WORK EXPERIENCE
Sr. PENETRATION TESTER -- Fidelity Investments
As a Web Application Penetration Tester I complete an average of two pentest engagements per month according to OWASP and other industry standards. In addition to testing web apps, I have experience in testing Active Directory, and Internal/External pentests.
My key responsibilities and accomplishments include:
- Finding security bugs. I focus on quality and specialize in server side vulnerabilities and chaining several bugs to show higher impact
- Writing detailed reports in a way that software developers understand issues and how to fix them
- Writing processes and procedures for pentest engagements
- Mentoring less experienced members of the team and people outside of the team wanting to learn pentest/red team techniques
- Conducting trainings with entire pentest team on interesting vulnerabilities, how I found them, and how to replicate in tests
- Building Capture The Flag challenges for team training
- Successfully escalated to Domain Admin in the annual active directory pentest
SENIOR SYSTEMS ADMINISTRATOR / NETWORK ADMINISTRATOR -- Lucid Software
In my role at Lucid I manage the internal network and firewall as well as all internal-facing servers. I am also in charge of scaling the company’s IT processes, such as scripting and automating workstation provisioning systems, and providing technical mentorship to other team members.
My key responsibilities and accomplishments include:
- Rebuilding firewalls from scratch to implement features such as SD-WAN and failover
- Regularly research and present on security topics for the weekly security club meeting
- Working directly with ISPs to troubleshoot and resolve issues
- Building relationships with vendors to evaluate new technology, services, and hardware
- Planning and deployment of network infrastructure for new office locations
- Migrate VM's from ESXi to Hyper-V
SYSTEMS ENGINEER / TEAM LEAD -- InsideSales.com
After joining InsideSales.com on the Help Desk team, I was quickly promoted to a Systems Engineer, and then again to lead the Internal IT team. As a Systems Engineer, I designed, implemented, and maintained our IT infrastructure, which included internal virtual machine and server environments.
My key responsibilities and accomplishments included:
- Implementing IT Security best practices across the company, including 2FA, MDM, and AV
- Working with auditors to gather and provide information requested to ensure that we were compliant
- Managing Windows Domain Controllers (AD), DHCP, and DNS servers in five office locations
- Full planning, deployment, and documentation of server infrastructure in remote offices
- The initial deployment of Server 2012 r2 & converting entire company's local profiles to active directory
- Managing all corporate devices running on Windows, OS X, Android, and iOS
- Building a complete OSX management & deployment system using a variety of open source tools
- Mentoring the helpdesk team, prioritizing and assigning tasks, and ensuring project deadlines were met, and tracking SLA metrics on tickets
- Working with executives to best support the technological needs of the business
- 24/7 on call monitoring & resolution of issues, and support for global offices
