David May Email & Phone Number

United States

San Francisco, California, US

1) Manage Application Penetration Tests- Having been a pentester for two years, I understand what is required for an effective penetration test. I also apply Threat Modeling to identify known gaps in our products and hot spots in code so that pentesters can hit the ground running.- I lean into the business risk side of testing. Using a risk framework.

Tempe, Arizona, US

I provide security consultation services to some of the most prominent companies on the planet. Consultation responsibilities include:- Conducting code reviews and analyzing code both from a static (SAST) and dynamic (DAST) perspective- Performing application penetration tests and uncovering hard to find business-logic type vulnerabilities, including.

Tampa, FL, US

• Assess the security of domains, networks, web applications/APIs, mobile applications, and people within organizations, oftentimes as part of FedRAMP or PCI assessments
• Research new TTPs and the latest advancements in this field and develop new exploitation tools and frameworks
• Develop and deploy unique phishing campaigns
• Prepare reports and presentations at different technical levels in order to effectively communicate the business risk associated with identified vulnerabilities in people, processes, and technologies

Herndon, VA, US

Security Engineering responsibilities at SemanticBits include Penetration Testing, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Vulnerability Assessment/Scanning, Malicious Software Analysis, Cloud Security, and DevOps Security. I was responsible for owning the security posture of entire programs that were in.

Falls Church, VA, US

At Northrop Grumman, I provide oversight for the day-to-day cyber security operations on a global network. I maintain Information Assurance-related documentation and ensure the system maintains compliance to applicable Risk-Managed controls (NIST 800-53). I coordinate incident response activities and collect and disseminate cyber threat intelligence to.

Falls Church, VA, US

At Northrop Grumman, I am responsible for assessing, testing, and implementing secure systems. As part of the information security team, I am responsible for establishing and maintaining a security posture that is Risk-Management Framework (RMF) compliant.Daily tasks include vulnerability research and assessment to determine operational impacts, developing.

Falls Church, VA, US

At Northrop Grumman, I provide Systems Engineering leadership for a range of Cyber Security and Software driven projects. Daily tasks include synthesizing customer contractual needs and requirements into system requirements and providing solutions that meet customer expectations as well as the technical, schedule, and cost constraints of the program..

Mclean, VA, US

Provide engineering review and analysis of ground-support pressure vessels and systems that are critical to the successful launch of space vehicles under the CSSC II Contract.I carry out ASME Section VIII Division 1, Division 2, and FFS calculations to confirm compliance to ASME, API, and NBIC codes. These calculations involve stress analysis, relief valve.

Maitland, Florida, US

HVAC and Mechanical Systems Designer

Orlando, FL, US

Conduct Mechanical Engineering Research in the areas of Creep Modeling and Mechanical Test Frame Design.Developed a reduced-order Kachanov-Rabotnov creep model that would reduce the computational resources necessary to simulate creep.Developed a novel method for determining material constants for the Norton-Bailey creep model using statistics.