Download PDF

Work History

2015-11Current

Senior Application Security Consultant

Rapid7 - El Segundo, CA

Principal contributor to driving the managed security services at Rapid7 from a six figure revenue group to a seven figure revenue group within a single year.

Application security lead for managed services Rapid7 working to lead the group on tactics to assist enterprise and small business owners to deliver application security focused assessments

Created application security pipeline using Jira to track progress of customers throughout process

Created and maintained business logic testing framework to assess vulnerabilities/findings which are particularly difficult to identify

Grew team from two members supporting ~200 applications to four members delivering application security services for over 300 applications

Contributed to internal initiatives to expand services including phishing as a service and out-of-band vulnerability detection through a serverless architecture

2015-032015-11

Application Security Analyst

NBCUniversal, Inc - Studio City, CA

Worked as the primary application security analyst for NBCUniversals product portfolio of 100+ web applications and 200+ branded NBCUniversal mobile applications

Primary contributions to the NBCUniversal program included:

Establishing and delivering onboarding process for internal and external development groups. Required coordination across global partners and offices

Weekly high level automated reporting delivered to parent company Comcast along with trending and areas for improvement

Established baseline application vulnerability inventory across all web/mobile assets to initiate internal application security controls and best practices

Performed application security penetration testing on custom and new internal NBCUniversal applications

Worked with multiple internal groups to establish true secure development lifecycle with security checks at multiple points in process

Delivered through use of Veracode Dynamic and Static analysis tools/platform in addition to manual testing (BurpSuite/Arachni)

2014-112015-03

Application Security Analyst

Shift4 Corporation - Las Vegas, NV

Security analyst for a leading independent PCI security company.

Worked with developers to refine security checkpoints in the SDLC that are based on the industry credit card standards and best practices for security

Implemented static and dynamic analysis toolsets for developers including training and program guidance

2014-062014-11

Static Code Vulnerability Analyst

WhiteHat Security - Houston, TX

Whitehat Security focuses on scanning and identifying vulnerabilities of enterprise level web applications.

Primary job role included activities in the following areas:

- Build out static application sandbox testing area orchestrated with docker

- Contribute to the IAST portfolio of Whitehat Security from the static analysis informational sources to develop informed decisions on dynamic scan results and targeting

- Grew team from two people to four in less than six months with a 125% increase in customer base per person through efficiency improvements in workflows and knowledge databases

2014-052014-06

Software Developer

TX/RX Labs - Houston, TX

Internship developer working on front-end interfacefor 3d print tool-chain. Established design specifications for user interface. Prototyped application interface with Xamarin and Kivy frameworks.

2014-022014-04

Junior Developer

Coder Camps - Pearland, TX

 9 Week Intensive Bootcamp learning and implementing ASP.Net Technologies. Completed multiple projects using:

C#, HTML5, CSS, JQuery, and JavaScript Page3 AJAX, JSON, SQL, IIS, AngularJs ASP.NET MVC, Razor, Entity Framework, LinQ, Visual Studio, Team Foundation Server Object Oriented Design concepts, CRUD operations

2006-012014-01

Plant Operator

Elementis Specialties - Newberry Springs, CA

Worked variety of positions in a mining processing facility. This varied from Heavy Equipment Operator to Programmable Logic Technician.

Education & Certifications

20102015

Bachelors of Science Computer Information Science

Park University

Major: Software Engineering

20152015

OSCP

OS-101-05016
20152015

AWAE

BlackHat-2015

Advanced Web Attacks and Exploitation

20102010

PLC Technician Certificate

George Brown College