Jonathon Fuller Email & Phone Number

San Diego, California, US

• Defined, implemented, and led Application Security program.
• Participated, built, and automated Software Development Life Cycle (SDLC) security, controls, and best practices.
• Performed code reviews, Static and Dynamic Application Security Testing (SAST/DAST) and Run-time Application Security Protection (RASP) in addition to the penetration testing of security evaluation of the public cloud.

Seattle, WA, US

• Built security into Redfin’s codebase through security code review, security unit tests, static code analysis, and vulnerability scanning.
• Validated that services, applications, and websites are designed and implemented to the highest security standards.
• Developed solutions to complex business problems and applied appropriate technologies while following security engineering best practices.
• Handled a mix of disparate tasks which included threat modeling and other business related security project work.

Greenwood Village, CO, US

• Provided guidance to teammates and clients by advising on security and configuration best-practices, defense-in-depth, and secure SDLC.
• Communicated with client stakeholders to include leadership, systems and network administrators, security engineers, development, and support teams.
• Enhanced and maintained cloud service provider technical testing methodologies and standards.
• Led and supported penetration testing projects through their entirety, i.e. scoping through out-brief.

Charlotte, North Carolina, US

• Helped develop the vulnerable machines for the Practical Network Penetration Tester (PNPT) Exam.Utilized Terraform and Python to create an easy to use, all encompassing, CLI interface for proctors to use.
• Created custom solutions to deploy, modify, and destroy student networks for the Practical Network Penetration Tester (PNPT) Exam, with minimal user requirements, leading to high customer satisfaction and success.
• Performed security audits and reporting against client’s networks in Amazon Web Services, Microsoft Azure, and Google Cloud Platform.

Linthicum Heights, Maryland, US

• Performed web application testing, from beginning to end, including delivering the report.
• Created reports that were delivered to both leadership and engineers with high satisfaction.

New York, New York, US

• Managed 500+ AWS instances spread throughout the world through Terraform, CLI, and console.
• Supported live projects with Fortune 500 companies.
• Created the scripts and tools that supported a variety of products, leading to a decrease in average downtime.
• Supported and trained coworkers on the tools that were implemented.

London, GB

• Created vulnerable machines so that customers could increase their penetration testing skills, and deployed specially crafted vulnerable EC2 instances inside of VPCs.
• Managed intra-network routing tables, monitored alerts, managed IAM roles, and created CloudWatch dashboards.
• Configured secure VPN servers. Deployed several subnets across multiple availability zones. Managed IAM roles, and implemented centralized billing.
• Worked with technical and senior leadership staff to turn business directives into functional implementations.

Sacramento, California, US

Pro-actively review/monitor the IT network infrastructure for all offices that are within the state, control physical data center access, validate server integrity through Intermapper, System Center Operations Manager (SCOM), and SolarWinds to perform daily health checks for systems and applications, route issues to the appropriate 2nd tier support person.

Sacramento, California, US

Service desk for state agency, solving a wide variety of social, software, and hardware issues. Managed complete user administration and hardware inventory. Created widely utilized solutions for urgent problems.