At Kearney & Co I am responsible for security architecture design, penetration testing, incident response, security operations, and Governance, Risk, and Compliance (GRC) activities, managing complex projects, directing cross-functional teams, and spearheading cybersecurity initiatives for Federal agencies.

Have outstanding relevant technical competencies coupled with a consultative mindset to gather requirements, understand customer needs and influence internal stakeholdersDeliver comprehensive pre-sales technical engagement planning, including:Understanding the digital attack surface and value at riskPerforming black and gray box surveys of applications and networksDocumenting and reporting survey findings with customers and internal stakeholdersLeveraging findings to create technical proposalsProvide support during prospect meetings by leading relevant product demosDevelop an understanding of the prospect by asking thoughtful questions about:Their digital attack surface and value at riskTheir existing vulnerability programs, tools and methodsTheir security program, including ERM requirements and goalsPartner with the internal stakeholders to develop and execute key account development plans

-Follows industry best practices and methodologies, including the Open Web Application Security Project (OWASP) Testing Guide, to perform penetration testing services to uncover vulnerabilities across various web applications.-Test web services using automated web application scanning methodologies and tools (e.g. IBM AppScan, HP WebInspect, Acunetix WVS, etc...).-Test web services using a manual in-depth testing methodologies and tools (e.g. Burp Suite Pro, ZAP Proxy, IronWASP, etc...).-Summarize and document results of testing for management reporting including proper disposition of tests.-Research new threats, attack vectors, and risk.

-Follows industry best practices and methodologies, including the Open Web Application Security Project (OWASP) Testing Guide, to perform penetration testing services to uncover vulnerabilities across various web applications.-Test web services using automated web application scanning methodologies and tools (e.g. IBM AppScan, HP WebInspect, Acunetix WVS, etc...).-Test web services using a manual in-depth testing methodologies and tools (e.g. Burp Suite Pro, ZAP Proxy, IronWASP, etc...).-Summarize and document results of testing for management reporting including proper disposition of tests.-Research new threats, attack vectors, and risk.

Perform hands-on security testing, which is responsible for identifying security risks within applications and its network infrastructure. Provide support in improving the integrity and security of enterprise-wide Cyber systems and networks. Perform as a security testing engagement manager, leading peer team members during assigned testing, and technical security tester. Work with the Computer Incident Response Team (CIRT) to improve corporate detection and response capabilities and promote computer security awareness through hacker demos and security testing project debriefs.

Provides support of Local and Wide Area Networks (LAN/WAN)Responsible for helping to maintain the physical network, file servers, desktop and laptop workstations and applications for end users and the manufacturing environmentPRINCIPAL DUTIES:• Configure, maintain, upgrade and support all workstations, peripherals and laptops at required internal and commercial software revision levels and configurations.• Respond and resolve user IT problems and system integrity issues. Perform repairs, including warranty repair work.• Assist in providing end user training, in the use of PC workstations, applications and the networking environment.• Maintain and document regional workstation inventories• Follow approved recycling practices for computers, batteries, and misc electronics.

Rapid Prototype Development: Completed multiple iterations of a functional proof of concept prototype. Completions included the integration of multiple networking and software solutions as well as with 3D modeling and design.Testing and Documentation: Preformed testing and scope documentation for primary product, up to and including emulating and benchmarking future products for development.

Cyber security demonstration, education, and competitions.

Corporate Penetration Testing: Created scope documentation, preformed reconnaissance, analysis, vulnerability validation, and mitigation reporting using NIST 800-115 standards.Hardware and Software Penetration Testing: Developed proof of concept exploits for current products in the mobile technology sector. Including root detection avoidance, and real-time theft of email from an active encrypted sandbox.Risk Management: Protected vulnerable networks following detailed risk assessments. Assisted with design, validation, acceptance testing and implementation of secure, networked communications across remote sites.

Computer Repair, Customer Service, Computer sales

Computer Repair, Customer Service, Sales