (ShowGo)
  • Memory Allocator
  • Cloud Robot Controller
  • File Recovery Tool
  • Capture The Flag Infrastructure
Penetration Assessment Types
  • Web Application
  • External Infrastructure
  • Internal Network
  • Red Team
  • Advanced Metering Infrastructure (ICS)
  • Mesh Network
  • Hardware
  • Firewall Review
  • Architecture Review
  • PCI Zone
  • Email Social Engineering
  • Phone Social Engineering
  • SWIFT (Banking) Network
Incident Response Investigations
  • S3 Bucket Breach
  • Database Analysis
  • Log Analysis
  • Linux System Compromise
  • Enterprise Breach
  • Insider Threat