Greg Torrence
AeroLeads people directory · profile

Greg Torrence Email & Phone Number

Cyber Threat Hunter
Location: Erie, Colorado, United States 14 work roles 2 schools
LinkedIn matched
✓ Verified Jul 2026 3 data sources Profile completeness 71%

Contact Signals

LinkedIn Profile matched
3 free lookups remaining · No credit card
Role
Cyber Threat Hunter
Location
Erie, Colorado, United States

Who is Greg Torrence? Overview

A concise factual answer block for searchers comparing this professional profile.

Quick answer

Greg Torrence is listed as Cyber Threat Hunter based in Erie, Colorado, United States. AeroLeads shows a matched LinkedIn profile for Greg Torrence.

Greg Torrence previously worked as Cyber Threat Hunter at Pds/United Launch Alliance and Information Security Engineer IV at Omniforce Solutions/Lumen Technologies. Greg Torrence holds Core Engineering, 3.33 from Secureset.

Profile bio

About Greg Torrence

Experienced and versatile Cyber Systems Integrator and Defender with over 23 years of experience supporting numerous DoD and commercial environments. Wide-scope background includes creation, support and defense of mixed Linux/Windows environments running a variety of infrastructure and security configurations. Primary cybersecurity experience is in engineering/implementing SIEM tool architecture, developing meaningful event correlations from multiple log sources, applying STIG system hardening, implementing system patch compliance methods, and using approved purple-team concepts to confirm proper function of system hardening and defensive tools. Currently focusing on offensive security repertoire to aid in proving the effectiveness of implemented defensive measures.

14 roles

Greg Torrence work experience

A career timeline built from the work history available for this profile.

Cyber Threat Hunter

Pds/United Launch Alliance

Centennial, Colorado, United States

• Responsible for identifying system and network anomalies combined with threat intelligence artifacts to identify indicators of attack/compromise with the goal of detection & response as early in the kill chain as possible – Focused on developing baseline understanding of Launch Engineering environment through Discovery scans to create more accurate asset inventory and hunted anomalous traffic patterns using a variety of SPL approaches in Splunk and SplunkES• Used Nmap results and Wireshark to identify PPS misconfigurations on Launch Engineering systems – Communicated these findings to CFC team for coordinated remediation with system owners• Monitored external Threat Intelligence sources to determine applicability to ULA systems and proved/disproved hypotheses pertaining to ULA’s susceptibility to successful attacks through targeted threat hunts based on Splunk ES notables• Used MITRE ATT&CK Framework as a guide to identifying system and network behaviors/configurations that increase the attack surface• Created reports and alerts in Splunk to meet NIST 800-53, NIST 800-171 & CNSSI 1253 compliance requirements resulting in successful closure of associated POAMs – Recognized with award from management• Created Threat Hunting dashboard in Splunk to graphically visualize anomalous outbound network traffic destinations, timing and patterns• Fed results from pingsweeps and Nmap scans to members of CFC team to improve coverage levels for toolsets requiring agents (such as Nessus, Device42 and Wazuh)• Worked as part of engineering team to implement improved log aggregation from log sources originating from restricted environment – Initial solution involved creation of Linux service file calling custom script running tcpdump to capture raw log traffic to a Splunk-ingested file – Solution evolved into more permanent design featuring syslog-ng aggregators running on dedicated VMs using Splunk Universal Forwarders to direct logs toward Splunk Search Head for ingestion

