Jul 2019 – Present · 6 yrs 9 mos · New York, New York, United States

• Researched attack techniques to develop detection and prevention strategies globally.
• Led regularly scheduled collaborative hunts across security teams, and ran adversary simulations built off of the MITRE ATT@CK framework.
• Collaborated with both offensive and defensive teams to research the most effective detection use-cases.
• Led deception deployment within our environment.
• Reverse engineered malware for internal reports presented to C-level executives, and the Board.
• Researched PoC’s for new exploits, then ran them against our environment (in a VM replica) and submit findings for new use-cases.

Jun 2018 – Jul 2019 · 1 yr 1 mo · New York, New York, United States

• Part of a 3-person team tasked with performing physical penetration and network intrusion globally.
• Performed pre-attack reconnaissance against numerous locations and subsidiaries.
• Developed operations to evade detection sensors.
• Ran wireless recon with a Yagi antenna coupled with a WiFi Pineapple, pre-network attack.
• Configured and assembled custom Raspberry Pi devices for drops during ops.
• Performed ops using Wireless endoscopic cameras, GoPro cameras, ProxMark card reader/writers, LAN Turtles, USB Rubber Ducky, Bash Bunny, HackRF One, and lockpicks.

Feb 2017 – Jun 2018 · 1 yr 4 mos · New York, New York, United States

• Led oversight of Information Security incidents and drove collaboration among global business partners to engage communication, containment, and remediation efforts.
• Partnered with LoB leaders in Forensics, Threat Intelligence, Business Risk, and Incident Response to implement wide-ranging security controls, strategies, and designs for improvement of security posture while not stifling business goals; selected by BitDiscovery during its Stealth stage due my relationship, to be one of three testers.
• Proactively took charge and addressed security loopholes within the organization.
• Responsible for building Red Team/Blue Team relationships to identify, analyze, and catalogue IS risks and threats.
• Led WarGames across all teams, globally; BEC, Malware, Phishing, etc.

Aug 2014 – Feb 2017 · 2 yrs 6 mos · Greater New York City Area

• Senior Threat Intelligence Analyst, C-SIRT, Global Cyber Security & Fraud

Dec 2012 – Aug 2014 · 1 yr 8 mos · New York, NY

• IT Security, Digital Investigations & Incident Response

Jan 2011 – Dec 2012 · 1 yr 11 mos · New York, NY

• IT Security, Internal Audit, Risk & Compliance

Jan 2009 – Jan 2011 · 2 yrs · New York, NY

• Digital Investigations

Apr 2008 – Jul 2009 · 1 yr 3 mos · New York, NY

• Course Author SEC565 “Data Leak Prevention” and Advisory Board Member

Jan 2008 – Jan 2009 · 1 yr

• Digital Investigations and Physical Pen-Testing Consultant

Jan 2007 – Jan 2009 · 2 yrs

• Digital Investigations Consultant