Led and conducted comprehensive penetration testing and vulnerability assessments for diverse clients, including Fortune 500 companies, to identify and mitigate potential security risks. Conducted a wide range of assessments, including internal/external assessments, social engineering, web application assessments, purple team exercises, and assessments to support various compliance requirements.Stayed up-to-date with emerging security threats, industry trends, and relevant tools and techniques, actively contributing to knowledge sharing within the organization.Mentored and trained junior security consultants, providing comprehensive guidance on penetration testing methodologies, tools, and best practices, resulting in their professional growth and enhanced team performance.Prepared detailed reports documenting penetration testing findings, including identified vulnerabilities, potential business impacts, and recommended remediation measures, providing actionable insights for clients' cybersecurity improvement.

Executed black box network assessments, phishing campaigns, and red team engagements against fortune 500 companies in the retail, finance, and medical industries, while consulting with clients to define scope, rules of engagement, and technical requirement of assessments. Developed TTPs for red team operations to help define standards for all red team engagements; constructed and maintained phishing and C2 servers utilizing valid DNS records to ensure that emails and traffic didn't alert defenses.Created actionable penetration testing reports for client delivery and worked with those clients through the remediation effort, to verify appropriate controls were established during retesting.

Conducted formal vulnerability assessments and penetration tests of networks, systems, and web-based applications for cloud customers; managed and facilitated required 3rd party commercial and federal penetration tests.Coordinated with Security Operations Center in the identification and prevention of new threats and exploits released, by assisting the creation of new IDS/IPS rules to detect activity. Worked on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets.

Conducted penetration testing against a broad range of targets, including Windows, UNIX/Linux, and web applications against U.S. Army networks. Incorporated targeted social engineering campaigns to raise user awareness as well as assess the effectiveness of local organizations' incident response process.Leveraged both automated and manual testing tools to discover vulnerabilities and methods of exploitation to provide U.S. Army Cyber Command an accurate and comprehensive view of their network defenses from an outside and insider threat perspective; utilized tools such as Nessus, Metasploit, Kali Linux, Cobalt Strike, Wireshark, Nmap, Hashcat, and Burp and others to scan, enumerate, and penetrate target systems in order to provide an accurate security assessment. Conduct research on newly discovered vulnerabilities, exploits, and attack methods and attempts to replicate through sandboxing to determine the threat to U.S. Army networks. Collaborates with blue team organizations to help refine signatures to ensure that new attacks are able to be identified and prevented. Provide briefings and reports to management and advise site administrators on best business practices and remediation techniques for the identified/exploited vulnerabilities during an assessment.

Supported DoD network operations by coordinating defensive cyberspace operations during critical and high–tempo operations in accordance with established policies and best practices. Provide guidance to tier one and regional cyber responders for the proper handling of cybersecurity incidents; opened tickets for incidents and subsequently track the incident handling life-cycle across regional cyber defense teams. Work with the requirements manager and coordinate the flow of information between regional team and partners, including United States Cyber Command to ensure incidents are properly tracked, escalated, and reported. Provide timely updates to senior leaders and provide recommendations to leaders and cyber responders. For example, when EternalBlue released, coordinated with every U.S. Army installation security manager to identify and remediate all affected systems, and provided updates to USCYBERCOM every two hours.

Effectively maintained security of sensitive information by employing standards of Information, Operations, and Personal Security of over 500 records over the course of three yearsActed as in-house IT Specialist by updating, patching, troubleshooting, and repairing computers and peripherals for three years; had oversight of approximately 40 pieces of equipment that I assisted higher-level support with maintainingCreated and maintained databases that allowed team members to better track operations and maintain continuity of service during staff turn-over; led to the workgroup being rated in the top 5 for the regionAnalyzed data to forecast applicant success rate that has resulted in contracting 70% of the area market share exceeding the requirement of 45%; led to an increase in customer interactions and commitments by 118% over the previous fiscal years

Supervisor for the training of an organization made up of over 130 personnel. I assisted with the training, development, and planning as well as maintaining all records for individuals of the organization. Created a custom database for unit administrators that increased efficiency of managerial operations by 75%Maintained and updated the administrative & training records of over 130 assigned employeesSustained professional development by completing over 1,000 hours of courseware facilitated by Skillsoft in the subjects of Microsoft Office Suite, Networking, Information Assurance, and Project Management

Project manager for Signals Development section of 8 cross-departmental employees. Responsibilities included: reporting on new targets, identification of over 600 target identifiers, collaborative work other outer-agencies. Previously, I was a project manager for a technical reporting section of 12 personnel, which drove operations for a department of 60 personnel. Responsibilities included drafting, quality assurance and revising, publishing threat intelligence reports on targets, collaborative efforts with outer-agency analysts. Supervised a production team of a 60-member analysis division that achieved a 1.5% error rate in technical reporting, one of the lowest error rates in the entire department; conducted QA on over 1,800 technical reportsSelected by Program Manager to become Technical Supervisor for new Cyber priority in target development team; resulting in over 500 positive identifications and increasing technical reporting products by 36%Completed over 30 professional development courses facilitated by the National Security Agency’s National Cryptologic School in the subjects of Networking, Computer Network Defense, Information Security, and Data AnalysisConducted quarterly and ad hoc technical briefings for the State Department, CIA, NSA, DIA, and had multiple reports featured in the Presidential Daily Brief

Field Service Technician for the Mountain West region of western Colorado. Responsible for installing, upgrading, troubleshooting, and repairing customer's satellite television service. Also responsible for on-the-job training for new employees.Responsible for customer service in an area of 20,000 subscribersTrained four new technicians in satellite installation, system troubleshooting, and system repairsRanked in the top 10% of the Mountain West region consistently in both efficiency and quality of work