May 2022 - Jul 2023

Information Security Engineer Iv

Omniforce Solutions/Lumen Technologies

Colorado, United States

• Implemented the concept of the SSID (SRG-STIG ID) Mapping Spreadsheet to improve STIG tracking & reporting to consolidate results tracking into a single document; Generated SSIDs for Server 2016, RHEL 7 and SQL which were used as artifacts for audits in 2 separate environments which resulted in both environments being granted ATOs• Improved coordination between Operations teams and SOC personnel to relay changes to environments based on Powershell Inventory script results; Repaired agent installations, participated in support calls with vendors, and monitored for KEVs per DHS’s BOD 22-01; Frequently demonstrated newly developed processes and supporting scripts to SOC team and collaborated between Management, ISSOs, and SOC personnel on topics that resulted in improved weekly situational awareness in the environments• Created Powershell scripts to pull system inventories on a cyclical basis to ensure complete scan coverage for Nessus, Desktop Central, and Tripwire; Used these Inventories to identify changes to the computing environment, identify hosts experiencing communication issues with Tripwire Console and remediate deltas between the Master Inventory and hosts present in the environment; Improved toolset scanning and reporting resulting in higher remediation rates of Critical and High vulnerabilities and closure of POAMs related to these vulnerabilities• Used Tripwire reporting and operational need to determine STIG remediation impacts; Remediated systems and submitted STIG Exception tickets as needed on a per-STIG basis; Resulted in improvements to number of Failed STIGs present in Tripwire reports while minimizing the potential for STIGs to impact the systems• Remediated faulty or missing scan tool agent installations and coordinated with members of other teams to remediate network issues preventing agents from communicating with their respective consoles• Provided updates to SSID and Inventory progress during Weekly Team and System Compliance Meetings

Jun 2021 - Mar 2022

Sr. Cybersecurity Engineer Ii

Aurora, Colorado, United States

• Implemented Linux/Windows system hardening in factory environments on the JPSS program using a combination of IBM BigFix fixlets, GPOs, Powershell, and Bash command line methods to bring systems into compliance with DISA STIGs; Resulted in meeting Cyber Integration Team requirements per schedule• Developed appliance and Linux server PKI implementation procedures; Provided support by performing root-cause analysis for issues ranging from CSR generation to implementation on the systems; Resulted in meeting Cyber Integration Team objectives for system handover to external stakeholders• Responsible for identifying and remediating issues with fixlets, security Agents, and O/S hardening• Used enumeration techniques to inventory labs and identify system implementation issues – raised findings to appropriate teams for remediation• Installed Agents for IBM BigFix & QRadar, McAfee ePO, ActivClient, Symantec Endpoint Protection Manager, Tripwire, and Desktop Validator and verified proper check-ins with upstream servers according to system requirements per schedule• Responsible for coordinating the progression of Change Requests with various stakeholders for system upgrades and security tool improvements• Provided guidance and technical training to team members by implementing SharePoint wiki to consolidate and distribute knowledge to the team

Nov 2019 - May 2021

Lead Cyber Systems Engineer

Alku/Lockheed Martin

Boulder, Colorado, United States

• Developed plan to meet targets for 2 DSS audits including integration of Splunk into APEX development lab using Ansible; Resulted in documentation to implement Splunk to a site-wide standard and greater capability for threat tracking by the Security team• Led 4-person team to implement system patches, hardening per STIG guidance, and briefed management and Security team on progress; Efforts contributed to sitewide Superior rating by DSS and an extension of the ATO• Developed plan for central log collector system to improve raw audit log handling; Resulted in greater management involvement to increase funding for architectural improvements to improve security-relevant processes• Adjusted system configurations to be compatible with Red Hat IPA authentication using Kerberos encryption• Created Splunk dashboards to provide correlation of various system and software log inputs to monitor for anomalies on the systems and network• Created labwide configuration management solution using Spacewalk to enforce, manage, and monitor Security Relevant Objects; Resulted in SCAP scores converging and lessened compliance variability between systems• Created new lab baseline build to implement a commonality concept to streamline configuration management of the systems• Used approved privileged escalation techniques to identify systems with misconfigurations and addressed those issues

