Clearance: Top Secret (inactive)
Experienced professional seeking further challenges where a diverse technical background will be utilized while learning new technologies.
Research Engineer: December 2014 - Present
SourceFire (Columbia, MD)
Senior Research Engineer: March 2014 - November 2014
CounterTack, Inc (Santa Monica, CA)
- Using Python to automate common tasks for co-workers.
- Creating demos for sales staff to help demonstrate the company’s product.
- Modifying existing malware to bypass multiple anti-virus vendors.
Network Security Engineer II: January 2010 - March 2014
Chickasaw Nation Industries - FDA Contract (Rockville, MD)
- Created a fully automated malware analysis tool using cuckoobox and custom python code to suit internal needs (both virtual and real hardware).
- Reverse engineer binaries as well as protocols in order to create custom tools for the Security Operations Center and Incident Response Teams.
- Created and maintained a custom Linux Distribution based on Ubuntu 10.04.
- Custom python scripts for use with Splunk in order to perform lookups outside of syslog logging.
- Automation of Reporting via XML, OOXML from Bugzilla Database data. Saving an average of 36 hours a week.
- Created a custom Bugzilla template for metric reporting using Perl.
- Using Python to write multiple tools for Web Spidering and Reporting, Analyzing Malware and Network Forensics.
Chief Technology Officer: July 2008 - July 2009
Performance Entertainment Design Group (Lancaster, Pa)
- Migrated hosted services from multiple hosting companies to a single hosted service for ease of management.
- Created a website where clients were able to securely log in and download large CAD files and PDF documents.
- Maintained email for four sub companies hosted on the same machine on site.
- Provided general helpdesk support and consulting for all employees and their family members.
Chief Technology Officer: March 2006 - November 2010
Tait Towers, Incorporated (Lititz, Pa)
- Provided Helpdesk support for over 150 users; including clients, vendors, employees, and the owner.s family members.
- Managed a team of three people; two programmers and a support technician.
- I’ve lead the company in technology while growing from a total of 40 employees in 2006 to over 150 employees and 4 locations.
- Reverse engineered a security systems circuit board so that we could create our own and install PLC equipment in order to monitor door status. I used an open source Arduino in order to keep the cost down and allow for easy upgrades in the future.
- Reverse engineered the drivers for a Brother P-Touch Labeler, allowing us to use more than one on the same machine. I also designed the software that allows these units to print at the exact same time.
- Managed the company.s mobile phones via Verizon.
- Maintained and provided support for our CNC machines, including the main computer, the handheld units, as well as the motorized metal handler.
- Maintained and managed two Cisco Call Manager Express units, one in Manheim and in Lititz. Both had to be able to talk with each other in order to intercom and page back and forth.
- Maintained our time clock system allowing for people to punch in and out in multiple locations.
- Automating our purchase order software so that it would open directly from Microsoft Outlook for viewing orders.
- Designed websites for miscellaneous clients and friends of the company using CSS, HTML, and PHP.
- Creating custom automation using a mixture of Bash, .Net, Perl, Python, PHP, and PowerShell.
- Maintained a mixed environment of Mac OS, Linux, Windows, as well as Unix machines.
- Evaluated networks, phone systems, and computer upgrades for sister companies as well as companies we have acquired during our growth.
Computer Operations Intern: April 2005 - July 2005
Lancaster General Data Center (Brownstown, Pa)
- Ran batch processes for backups, monitored job activity, and execute recovery processes by contacting support personal.
- Filled out department logs, monitor security and fire prevention systems.
- Answered support calls, utilized a voicemail system for status reports, and articulated problems to coworkers in other departments.
- Monitored all systems interfaces and LAN infrastructure according to existing standards and procedures.
- Wrote reports for IBM mainframe using REXX, RMM, JCL, and SDSF.
Tool Designer/Computer Systems Specialist: June 1999 - March 2006
PrecisionForm Incorporated (Lititz, Pa)
- Designed tooling that would produce parts according to customer specifications using AutoCAD Mechanical Desktop and AutoCAD Mechanical 2005.
- Maintained CAD standards and automation using AutoLISP, VBA, and ObjectARX.
- Proof read other designer.s drawings prior to ordering tooling or issuing drawings to the shop floor.
- Maintained customer database in order to keep track of customer drawings and their revision levels.
- Maintained and trained others in the International Material Data System (IMDS) for customer supplied parts.
- Designed, tested, and implemented Microsoft Access and Microsoft SQL Server databases for internal systems.
- Designed and Implemented Microsoft Exchange 2003, Fileservers, Database Servers, as well as the Print Server.
- Provided helpdesk support for approximate 32 desktop users.
- Maintained company LAN infrastructure.
- Provided consulting for company supervisors about information technology in regards to their departments.
Computer System Specialist: June 2003 - October 2005
York Technical Institute, York, Pa
Computer Aided Drafting and Design: June 1998 - October 2000
York Technical Institute, York, Pa
- 2014, SEPP (Social Engineering Pentest Professional)
- 2014, RFID Hacking; BSidesLV Training
- 2014, Advanced Practical Social Engineering; Blackhat Training
- 2012, Application Security: for Hackers & Developers; Blackhat Training
- 2012, The Shellcode Lab; Blackhat Training
- 2011, Developing Effective IDS/IPS Signatures; Blackhat Training
- 2011, Advanced Malware Deobfuscation; Blackhat Training
- 2011, GPEN (GIAC Penetration Tester) Awarded by GIAC
- 2011, OSWP (Offensive Security Wireless Professional) Awarded by Offensive Security. This is one of the world.s leading wireless attacks certifications. After the student studies the internal workings of wireless signals and how to successfully crack the most popular and common encryption protocols in the market then are challenged with the OSWP information security certification.
- 2010, OSCE (Offensive Security Certified Expert) Awarded by Offensive Security. This is an intense 48 hour straight exam requiring you to do some fuzzing to find software faults, write custom exploits for said faults.
- 2010, OSCP (Offensive Security Certified Professional) Awarded by Offensive Security. The student is expected to dive into an unknown network, craft custom tailored exploits, find security flaws, and exploit weaknesses within the architecture in order to pass.