Experience

GoodRx

April 2019- Present
Senior Security Engineer

Mandiant (FireEye)

June 2016- April 2019
Red Ream Consultant
  • • Conduct and manage offensive penetration (red team) security assessments.
  • • Create technical reports for clients providing strategic and technical recommendations.
  • • Provide guidance on incident response investigations through real world testing.
  • • Manage infrastructure for red team training courses.
  • • Interface with potential clients to deliver bids, statements of work, and a scope of services.
  • • Write custom scripts to aid in penetration and vulnerability assessments.
  • • Domestic and International Clients Include: Banking, Financial, Fortune 500, Hospitality, Legal, Medical, Public Utility, Retail, Shipping, Startups, State Department (Elections), Tech, and Telecommunications.

Clemson Information Security

June 2015 - May 2016
Lead Security Analyst
  • • Performed vulnerability scans, validated results, and assessed criticality using Nessus.
  • • Monitored and investigated potential malicious activity using Stealthwatch and Bro IDS tools.
  • • Malware investigations using Cisco SourceFire AMP.
  • • Analyzed correlation of system, intrusion detection, and network logs, with Splunk, to identify threats and investigate malicious activity.
  • • Wrote custom scripts to automate threat detection.
  • • Trained new analysts on security operations and monitoring methodologies.

Education

Clemson University

2012 - 2016
Bachelor of Science
Computer Science
  • CPSC 322 - Operating Systems
  • CPSC 330 - Computer Systems Organization
  • CPSC 424 - System Administration & Security
  • CPSC 362 - Distributed Computing
  • CPSC 462 - Database Management
  • CPSC 360 - Networks & Network Programming

Certifications

Advanced Red Teaming

Mandiant | 2016

Enterprise Incident Response

Mandiant | 2016

HPC Intro to Thor

LexisNexis | 2015

HPC Intro to ECL

LexisNexis | 2015

Skills

Operating Systems
  • Debian/Ubuntu
  • Fedora
  • OS X
  • Red Hat Linux/CentOS
  • Windows Server Suite
Web Servers
  • Apache
  • IIS
  • Nginx
Programming
  • Bash
  • C
  • Objective-C
  • HTML
  • Java
  • Python
  • Powershell
  • Ruby
Databases
  • MSSQL
  • MySQL
  • Oracle
  • PostgreSQL
  • Vault (Hashicorp)
Networking
  • Cisco ASA
  • FreeNAS
  • OpenVPN
  • pfSense
Offensive Security Tools
  • Burp
  • Cobalt Strike
  • FiercePhish
  • Metasploit
  • Nessus/Security Center
  • Nmap
  • Wireshark
  • Empire
Defensive Security Tools
  • Bro IDS
  • Cisco SourceFire AMP
  • Cylance
  • ELK
  • FireEye HX
  • Mandiant Redline
  • Splunk
  • StealthWatch
Cloud
  • Amazon AWS
  • Digital Ocean
Cluster Computing
  • PBS
  • MPI
  • Hadoop
Version Control
  • Git
  • GitHub
  • GitLab
  • SVN
Virtualization
  • VMVsphere/ESXi
  • VirtualBox
  • Vagrant
Mail Severs
  • Microsoft Exchange
  • Postfix
  • SMTP
  • SPF

Field Experience

Projects
  • Android Development (Nice Catch Tiger)
  • Android Development (Notes App)
  • Local Concert Aggregator (ShowGo)
  • Memory Allocator
  • Cloud Robot Controller
  • File Recovery Tool
  • Capture The Flag Infrastructure
Assessments
  • Web Application
  • External Infrastructure
  • Internal Network
  • Red Team
  • Advanced Metering Infrastructure (ICS)
  • Mesh Network
  • Hardware
  • Firewall Review
  • Architecture Review
  • PCI Zone
  • S3 Bucket Investigation
  • Database Analysis
  • Log Analysis
  • Email Social Engineering
  • Phone Social Engineering
  • SWIFT Network