Oct 2018 - Nov 2019

Cyber Systems Administrator

Colorado Springs, Colorado, United States

• Rated as an Excellent Performer during the 2017 Year-End-Review process. Improved the build, security posture, and deployment of WES 2009 and RHEL 5-based systems deployed to locations worldwide• Worked with Engineering to design, test, secure, and deploy upgraded systems on hardened HPE DL160 servers running RHEL 7.4; Provided team with lab-based demos of technologies for consideration in the overall design• Provided input to SSPs, remediated STIG findings, reacted to FRAGOs, and reviewed IA documentation prior to being delivered to the customer; Resulted in the IGS program being granted ATO’s for both Nexion and ISTO systems• Used security tests against systems in the lab using Kali Linux to confirm mitigations based on ACAS scans and STIG findings using Nmap, nping, Wireshark, and tcpdump• Automated McAfee DAT and IAVM file transfers using Powershell and PSFTP to reliably complete file transfers to remote sites over unreliable links• Interpreted and applied STIGs to fielded and lab systems• Worked with DoD customer to address McAfee Agent performance issues on RHEL 7• Responded to DoD directive to eliminate unnecessary Samba installations running on fielded systems• Responded to and investigated port scans against fielded systems; Reported any incidents involving unauthorized access to ISSO• Advised Engineering and IA personnel on Software and System configurations related to upcoming PKI requirements - advised DoD customer directly on impacts to the current system, support infrastructure required, and changes needing to be made to our remote access methods• Developed and tested custom remote access method to only use PPS approved port 22 (SSH) and not port 3389 or other 3rd party tools• Developed RHEL 7 TCNO/IAVM update process using yum repos in a virtual environment to meet a quarterly TCNO deployment schedule• Used Nmap to confirm lab systems remained compliant with NG security polices despite frequent changes to system configurations

Dec 2016 - Aug 2018

Senior Systems Administrator

Colorado Springs, Co

• Discovered solution to Active Directory replication issues which interfered with the consistency of Active Directory objects on systems impacted by slow network links; Developed command-line method using repadmin to monitor each Domain Controller’s Update Sequence Number to pinpoint problematic RODCs allowing for replication and object aging to become more consistent domain-wide; Clean and STIG’d images used to replace these RODC’s, correcting DNS entries, and ensuring AD Sites and Services was configured correctly allowed for proper replication to occur• Designed and documented workaround guidelines for circumventing the effect of McAfee Agent on successful Global Catalog replication to Read-Only Domain Controllers at remote sites; Guidelines allowed for proper RODC authentication in the event the Writeable Domain Controllers were unavailable; This allowed testers to complete multiple test sessions (SVT and Final Test) in both the field and the Honeywell Advanced Test Bed CSSTB lab leading to Air Force acceptance of the system• Implemented STIG requirements in fielded Line Replaceable Units to prepare for export to the Advanced Test Bed CSSTB lab environment; Responsible for exporting OVA’s from VM’s in the field to implement in Honeywell’s Advanced Test Bed for SVT and Final Test activities• Implemented and verified STIG requirements and their applicability to Solaris and Linux systems in the Advanced Test Bed RISS lab; Recognized by management for being able to push this task through after being delayedKeywords: MCSA/MCITP Server 2008 R2, Linux+, CompTIA Security+

Feb 2016 - Jul 2016

Windows And Linux System Administrator

Aurora, Co

• Refined existing PKI solution and documentation to support in-house certificate generation for multiple development labs; Managed this solution using RedHat Certificate Manager and several Linux BASH scripts; Used this solution to assist in achieving a major milestone in a deliverable lab environment on the $4 billion GPS-OCX program• Provided support for a deliverable secure lab used to test Block 1 software developed in the non-deliverable lab for which I provided primary support; These 2 labs were the number 2 Critical Chain priorities for the program• Provided primary support for a secure multi-site factory lab with locations in New Jersey and Colorado which supported classified information processing and satellite simulation development used for demonstrations of the GPS-OCX system to the Government customer• Successfully obtained an ATO accreditation for classified labs in back-to-back DSS audits• Selected by management to work on the Development Lab Team; Worked in high-pressure situations with tight deadlines to build secure development labs for Block 1 GPS-OCX software development; Integrated multiple technologies into this lab consisting of multiple domains such as ESXi 5.5, vSphere 5.5, vCloud Director, EMC VNX2 storage, Linux and Windows hosts; Managed changes, ran and attended meetings, and coordinated with recipient stakeholders as the lab implementation progressed; Recognized by management as the lead Windows/Linux System Admin for these labs• Responsible for installing and configuring LogRhythm to collect logs from Windows and Linux hosts in a secure lab environment consisting of multiple domains• Built several smaller unclassified labs consisting primarily of Windows hosts for the Boeing component of our team; Developed and documented procedures for cloning Windows 7 systems using Windows AIK, ImageX and .wim files sourced from VMWare OVF templatesKeywords: MCSA/MCITP Server 2008 R2, Linux+, CompTIA Security+

