Summary || Why Hire Me?
- Tech is easy, there is just a lot of it. I’ve spent the better part of a decade in the trenches of IT & Security.
- I’ve been through acquisitions, migrations, & have been the go-to for the C-Suite for technical advice.
- I’ve led teams, built out security programs, & have been the one to call when things go sideways.
Experiences
- Spearheaded Production Security over 200,000 devices = 50M in annual recurring revenue (ARR) implementing CIS Controls, PCI & ISO 27001 series as frameworks
- Including, but not limited to 7 node cluster running open source SIEM solution (Wazuh) leveraging AWS EC2 and Cloudformation.
- Wrote, tested, deployed to over 30,000 servers Wazuh installation and config packages.
- Collaborated w/Production & Development teams to redefine the software development lifecycle (SDLC); CI/CD pipeline, for 5 development sub-teams.
- Designed a robust 5-year Security plan that was integrated into the development roadmap.
- Built out a org wide IR communication channel bringing 6 departments to a single process to enhance security awareness & incident response.
- Identified attack vectors with a 100% success rate leveraging forensic tools (Sleuthkit, FTK Imager, Autopsy) during incident response.
- Resolved critical long standing vulnerabilities in the production environment improving AWS Security Hub score by 60%.
- Initiated 8 security projects & made the business case compelling for C-Suite.
- Advised & reported to C-suite on technical issues during the migration of 50,000+ edge devices post-acquisition & led platform onboarding.
- Developed roadmaps, optimized processes & conducted security audits.
- Led Quarterly Business Reviews & platform approvals w/huge brands, impacting $20M ARR.
- Well versed in escalations, fostering cross-department collaboration, with a 95% success rate.
- Led the Advanced Technology Group a team of 5 engineers.
- Trainer and Sales SME w/clients & Cloud POS Vendor Relationships & integrations. (30+ POS systems)
- Managed lifecycle of 200,000 devices, making the case for budget spend & security improvements.
- Worked w/3rd party vendors on hardware requirements, IP camera specifications & quality control saving the company over 1M in hardware costs.
- Automated 2,000 hours of manual support task the first year alone; increasing yearly up to 10k/year
- Generated over 30 knowledgebase articles utilized by both technical & non-technical departments. Including the companies first “All-In-One-IP/HD Camera Guide”
- Reduced support department call times by 15% on average following training classes I designed and led.
- Resolved critical SSL cert issues across 15,000 devices restoring company PCI Compliance Status
- Ground up installation of software & cameras; juggling 5-30 a day.
- Integrated every POS Solution on DTT’s integration list; but not limited to: SubwayPOS, Aloha, Radiant RPOS, Micros3700, Micros E7, Micros 9700, Triport Printer Taps, VSI Capture Boxes, Positouch
- Provided technical support for residential customers; troubleshooting internet, phone & cable services. QA rated 100% call quality; used for training..
- Reduced customer bills by 10% while increasing services by 20%.
- Inbound call center for hotel guests at the MGM Grand, Mandalay Bay & Luxor & several other properties.
- Worked at a technical level greater than my role call for, resolving issues rather than just creating dispatch tickets, with an 80% single contact resolution rate.
- Survived 8 rounds of layoffs before being offered a full time position.
- Provided computer repair & maintenance services to roughly 60 clients; 1 business with 10 locations.
- Installed & configured software & hardware for clients.
- Provided discounted services to elderly & disabled clients.
Projects
AI/ML Self-Driven Exploration
- Locally running custom LLMs (Large Language Models) & training custom embeddings for various models, including but not limited to: for Meta's Segment Anything (SAM) model which can identify company hardware tangled within a 'rat's nest' in a customer environment.
Automated Honeypot Deployment & AI Payload Processing
- Automated deployment of honeypots across multiple cloud providers & on-premises. Processing of payloads for analysis & threat intelligence. Something to keep me busy while job hunting.
OSS Contributions
SD.Next
- All-in-one for AI generative image/video generation. I contribute to the project by providing feedback, testing & provide some support on the discord server.
Technologies: Torch/PyTorch, Tensorflow, Diffusers, Python, Gradio, JS, HTML, CSS, Docker to name a few.
Recommendations
-……. His eagerness to learn & openness to new challenges have been hallmarks of his career, enabling his transition from a security enthusiast to a true professional……. his technical expertise, problem-solving mindset & collaborative approach make him an invaluable asset to any organization. I highly recommend him to anyone seeking a security expert who combines deep technical knowledge w/an unwavering commitment to excellence.
-……. creativity & dedication left a lasting impression on me. ….proactive approach to problem-solving & his talent for working seamlessly across departments……ability to bring teams together & execute initiatives flawlessly highlights his value as a true team player…..staying ahead of industry trends & leveraging data-driven insights to inform strategy demonstrates his forward-thinking mindset & adaptability in a fast-changing environment……fosters an environment where innovative ideas thrive & inspires those around him to perform at their best…..dedication to both personal & professional growth….invaluable asset to any organization.
- More on LinkedIn
Skills & Software | Years of Experience
Windows (all) - 10
NCR Aloha - 10
Micros 3700/9700/E7 - 10
Printer Taps - 10
Cloud POS Vendor Relationships - 10
Cloud POS Integration - 10
POS Integration - 10
DVR/NVR - 10
IP cameras - 10
POE Networking - 10
RTSP & Onvif - 10
Docker - 10
Wireshark - 10
Communication - 10
ArchLinux - 8
API Interactions - 7
Positouch - 7
Radiant RPOS - 7
Subway POS - 7
Par Brink - 7
NCR Silver - 7
Bash - 7
ProxMox - 7
OWASP Top 10 - 7
Endpoint Security - 7
Data Recovery - 7
MySQL/MariaDB - 6
MSSQL - 6
Nmap - 6
Forensics - 6
Sleuthkit - 6
Autopsy - 6
FTK Imager - 6
Chain-of-Custody - 6
Spear Phishing - 5
Phishing - 5
Social Engineering - 5
Bruteforce Techniques - 5
Meta - 5
GitHub (Enterprise) - 5
AWS Technologies - 5
MITRE Atomic Red Team - 5
NIST 800-53 - 5
NIST 800-63 - 5
Prometheus - 5
Grafana - 5
ZAP & Burpsuite - 5
Active Defense - 5
Ghidra - 5
SSO - 4
JWT - 4
SAML - 4
OAuth2 - 4
API Security - 4
Trufflehog - 4
Honeypots & Canarytokens - 4
Threat Hunting - 4
Sysmon - 4
Wazuh - 4
Role Based Access Control (RBAC) - 4
IAM - 3
Cloudtrail/CloudWatch - 3
Umami Analytics - 3
Google Analytics - 3
Shopify - 3
SQLite - 3
PostgreSQL - 3
CIS Controls 8.1 - 3
PCI 4.0.1 - 3
Python - 3
Nginx - 3
Static & Dynamic Analysis - 3
Penetration Testing - 3
Incident Response - 3
API Development - 2
Google Cloud - 2
Secure Code Practices - 2
Orca Security - 1
Squarespace - 1
Runpod - 1
Kubernetes (k8s) - 1
Rust - 1
AC Hunter - 1
Go - 1
JavaScript - 1
React - 1
Snyk - 1
Elastic Agent - 1