Cybersecurity engineer, developer, DevOps & Cloud Enthusiast
A relatively recent graduate of George Mason University, I'm fundamentally interested about how to get slower things done quickly (automation), how to make things that are working break (security), and how to make things that are broken work (development).
I work at the Crypsis Group as one of their earliest employees (~10 employees at the time, May 2016), and continue to work for them after their Palo Alto Networks acquisition. I've had a direct role in a lot of different pots at Crypsis, from leading a incident response R&D project that made millions to working with the Director of IT to get SOC2 Type 1 (company acquired before Type 2 period) for Crypsis.
As a remote worker, generally I like to spend a decent amount of my free time in whatever city I'm in. Previously that's been DC and Philadelphia, but I have immediate family in London and NYC and rented through the central US throughout Spring 2021.
George Mason University
BS in Information Technology, InfoSec Concentration
Graduated Winter 2019
Leadership:
Mason Competitive Cyber - Founder and President
Student Government - Undersecretary of IT
Mason SRCT - Systems Administrator
AWS Certified Solutions Architect Associate
Passed December 2020
Expired December 2023
Credential ID MBSXL3TBKBQQQ9S5
Got entirely too many questions on tape backups, still traumatized
Palo Alto Networks
Senior Security Automation EngineerDecember 2021 - Present
DevOps EngineerFebruary 2021 - December 2021
DFIR Consultant (in Merger)September 2020 - Feb 2021
Taking a advantage of all that Palo has to offer as a best-in-class product enterprise to engineer the solutions I really always have.
Crypsis Group (a Palo Alto Networks Company)
DFIR ConsultantSeptember 2020 - Feb 2021
Security EngineerJanuary 2020 - September 2020
Junior Security EngineerMarch 2018 - January 2020
InternMay 2016 - March 2018
A mixture of internal security, development and DevOps, and external client work depending on which role you land on in this list.
NanoTech Computers
IT ConsultantMay 2015 - March 2018
Having Linux and Security background, not only was I able to handle the usual "You spilled soda on your keyboard" situations, I unlocked new service offerings for NanoTech, such as legal device unlocks, Linux administration and installation, etc.
Mason Competitive Cyber
President and FounderAugust 2016 - December 2019
Founded an organization from scratch that had hundreds of members, hosted both Linux and Cryptography advocacy workshops, several corporate guest circuits, weekly meetings, multiple corporate sponsors, enough paperwork to be more complicated than the average SMB, and ran a relatively popular on-site CTF event by graduation. We were characterized even by GMU itself in presentations as very "self sustaining" and conducted our own training under a peer model. While I frequently led training initially, by the time I left my day-of involvement was largely giving weekly announcements and handing it over to students trying to hone their speaking/presentation skills.
Mason Student Run Computing and Technology
Systems Administrator, Executive OfficerMay 2018 - May 2019
As an elected position, I had two primary roles as Systems Administrator.
Mason Student Government
Undersecretary of ITMay 2017 - May 2019
According to the 2020 bylaws, the Undersecretary of IT (seemingly renamed) is as such:
[...] The Undersecretary shall be
responsible for serving as a liaison between the students and the university technical community,
working with various other entities to disseminate information to the student body, and serving
as a technical resource to other areas of Student Government as needed.
As Undersecretary of IT, I advocated for 2FA adoption in the university, worked on the official .edu SG website, and tried to address WiFi issues by aggregating data about the problem amongst students. I also attempted to serve as a liaison between STEM majors and the Student Government, which I feel was very productive - after making introductions, a SRCT member took a higher secretary position before I had even left. STEM majors were under-represented in Student Government and I advocated for more outreach.
Mason VSE STEM Outreach
STARS MemberSeptember 2015 - November 2016
Went to local area middle/high schools advocating for George Mason University STEM programs, helping plan the pre-college program, etc. Quickly funding dried up faculty-side but I continued to advocate for STEM and the university on my own, with my own strategies. I also mentored the CyberPatriot team at Frost Middle School in this same vein after funding dried up and I left the outreach arm.
Crypsaurus
1,000s of suspicious hosts triaged
Platform that collected, processed (parsers, analyzers, etc), and ingested forensic details of checked-in systems at scale. Used as the main Crypsis driver for the majority of the company's existence (still used as a secondary system).
Crypsis ELK-SIFT Auto-Scaling Fleet
Investigation servers spinning up and down daily
Responsible for the pipeline of infrastruction integrated with our ticketing system to automatically spin up/down servers - commonly referred to as "ELK/SIFT" internally - though they are customized much more. Highly customized base image, deployment pipeline, and controls all made with careful consideration to the daily process of a DFIR consultant. A significant footprint of Crypsis's infrastructure.
AccessAnywhere
Serverless document management system
Implemented a system in AWS utilizing Zappa, a serverless framework system. Secured via a 2FA system and user management admin system - including 2FA lockout mechanisms. Also included serverless antivirus scanning. If a document was uploaded and failed a scan, it was locked out from the user, requiring a rotatable unlock password to load. Very strong CI/CD. Worked with a real company as part of our college capstone project. Lead development.
patriotCTF 2018 Head Organizer
Attended by ~80 including multiple schools from the tri-state area
Organized one of George Mason University's most significant cybersecurity events to date, bringing in competitive teams from most major schools in the VA region, as well as one or two from Maryland. Accepted and delivered on corporate sponsors.
GRR Fleet Management System
Large scale response system
Multi-tenant secure system built to allow consultants to quickly spin up internet facing (leveraging SNI) by writing Nginx, HAProxy rules and Docker infrastructure on the fly over a provisioning API, providing both timed health feedback (scanning proxies for orphaned routes, etc) and provisioning results via Slack.
Forensics Extraction via OAuth Flaw
OAuth abuse returns Digital Forensics artifact
Abused a major cloud provider's OAuth process in order to access account insights to faciliate forensic investigations, giving a massive competitive advantage to Crypsis. Note: did not hack anyone else's Oauth tokens or compromise any accounts.
2019 |
|
2018 |
|
Tie for 1st - AWS Security Coding Challenge @ AWS Herndon |
2018 |
2018 |
|
2018 |
|
2018 |
|
2nd Place - VT (Virginia Tech) Summit |
2017 |
CyberPatriot National Finalist Team |
2015 |
2014 |
What caused the Iowa Democratic Caucus app debacle? Too little software testing |
siliconAngle |
IV Estate (GMU Student Pub) |
|
The Mason Competitive Cyber club captures Commonwealth Cyber Cup at state competition |
George Mason University |
Mason Competitive Cyber students compete, collaborate, and create a winning experience for all |
George Mason University |
Intro to Engineering Students Teach, Learn, and Serve During Mini STEM Showcase |
George Mason University |
Crypsis Group (self authored) |
|
Crypsis Group (self authored) |
|
Open Source Tool Release: Gaining Novel AWS Access With EBS Direct APIs |
Palo Alto Networks' Unit 42 (self authored) |
Using New S3 Features to Give CloudTrail Logs Service-Side Enrichment |
Palo Alto Networks SecOps (self authored) |
Forked from the extremely impressive Timothy Chen