Sep 2013 - Jan 2016

System Administrator

Afghanistan

• Promoted from Help Desk Administrator to System Administrator with ITT Exelis• Monitored server uptime and various server/connectivity thresholds with What’s Up Gold• Implemented and monitored nightly and weekly backups to ensure data recovery capabilities• Created and maintained virtual servers in VMware through the vSphere client on NetApp hardware; learned techniques for managing the aggregates, volumes, and LUN’s using PuTTY for Telnet console access• Initiated patching and server/client reboot schedules using Psexec, Powershell, and GFI LanGuard • Installed, configured, maintained, and upgraded Windows 2003/2008/2008 R2 servers using Raritan KVM switches in large-scale Windows XP and Windows 7 environment in multiple locations affecting several thousand users • Performed server operating system installations and implemented system hardening according to established procedures• Managed and maintained Exchange 2003 using Exchange System Manager, Exmerge, and eseutilKeywords: MCSA/MCITP Server 2008 R2, CompTIA Security+

Aug 2012 - Mar 2013

Help Desk Administrator

Afghanistan

• Used the Remedy ticketing system to send tickets to higher support levels and track customer issues to completion• Interacted with customers on the phone and in person to troubleshoot Exchange e-mail, share access, hardware, and connectivity issues both remotely through Remote Desktop and/or on-site visits• Assisted in testing and preparing for large-scale deployment of Windows 7 as a replacement for Windows XP on Army networks• Maintained accurate VMPS entries to ensure computers received their intended traffic through proper VLAN membership using PuTTY• Created user accounts in Active Directory, followed DoD policy for unlocking, moving, and deleting user/computer objects, and ensured customers had the proper permission levels for shared resourcesKeywords: MCSA/MCITP Server 2008 R2, CompTIA Security+

Dec 2010 - Aug 2012

Network Administrator

Gr Birdwell Construction

Houston, Tx

• Managed computing environment for 40 home office users and several remote users using Windows XP, Vista, and Windows 7 with Windows Server 2003 and 2008 as back-end servers• Successfully ensured the physical cabling, server OS installs, and purchased equipment were on schedule and installed properly in a newly built office building• Coordinated with local telecom company to configure DNS zone files to properly route data to internal servers• Managed file server quotas with FSRM, user logon credentials in Active Directory, Exchange 2007 user accounts, and ensured minimal downtime due to malware using ESET NOD32; Utilized Group Policy Objects to automate file redirection for each user’s My Documents folder, govern password criteria, and create rules restricting client machines to core business applications; Used WSUS to ensure client and server machine patches remained up to date; Configured daily and weekly backups using Symantec BackupExec• Managed, maintained, and configured ShoreTel VOIP phone system supporting 40 users; Configured advanced features such as call re-routing, hunt groups, and auto attendants• Installed, migrated, configured, and supported Blackberry Enterprise Server on Windows Server 2003 and 2008. Integrated BES solution with Exchange 2007.• Performed server-migrations and responded to hardware failures on a 24/7 basis• Automated server functions with PowerShell; Performed maintenance in Exchange 2007 using PowerShell in the Exchange Management Console• Configured web servers using IIS7, Wordpress 3.0, PHP, SQL Server, and MySQL for www.energyaviation.com• Set up internal Exchange e-mail with unified messaging and handled all aspects of IP routing and resolution in support of the company’s startup private jet service, Energy Aviation• Supported proprietary accounting and payroll software to ensure data accuracy and proper function• Used remote desktop software to address remote user computer problems

