Sr. Penetration Tester/security Research
Frequently use NMAP, Magento, MetaSploit, Nessus, Fierce and other tools for full breach penetration testing and regulatory compliance assessments. Specialties include aggressive engagements of Fortune 500 networks and SCADA/ICS networks, in which custom toolsets were used for in-depth passive analysis.
- Designed and architected full automation solutions for Security Product Testing, including the determination of "patient zero" and data correlation for reliable lab results. Splunk was leveraged heavily for dashboards and alerting of anomalous behavior in test results.
- Developed ontological and heuristic behavior frameworks for incident investigation and response. Many of my findings were implemented into a leading security platform.
- Creation of secure virtualized lab for exploit creation, malware distribution analysis and security product testing.