•Conduct red team style attacks against external and internal networks, web applications, and social engineering campaigns for commercial and government clients throughout the US. Positively impacted industries include medical, financial, and utilities.•Perform deep-dive technical assessments with a variety of manual and automated vulnerability security focused tools such as Metasploit, Nessus, Nexpose, BurpSuite, Nmap, Kali, DirBuster, SQLMap, AppDetectivePro, Wireshark, and Nipper.•In-house SME for GPU based password cracking. Custom built servers that super-charged the cracking process and saved the company time and money. Regularly cracked 65+% of active directory dumps in 6-8 hours through custom dictionaries techniques using Hashcat.•Prepare and deliver high quality reports, which demonstrate vulnerability findings, comprehensive risk analysis at the 1,000ft level as well as the big picture, and offered meaningful remediation suggestions.•Act as FedRAMP program technical assessor and SME. •Socially engineer users to disclose usernames, passwords or other sensitive company information during phishing attacks and pretexting.•Successfully bypassed two-factor authentication system that used mobile authentication tokens. •Provide mentorship and training to junior team members.

Provide onsite support for the Security Protection Engineering Section of Blue Canopy's Prime Federal contract. Worked on a team of six (6) Vulnerability Management Engineers to help the the company improve its security posture and mitigate risk across the enterprise.•Perform vulnerability scanning and reporting for the environment with over 25,000 nodes using McAfee Vulnerability Manager, Tenable Nessus, and Tripwire IP360.•Conduct Wireless Security Assessments (War Walks) and report using the Aruba Networks RFProtect and Fluke Networks AirMagnet.•Score newly disclosed vulnerabilities using the Common Vulnerability Scoring System version 2 (CVSSv2) with company specific factors in mind. Scores used to determine patching schedule for system owners.•Audit Cisco switches and routers using the CIS Router Audit Tool and Nessus. Developed a report showing vulnerable, non-standard configurations after weeding out false positives and worked with system owners to reduce risk.•Create a baseline for future switch configurations based on National Security Agency (NSA) and National Institute of Standards and Technology (NIST) guidelines.•Streamline processes through automation using scripting such as PowerShell.•Conduct vulnerability analysis from the generated scan reports to find root cause(s).•Process improvement development to standardize and automate day-to-day activities.•Participate in remediation activities with functional points of contact to facilitate enterprise risk reduction.•Created and maintained Standard Operating Procedure (SOP) documentation for several team processes.

Provided onsite and remote support for small- to medium-size business users. Worked on a team of engineers to fully support over 85 companies in many industries. Began working on desktop issues but graduated to server and project work. Acted as the primary onsite IT manager for two of the clients with 75-100 employees one of which was a Government contractor. Advised clients on technology choices to help grow their company and improve efficiency with a focus on security.•Lead small team of 4-6 other engineers on projects as well as manage/interface with 3rd party vendors.•Installed, updated, maintained and troubleshot a centrally managed full disk encryption suite (WinMagic Securedocs).•Setup and managed signing and encrypting certificates in an Exchange/Outlook environment.•Installed, configured, and supported secure VPNs including Cisco/SonicWALL/Juniper/Windows VPN clients.•Created and modified firewall access rules and NAT policies.•Managed and monitored WSUS and Symantec/Trend Micro/ Antivirus to ensure systems have up-to-date protection from emerging threats.•Designed, configured, and maintained backup systems as well as real time replication software for business continuity.•Researched new software/hardware at client's request and made recommendations based on reliability, security, and price.•Performed network scans of client networks to reveal weaknesses then work with clients to secure the network.•Administered and maintained keycard access system including a logging database.•Created and maintained network diagrams and other pertinent network documentation.•Administered user accounts and permissions to network resources.•Served as escalation point when less experienced engineers need assistance or in emergency situations.•Monitored industry publications for emerging threats and trends.