Jan 2019 – May 2022 · 3 yrs 4 mos · Los Angeles Metropolitan Area

• Designed new authentication/authorization mechanism to improve performance while breaking monolith into microservices.
• Provided guidance on secure implementation of event bus messaging system.
• Founded Red Team program – conducting multiple covert operations.
• Trained and mentored people to through GWAPT training program with 100% passing rate of GWEB certification.
• Redefined manual penetration testing process to improve reporting, bug tracking, repeatability, and efficiency.
• Worked as imbedded security presence within development teams, assisting them with designing secure solutions.
• Perform static and dynamic analysis of new & existing development efforts.
• Perform security architecture reviews of new development solutions.
• Review requested vendors security posture before company purchases licenses.

Feb 2018 – May 2018 · 3 mos · Greater Los Angeles Area

• Perform Vulnerability Assessments on web applications.
• Perform Security Architectural Design review of existing application and infrastructure.
• Perform Security Architectural Design review of new applications as they arise.
• Assist in Qualys vulnerability management across entire business.
• Update & streamline security posture questionnaires in order to make them more effective and easier to use by all business units.

Jul 2017 – Jan 2023 · 5 yrs 6 mos

• Axis Cyber Labs, North American cybersecurity and data consulting firm established in 2017, is on the mission to propel the advancement of cybersecurity awareness, education and to serve as a proactive force to counter cybersecurity threats and attacks in the digital era.
• The company provides education, training, and offers a complete suite of cybersecurity expertise, tools, and techniques to help safeguard proprietary and confidential business data and applications.
• We partner with our clients to evaluate and analyze the integrity of business infrastructure and explain vulnerabilities and cyber threats many individuals and companies are unwillingly exposed to every day.
• Axis Cyber Labs' vision and values stem from the founders’ inherent belief in fundamental human rights, and that integrity, privacy, and confidentiality of personal, financial, medical, or any other proprietary data must be governed and protected.
• Our team of cybersecurity experts specializes in penetration testing, vulnerability assessments, cybersecurity, and data consulting, as well as Cybersecurity awareness and education.
• We deliver a custom-tailored defense action plan for our clients and ensure compliance with industry standards.

Aug 2016 – Jan 2018 · 1 yr 5 mos · Greater Atlanta Area

• Build and maintain the internal manual application security-testing program.
• Manage projects from start to completion in order to allow teammates to work effectively.
• Create a perimeter defense program for all external facing web application through the use of offensive security techniques to actively patrol and monitor any application for weaknesses.
• Perform internal manual penetration testing assessments.
• Perform vulnerability scans as requested.
• Perform security architecture design reviews and propose suggestions for properly configuring applications and systems based on presented design concepts.
• Collaborate and improve relations with company development teams in order to better security posture and insure proper remediation of any found vulnerabilities.
• Remediation retesting to ensure that vulnerabilities found by third party testing was corrected.

Aug 2015 – Aug 2016 · 1 yr

• Perform accurate and precise real-time analysis and correlation of logs/alerts from a multitude of client devices with a focus on the determination of whether said events constitute security incidents
• Analyze and assess security incidents and escalate to client resources or appropriate internal teams for additional assistance
• Manage all customer interactions in a professional manner with emphasis on customer satisfaction
• Handle clients requests and questions received via phone, e-mail, or an internal ticketing system in a timely and detail-oriented fashion in order to resolve a multitude of information security related incidents
• Interact with, configure, and troubleshoot network intrusion detection devices and other security systems via proprietary and commercial consoles
• Utilize internal guidelines in order to properly handle client requests and questions

Sep 2013 – Sep 2015 · 2 yrs

• Write plug-ins and XML Transforms to create new data feeds for consumption by multiple NBA sports outlets including: NBA.com, TNT, and NBA Digital. I have recently been put in charge of a project to create a proof of concept application that will read data from a supplied PDF file and transform it into an XML feed for later consumption. I am also working on another project to make use of new technology that will document athlete locations on a basketball court and allow for speculative analysis such as if he should have gotten a rebound or blocked a shot.

Jan 2011 – Sep 2013 · 2 yrs 8 mos

• Create new and modify existing JSP pages to improve functionality and usability both on the client and support side. Supporting end-user functionality issues with applications involving J2EE, JSP pages, or Javascript errors. Assisted in running a penetration test using the Backtrack operating system. We tested for data encryption during transmission as well as for SQL injection, cross-site scripting vulnerabilities, as well as proper user data sanitation using the various tools provided on the operating system to identify vulnerabilities in the iNexx platform, featured applications, and related servers to insure HIPPA compliance and security of patient record transmission between a hospital and doctors office as well as between doctors offices.
• Achievements:
• Identified critical errors in production code that could have potentially lead to customers across the country and applied a fix before the issue became widespread.
• Identified compatibility issues between versions of code that could have lead to issues across one state.
• Created web pages that assisted the support team in identifying minor bugs.
• Created web pages that eased the workload on the support team, allowing them to automate job duties.
• Create and implement new workflow processes to streamline support procedures and improve the customer experience.
• Created client facing Support page to allow for easy submission of trouble tickets as well as allow clients to request and start a remote support session.
• Helped to identify security issues during penetration tests of company applications and servers.

Jan 2010 – Jan 2010 · 0 mo