May 2008 - Sep 2010

Armor Systems Technician

Ft. Hood, Tx And Iraq

• Created Windows XP Professional network solutions to assist unit leaders with personnel management and Internet access• Presented solution for 120 node wireless network to chain of command and was approved; Created wireless LAN through VSAT using a Linux server providing 120 soldiers with Internet access• Maintained government Internet systems through routine hardware maintenance and improved cooling solutions in desert environment• Initiated and developed Microsoft Access database solution allowing senior leadership to make critical decisions using accurate data more quickly than previous methods• Assisted senior communications specialist with satellite communication troubleshooting, setup, spacecraft acquisition, and maintenance• Trained on state-of-the-art command and control systems and allowed access to systems containing classified information• Operated and maintained state of the art U.S. Army equipment including proper upkeep and operation of it’s communications, mechanicals, and weapon systemsOther duties:Member of M1A2 SEP Tank crews deployed to Iraq in support of Operation Iraqi Freedom. Conducted patrols, engaged the enemy in close combat, and gathered intel for higher commands. Worked as dismounted infantry in ground combat operations while protecting other U.S. forces in the construction of checkpoints along main service routes. Inspected 100's of Iraqis and vehicles daily in Baghdad's Green Zone for weapons, improvised explosive devices, and identification. Worked in several Command Posts operating sophisticated radio and GPS equipment to collect intel. Operated and maintained computer equipment deployed to forward operating bases. Maintained the connectivity, availability, and security of communications over satellite connections.

Jan 2003 - Mar 2008

Network Technician

College Station, Tx

• Operated and maintained web server using Microsoft Windows NT Server• Performed network troubleshooting for 20 users spanning two offices • Managed user account access privileges to server resources• Initiated improved backup schedule resulting in improved retention of data• Monitored network for intrusion attempts using Ethereal allowing IP blocking on the firewall; resulted in fewer attempts to deface CIBS website • Created Active Server Pages utilizing Access databases to manage the CIBS video library

Mar 1999 - Dec 2001

Network Technician

College Station, Tx

• Performed helpdesk functions to assist clients via remote access, phone requests, and on-site repairs• Modified LAN topography to increase user capabilities and increase work efficiency• Repaired and replaced hardware for 40 users• Educated network users on security policies resulting in a drastic reduction of viruses, worms, and computer repair times

May 2000 - Aug 2000

Network Technician

College Station, Tx

• Maintained and operated the network over three separate offices using Microsoft Windows NT Server• Managed user training, network operation, and provided technical expertise for 130 users across five departments• Assigned access privileges, provided user education, and performed hardware troubleshooting • Experienced with large scale natural disaster recovery; rebuilt and recovered all necessary network nodes, software, and data in two days after a direct lightning strike to building• Ensured all computers on the network became Y2K compliant with 100% success rate• Advised management on user habits which allowed tighter security policies• Created technical documentation on progress with network upgrades for use by other technicians and users

Mar 1999 - Aug 1999
2 education records

Greg Torrence education

Core Engineering, 3.33

Completed coursework in the CORE Engineering program with a GPA of 3.33 and recognized with the Leader of the Pack award.

Management Information Systems

Activities and Societies: Texas A&M Cycling Team

FAQ

Frequently asked questions about Greg Torrence

Quick answers generated from the profile data available on this page.

What is Greg Torrence's role at their current company?

Greg Torrence is listed as Cyber Threat Hunter.

Where is Greg Torrence based?

Greg Torrence is based in Erie, Colorado, United States.

What companies has Greg Torrence worked for?

Greg Torrence has worked for Pds/United Launch Alliance, Omniforce Solutions/Lumen Technologies, Raytheon Technologies, Alku/Lockheed Martin, and Northrop Grumman.

How can I contact Greg Torrence?

You can use AeroLeads to view verified contact signals for Greg Torrence, including work email, phone, and LinkedIn data when available.

What schools did Greg Torrence attend?

Greg Torrence holds Core Engineering, 3.33 from Secureset.

Find 750M verified contacts

Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.

People with similar names

Check these profiles if this is not the Greg Torrence you were looking for.

View similar profiles