~/ 
whoami

>

[ 01. PROFESSIONAL_SUMMARY ]

Cybersecurity professional with a decade of experience bridging the gap between system administration and offensive security. Expert in scaling security operations, having successfully implemented vulnerability management programs for two major organizations and automated 250+ critical infrastructure tasks. Specialized in AWS cloud auditing and deep-dive technical assessments, backed by several industry credentials including CISSP, CCSP, and GXPN.

[ 02. EXPERIENCE_LOG ]

Senior Application Security Analyst
Credit Acceptance // March 2023 — Present

Executing deep-dive security assessments for custom/commercial applications. Engineered organizational Kubernetes security standards and developed mission-critical KPIs to drive the maturation of the application security lifecycle. Lead threat modeling and architecture reviews for complex system integrations.

Cloud Security Engineer
Credit Acceptance // August 2021 — March 2023

Architected security controls for 3,000+ multi-cloud resources (AWS, Azure, OCI). Implemented Prowler for automated CIS compliance across 20+ AWS accounts. Developed 25+ IR playbooks and acted as Lead Incident Responder for all cloud-based security events.

Application Security Analyst
Credit Acceptance // November 2020 — August 2021

Conducted 25+ security assessments and integrated SAST (SonarQube) into CI/CD pipelines for 15+ dev teams. Developed a standardized assessment framework that reduced audit turnaround time by 20%.

Systems Administrator
Michigan Schools & Gov Credit Union // April 2015 — November 2020

Maintained 99.999% availability for core banking systems. Orchestrated the deployment of Rapid7 InsightVM/IDR across 1,500 endpoints. Optimized organizational efficiency by automating 250+ manual processes. Directed disaster recovery (DR) architecture for core financial infrastructure.

Systems Operations Specialist
Michigan Schools & Gov Credit Union // May 2014 — April 2015

Operationalized efficiency by redesigning 50+ manual workflows. Served as technical lead for Symitar core banking support and infrastructure hardware lifecycle projects.

Technical Support Specialist
Extra Credit Union // September 2013 — May 2014

Managed GFI Cloud deployment for 500+ endpoints. Orchestrated enterprise-wide migration of 200+ systems from Windows XP to Windows 7.

[ 03. ACADEMIC_HISTORY ]

M.S. Information Security Engineering
SANS Technology Institute // November 2022
M.S. Information Technology Management
Western Governors University // July 2019
B.S. Cybersecurity and Information Assurance
Western Governors University // June 2018

[ 04. VULNERABILITY_DISCLOSURES ]

[CVE-2021-38602] PluXML v5.8.7 — Stored Cross-Site Scripting (XSS)
[CVE-2021-38603] PluXML v5.8.7 — Stored Cross-Site Scripting (XSS)

[ 05. SKILLS_MATRIX ]

Application Security: SAST/DAST Integration, SonarQube, Security Assessment Frameworks, Kubernetes Hardening, CI/CD Pipeline Security, Burp Suite Professional, Zaproxy
Cloud Security & Audit: AWS (Multi-account), Azure, Oracle Cloud (OCI), Prowler, CIS Benchmark Auditing, Cloud Security Posture Management (CSPM)
Security Architecture & Ops: Threat Modelling, Security Architecture Review, Incident Response Playbooks, Vulnerability Management (InsightVM/Qualys), KPI Development
Offensive Security & Research: Exploit Research (CVE Discovery), Metasploit, Nmap, SQLMap, Impacket, John/Hashcat, Directory Brute-forcing (Gobuster/Dirsearch)
Automation & Engineering: Python, PowerShell, Bash Scripting, System Hardening (Windows/Linux), Active Directory, Docker, Kubernetes

[ 06. VALIDATED_CREDENTIALS ]

EXTERNAL SECURE RECORDS IDENTIFIED...

[ VIEW_FULL CERTIFICATION_MANIFEST ]

[ 07. PUBLICATIONS ]

> Is Your Cloud Environment Secure? How Do You Know? — SANS Institute (2022)

[ 08. KEY_ACHIEVEMENTS ]

> GIAC Advisory Board Member — 2020
> National Cyber League (NCL) Fall 2021: Ranked 66/6,480 (Individual) and 18/3,910 (Team)
> National Cyber League (NCL) Spring 2021: Ranked 81/4,180 (Individual) and 7/922 (Team)
<< RETURN_TO_ROOT