Cybersecurity engineer, developer, DevOps & Cloud Enthusiast
A relatively recent graduate of George Mason University, I'm fundamentally interested about how to get slower things done quickly (automation), how to make things that are working break (security), and how to make things that are broken work (development).
I work at the Crypsis Group as one of their earliest employees (~10 employees at the time, May 2016), and continue to work for them after their Palo Alto Networks acquisition. I've had a direct role in a lot of different pots at Crypsis, from leading a incident response R&D project that made millions to working with the Director of IT to get SOC2 Type 1 (company acquired before Type 2 period) for Crypsis.
As a remote worker, generally I like to spend a decent amount of my free time in whatever city I'm in. Previously that's been DC and Philadelphia, but I have immediate family in London and NYC and plan to rent in the Central US throughout Spring 2021.
George Mason University
BS in Information Technology, InfoSec Concentration
Class of 2019
Leadership:
Mason Competitive Cyber - Founder and President
Student Government - Undersecretary of IT
Mason SRCT - Systems Administrator
AWS Certified Solutions Architect Associate
Passed December 2020
Expires December 2023
Credential ID MBSXL3TBKBQQQ9S5
Got entirely too many questions on tape backups, still traumatized
Crypsis Group (a Palo Alto Networks Company)
DFIR ConsultantSeptember 2020 - Present
Security EngineerJanuary 2020 - September 2020
Junior Security EngineerMarch 2018 - January 2020
InternMay 2016 - March 2018
A mixture of internal security, development and DevOps, and external client work depending on which role you land on in this list.
NanoTech Computers
IT ConsultantMay 2015 - March 2018
Having Linux and Security background, not only was I able to handle the usual "You spilled soda on your keyboard" situations, I unlocked new service offerings for NanoTech, such as legal device unlocks, Linux administration and installation, etc.
Mason Competitive Cyber
President and FounderAugust 2016 - December 2019
Founded an organization from scratch that by the time I left had hundreds of Slack members, hosted both Linux and Cryptography advocacy workshops, several corporate guest circuits, weekly meetings, multiple sponsors, enough paperwork for a small enterprise, and and ran a relatively popular on-site CTF event. We were characterized even from GMU as very "self sustaining" and brought our own presentations week-after-week. While I frequently spoke when nobody else would, by the time I left I was largely just giving weekly announcements and handing it over to students trying to hone their speaking/presentation skills.
Mason Student Run Computing and Technology
Systems Administrator, Executive OfficerMay 2018 - May 2019
As an elected position, I had two primary roles as Systems Administrator.
As systems administrator, I supported applications such as URL shorteners, a "What's Open at this hour" application, and more. Monitored and responded to abuse complaints, which was critical having a strong .edu presence under my own school. Some of our apps were so well supported that GMU embedded them into their official apps. As the systems admin, I even signed an MOU alongside the president with Mason Dining around SLAs, etc for our most popular application "What's Open." I also introduced a bug bounty program. I personally found and patched a critical CSRF vulnerability in a relatively popular application.
As an executive officer, I had a vote in org matters. I was a significant part of executive conversations in the organization around events, networking (such as under the Mozilla Open Source Student network), how to handle member disputes, and even having to call a motion of no confidence on the president (unanimously passed) after members and leadership repeatedly complained in camera.
Mason Student Government
Undersecretary of ITMay 2017 - May 2019
According to the 2020 bylaws, the Undersecretary of IT (seemingly renamed) is as such:
[...] The Undersecretary shall be
responsible for serving as a liaison between the students and the university technical community,
working with various other entities to disseminate information to the student body, and serving
as a technical resource to other areas of Student Government as needed.
As Undersecretary of IT, I advocated for 2FA adoption in the university, worked on the official .edu SG website, and tried to address WiFi issues by aggregating data about the problem amongst students. I also attempted to serve as a liaison between STEM majors and the Student Government, which I feel was very productive - after making introductions, a SRCT member took a higher secretary position before I had even left. STEM majors were under-represented in Student Government and I advocated for more outreach.
Mason VSE STEM Outreach
STARS MemberSeptember 2015 - November 2016
Went to local area middle/high schools advocating for George Mason University STEM programs, helping plan the pre-college program, etc. Quickly funding dried up faculty-side but I continued to advocate for STEM and the university on my own, with my own strategies. I also mentored the CyberPatriot team at Frost Middle School in this same vein after funding dried up and I left the outreach arm.
Crypsaurus
1,000s of suspicious hosts triaged
Platform that collected, processed (parsers, analyzers, etc), and ingested forensic details of checked-in systems at scale. Used as the main Crypsis driver for the majority of the company's existence (still used as a secondary system).
Crypsis ELK-SIFT Auto-Scaling Fleet
Investigation servers spinning up and down daily
Responsible for the pipeline of infrastruction integrated with our ticketing system to automatically spin up/down servers - commonly referred to as "ELK/SIFT" internally - though they are customized much more. Highly customized base image, deployment pipeline, and controls all made with careful consideration to the daily process of a DFIR consultant. A significant footprint of Crypsis's infrastructure.
AccessAnywhere
Serverless document management system
Implemented a system in AWS utilizing Zappa, a serverless framework system. Secured via a 2FA system and user management admin system - including 2FA lockout mechanisms. Also included serverless antivirus scanning. If a document was uploaded and failed a scan, it was locked out from the user, requiring a rotatable unlock password to load. Very strong CI/CD. Worked with a real company as part of our college capstone project. Lead development.
patriotCTF 2018 Head Organizer
Attended by ~80 including multiple schools from the tri-state area
Organized one of George Mason University's most significant cybersecurity events to date, bringing in competitive teams from most major schools in the VA region, as well as one or two from Maryland. Accepted and delivered on corporate sponsors.
GRR Fleet Management System
Large scale response system
Multi-tenant secure system built to allow consultants to quickly spin up internet facing (leveraging SNI) by writing Nginx, HAProxy rules and Docker infrastructure on the fly over a provisioning API, providing both timed health feedback (scanning proxies for orphaned routes, etc) and provisioning results via Slack.
Forensics Extraction via OAuth Flaw
OAuth abuse returns Digital Forensics artifact
Abused a major cloud provider's OAuth process in order to access account insights to faciliate forensic investigations, giving a massive competitive advantage to Crypsis. Note: did not hack anyone else's Oauth tokens or compromise any accounts.
2019 |
|
2018 |
|
Tie for 1st - AWS Security Coding Challenge @ AWS Herndon |
2018 |
2018 |
|
2018 |
|
2018 |
|
2nd Place - VT (Virginia Tech) Summit |
2017 |
CyberPatriot National Finalist Team |
2015 |
2014 |
What caused the Iowa Democratic Caucus app debacle? Too little software testing |
siliconAngle |
IV Estate (GMU Student Pub) |
|
The Mason Competitive Cyber club captures Commonwealth Cyber Cup at state competition |
George Mason University |
Mason Competitive Cyber students compete, collaborate, and create a winning experience for all |
George Mason University |
Intro to Engineering Students Teach, Learn, and Serve During Mini STEM Showcase |
George Mason University |
Crypsis Group (self authored) |
|
Crypsis Group (self authored) |
|
Open Source Tool Release: Gaining Novel AWS Access With EBS Direct APIs |
Palo Alto Networks' Unit 42 (self authored) |
Using New S3 Features to Give CloudTrail Logs Service-Side Enrichment |
Palo Alto Networks SecOps (self authored) |
Forked from the extremely impressive Timothy Chen