Career Profile
I have spent the past twenty years working in IT doing everything from desktop support to infrastructure architecture and management. I bring that experience to the InfoSec space where a deep understanding of how systems work and interconnect is essential to everything from threat hunting to incident response and red teaming. I am interested in any and all professional development in the InfoSec space. I learn best by doing and I like to be challenged with projects where I need to learn apply new skills.
Experiences
- Part of the incident response team responding to any and all security incidents.
- Use Splunk and Phantom to detect, alert on, and respond to security incidents.
- Use Ansible and Python to automate analysis and remediation.
- Installed and configured AC Hunter for network threat hunting and automated alerting.
- Reverse engineer Windows and Linux malware samples to identify indicators of compromise and write and implement detection rules to clean the environment and prevent future outbreaks.
- Web penetration testing with Burp Pro & Acunetix.
- Implemented and managed Azure Active Directory conditional access policies and B2C.
- Managed and configured applications in Onelogin as part of the SSO, OIDC, OAUTH2 integrations.
- Managed and configured applications and policies in DUO to provide MFA.
- Responsible for the day-to-day management of the Network Services and Tier II support teams.
- District Data Security Officer - Responsible for maintaining the security and privacy of RPS students and employees.
- Designed and led the implementation of an SSO and MFA roll-out across the district.
- Designed and managed the implementation of network, data center, virtualization, disaster recovery, and security projects throughout the district.
- Responsible for the selection of network, server, storage, backup, and data center power distribution hardware and software, including a proof of concept phase.
- Worked with district leadership on a security incident response plan and, as part of this project, wrote and implemented many IT security policies and procedures.
- Selected and implemented a security awareness training program for all district faculty and staff.
- Encouraged automation whenever possible. Transitioned the network services team to a more modern approach preferring to put the effort in up front in order to automate tedious and repetitive tasks.
- Segmented both individual school and data center networks both for increased performance and security.
- Provided mentoring, education, and advancement opportunities for staff on my teams.
- Responsible for the design and implementation of wired and wireless networks within each school building.
- Configure and support switching, routing, and wireless equipment from Cisco, HP, and Meraki
- Designed and deployed a new WAN routing topology replacing a layer 2 topology utilizing the proprietary RRPP with a vendor-neutral layer 3 topology using OSPF for increased performance, resilience, and hardware support.
- Responsible for the selection of networking hardware and software, including a proof-of-concept phase.
- Planned and executed the replacement of Cisco ASA firewalls with Palo Alto firewalls.
- Implemented BGP, advertised to several ISPs on the network edge for increased reliability.
- Configure, audit, and maintain Palo Alto and Cisco ASA firewalls.
- Responsible for the deployment and maintenance of mission-critical Linux servers in the data center.
- Provided mentoring to members of other teams, encouraging cooperation and building the knowledge base of the entire department.
- Technical lead on a project that deployed 2900 Cisco Wireless Access Points and 40 Controllers at 65 sites over a period of 5 months.
- Configure and support Cisco switching, routing, and voice equipment including Cisco Nexus switches in a data center environment.
- Configure, audit, and maintain Palo Alto and Cisco ASA firewalls.
- Provide audits and recommendations to the security team when assisting in the deployment of new medical devices.
- Work with colleagues specializing in other areas of IT to troubleshoot and resolve system and network performance issues.
- Provide first-level support for Cisco phones in a Cisco CallManager environment.
- Provide support for Cisco Contact Center Express and Contact Center Enterprise agents.
- Configure and support Cisco switching and routing equipment including Cisco Nexus switches in a data center environment.
- Administered several Linux utility servers to provide backups and a department wiki.
- Provide day-to-day data center support including cabling and racking servers.
- Prioritized uptime and security.
- Contracted PC Maintenance Tech (TEKSystems), hired on full-time by Marshfield Clinic in 2010.
- Worked on-site at various Marshfield Clinic locations, often with minimal direct supervision.
- Responsible for installation and maintenance of PC and LAN Hardware.
- Worked closely with vendors to arrange warranty repairs and replacements.
- Helped maintain an inventory of equipment and parts.
- Built and re-imaged devices.
- Considered customer service to be a high priority.
Certifications
Certifications and licenses I have earned.
GIAC Cloud Penetration Tester (GCPN) - The GIAC Cloud Penetration Tester (GCPN) certification validates a practitioner’s ability to conduct cloud-focused penetration testing and assess the security of systems, networks, architecture, and cloud technologies.
GIAC Cloud Security Automation (GCSA) - The GIAC Cloud Security Automation (GCSA) certification validates a practitioner’s understanding of the DevSecOps methodology and toolchains, and skill in implementing security controls throughout automated secure DevOps pipelines. GCSA certification holders have demonstrated knowledge of the tools, security controls, and configuration required to improve reliability, integrity, and security of cloud-hosted systems.
Palto Alto Networks Accredited Configuration Engineer (ACE) 8.1 - Accredited Configuration Engineer for PanOS Version 8.1
Palto Alto Networks Accredited Configuration Engineer (ACE) 7.0 - Accredited Configuration Engineer for PanOS Version 7.0
Licensed Amateur Radio Operator, Amateur Extra class - My Amateur (ham) Radio License
Projects
Here are a few personal websites and projects–hardware and software–that I wrote to automate tasks and solve my own problems. They are all open-source so hopefully they can help someone else as well.
Static Void - My security blog where I discuss personal projects and ambitions in the InfoSec space.
ku0hn.radio - My amateur radio blog where I discuss all things ham radio.
AutoPAX100 - An Arduino project that provides automated band switching on the normally manually-controlled Radioddity PAX100 low pass filter.
ATV-ID - A simple Arduino sketch to insert a callsign (for station ID) in to the video signal of an amateur television transimssion.
pyldgctl - A work-in-progress Python and GTK project to provide remote (PC) control and metering to the LDG AT-1000PROII automatic antenna tuner.