Hired to assist one of the largest banks in the United Sates in building new penetration testing practice. Manage team penetration testers while directing and conducting web applications, network, internet of things (IoT), cloud/container, and application program interface (API) penetration testing. Simulate insider threats to assess software by code review of multiple languages. Conduct Amazon Web Services (AWS) penetration testing and continuous integration/continuous delivery (CI/CD) reviews. • Spearheaded enterprise security initiatives, collaborating with cross-functional teams to create password storage procedures that safely store staff passwords.• Developed standardized processes, tools, procedures, and checklists for varied skill levels’ use in penetration testing to increase efficiency and effectiveness throughout rapid team growth.• Participated in threat models including company-wide, high-security AWS design and a new network offensive security testing platform.

Managed web application, mobile, network, and API penetration testing for B2B SaaS company. Oversaw C# coding for security vulnerabilities and provided internal teams with security/PCI compliance advice. Conducted AWS service security review and directed Purple Team activities.

Drove network, web application, API, IoT, Physically, and Unisys mainframe penetration testing during merge with AppSec Consulting. Educated customers on compliance and PCI standards. Attended/hosted executive meetings to steer business development and helped with budgeting/hiring procedures. Advised C-level executives on targeted security. Trained and developed team of top-performing testers.• Built IoT testing specialty practice from ground-up, successfully generating revenue by gaining multiple high-value clientele, single engagements, and interest in company services.• Increased brand awareness by authoring blog posts, drafting newspaper articles, attending conferences, and working BSI vendor booths to promote new services.• Won BSI awards for Innovation and Brand Ambassador in January 2020.

• Network, Web Application, Physical, and Unisys Mainframe penetration testing.• Strong knowledge of PCI and collaborated heavily with customers around compliance.• Extensive leadership duties including participate in internal executive meetings to steer business development, filling in for management when needed, and assisting with budgeting and hiring.• Assist in the training and development of testers.• Marketing duties including working vendor booths, speaking at conferences, and writing blog articles.

• Operated a Hack Lab in Fargo, ND which provided free weekly 3-hour trainings on penetration testing and information security.• Conducted security research.• Provided free security consulting to small and medium businesses.

Led complex web application, network, and penetration testing while training junior personnel to increase efficiency and accuracy at cybersecurity organization. Performed scoping calls with customers.• Secured 2+ requests for proposal (RFP) contracts by identifying business opportunities and advertising services through personal interactions, presentations, and conferences.

• SOC LeadSIEM developer and administrator.• Log Analysis/Blue Team activities.• Threat hunting and penetration testing.• IDS/IPS administration.• Government contracting DISA/FISMA environment.

• Configure and maintain Linux server systems in a high security environment.• Administration of SIEM systems, including the creation of log parsers for new log sources. • Configure and ensure alignment of systems to DISA STIG, FISMA, and other standards as necessary.

• Configure and maintain Linux, Mac, and SAN systems.• Conduct security log reviews of PCI and critical systems. • Interface with 3rd party IDS/IPS monitoring company to identify security events. • Monitor organization events to identify indicators of compromise and remediate systems.

• Professional and Premier Mac Office support consultant for Microsoft.

• Configure and maintain Windows server systems in a high security environment.• Configure and ensure alignment of systems to DISA STIG, FISMA, and other standards as necessary.

• Reviewed data input file errors from 3rd parties which were importing data into a government system.• Developer for internal systems. • Administrator of Windows CRM systems. • Conduct penetration testing of new systems to ensure compliance with government and corporate security standards. • Review all network devices and systems daily to identify potential security incidents and conduct incident response.

• Physical Security.