Seasoned cybersecurity professional with 6 years of hands-on experience across the security domain.
I am a seasoned cybersecurity professional with 6 years of hands-on experience across the security domain. Through my studies, I have become fluent in both Red team and Blue team methodologies, and I have specialized in vulnerability management, automation and system administration.
I am results-driven, aiming to solve the toughest cybersecurity problems before they become incidents.
I have a strong self-motivated work ethic and a great interest in research and in helping my colleagues become their very best.
Cybersecurity is my passion, and I do my best daily to teach myself new things away. I have an ear to the ground and proactively take steps to remediate vulnerabilities, eliminating unnecessary risk.
My favourite EDR platform is CrowdStrike, which I use in conjunction with Splunk. The VMDR programs I'm most familiar with is Rapid7 and Qualys. In addition to Empire and Metasploit, I'm also well trained in leveraging Kali Linux when performing pentests.
Certification verifications below:
CompTIA Security+ | Microsoft AZ-900 | eLearnSecurity eJPT | Fortinet NSE 1 | Fortinet NSE 2
Additional Certifications Available on my LinkedIn
I've spent the better part of six years of my life engaged in the computer sector and have had a burning passion for cybersecurity since I was old enough to operate a keyboard. For me, it's more than a job; it's a reflection of my personality and a set of talents I'm happy to have acquired. Here are the sites where I've worked and demonstrated that knowledge.
2022 - Current
Senior Security Engineer
• Established and refined the IR (Incident Response) plan for cybersecurity-related incidents, and setup automations to monitor all potential threats in and out of the environment.
• Created bespoke integrations and optimizations to serve as middleware in an otherwise serverless environment.
• Improved the SIEM to allow better enrichment of data and allow IR responders to have the information they need at a glance, allowing extremely fast and accurate response times.
• Assisted team with the creation of new projects and constant improvements of existing systems, allowing a stronger, more resilient overall baseline in a Unix/Linux based environment.
• Proactively utilized mass communication systems to address potential security problems before they become an incident.
"We should have never taught the sand to think."
My skillset is varied and multi-faceted. I pride my ability to improvise, adapt, and overcome any obstacle and make the impossible possible.
I've gained a great deal of knowledge regarding Vulnerability Management, Detection, and Response throughout the course of my experience working in the cyber industry. Most notably, I am quite proficient with the APIs provided by the VMDR systems Qualys and Rapid7, with which I have the most hands-on expertise. I am able to produce personalized solutions that are tailored to the specific needs of the environment in which I operate because of my extensive expertise and distinct brand of creativity.
Incident response is another aspect of my professional background. In today's cybersecurity environment, the capacity to detect and react to possible attacks is critical. More significantly, mechanisms must be in place to analyze, classify, and prioritize such warnings, as well as to automate the process to remove noise and keep things running smoothly. I have previous experience with Splunk Phantom and am capable of creating playbooks. I am also currently researching Datadog's Cloud Monitoring solution.
The development of automated systems is critical to the success of a company's operations. The same holds true for cybersecurity as well as for overall security. Automation provides for speedier analysis, as well as faster detection and response in the event that a host on your network is hacked.
The capacity to quickly and securely construct virtual environments for testing purposes is a key aspect when assessing new software for your regular deployment. A virtualization specialist like myself has had the opportunity to work with ESXi and proxmox as well as other virtualization software. This has empowered me with the skills to stand up Windows, Linux, and even Mac OS X virtual machines. In addition to serving as a sandbox, a virtual environment may be utilized to detonate malware and generate Indicators of Compromise for use by your Incident Response systems.
The average time to patch a vulnerability is over 60 days and over 3/4 of cyber attacks in 2021 used vulnerabilities that were at least two years old. Many of these vulnerabilities can be patched and remediated through standardized patching, eliminating risk and in some cases even decreasing overall resource usage. I have helped develop these systems as well as reports for executives.
Cloud security is critical and is required for cybersecurity. Personally, I'm familiar with AWS and Azure, and I'm always eager to experiment with new technologies and systems.
Security is not just compliance for me, and involved in everything I do. I utilize the Secure SDLC style of development to ensure security is kept in mind throughout the life of the projects I work on.