Add to collection(s) Add to saved
  1. No category
Uploaded by Johnny Dang

resume-template

advertisement 
Firstname Lastname
(111) 111-1111 | youremail@domain.com
@shellsharks on Twitter | Research @ https://shellsharks.com
Linkedin: https://www.linkedin.com/in/mikesass/
Highly trained cybersecurity professional with extensive technical experience (10+ years), specializing in
application security, automation/DevSecOps, penetration testing, offensive security engineering, cloud
security, vulnerability management and applied mathematics. Background includes multiple industries everything from federal to financial to non-profit and for organizations that range from startup to Fortune
150 Big Tech.
Career highlights include:
• Highly experienced Application Security Engineer and trusted partner of software development teams
everywhere. Full-scope application security program development and career practitioner in the art of
AppSec web security assessments, penetration testing, code review and threat modeling.
• Leverages scripting (mostly Python) to solve security scaling challenges, advance security maturity and
achieve principles of DevSecOps.
• Built and led multiple organization-wide Vulnerability Management (VM) programs - everything from
architecture to engineering to analysis & automation.
EDUCATION:
MS Cybersecurity, Johns Hopkins University (2020)
BS Information Security, University of Mary Washington (2012)
CERTIFICATIONS & TRAINING:
OSCP | GXPN | CISSP | GREM | GRID | AWS Security | GAWN | eCPPT | CEH | GCPN | GWAPT |
GSEC | GCIH | GMOB | GPYC | GPEN | GEVA | GSOC | AWS Architect | Sec+
WORK EXPERIENCE:
Jan 2020 - Present
·
·
·
Company
City, State
Security Engineer
Performs security assessments and penetration testing against third-party/vendor applications.
Conducts threat modeling using a variety of methodologies - STRIDE, PASTA, OCTAVE, etc…
Performs risk reviews/assessments for third-party/vendor systems
Nov 2018 - Jan 2021
·
·
·
Company 2
City, State
Security Engineer
Leads Red Team engagements, leveraging a variety of tools such as Cobalt Strike and Powershell
Empire, to perform adversary emulation, test effectiveness of organizational security controls and
evaluate incident response protocols
Develops/engineers cloud-resident infrastructure leveraging CloudFormation and AWS suite
Performs network, web-application and cloud-based (AWS) penetration testing, leveraging tools
such as Metasploit, Core Impact and other assorted utilities typically found within Kali Linux
SKILLS SUMMARY:
• Application Security : DAST, SAST, SCA, Burp Suite Pro, AppScan, Veracode, Checkmarx, Fortify
• Threat Modeling : Microsoft Threat Modeling Tool, STRIDE, PASTA, DREAD
• Scripting, Automation & DevSecOps : Python, Java
• Penetration Testing : Kali, Metasploit, OSINT
• Red Teaming : Cobalt Strike, Empire
• Cloud Security + Architecture : AWS, CloudFormation
• Vulnerability Management : Tenable, Nessus, Qualys, Twistlock, Prisma Cloud
• Reverse Engineering : IDA Pro, Volatility
Related documents
Partik Resume (1)
Partik Resume (1)
Speech Contest Summary of Speech - Irah
Speech Contest Summary of Speech - Irah
Executive Level Security Caliber Security Partners is a different kind
Executive Level Security Caliber Security Partners is a different kind
test
test
Cybersecurity announcement
Cybersecurity announcement
AWS Training & Certification - Certificate of Completion
AWS Training & Certification - Certificate of Completion
u6uj6u)
u6uj6u)
aws-certified-devops-training-1
aws-certified-devops-training-1
19-Best-Practices-Amazon-Cloud
19-Best-Practices-Amazon-Cloud
Kali Linux Advanced Methods and Strategies to Learn Kali Linux
Kali Linux Advanced Methods and Strategies to Learn Kali Linux
Web Penetration Testing with Kali Linux
Web Penetration Testing with Kali Linux
kalilinux2018 assuringsecuritybypenetrationtesting
kalilinux2018 assuringsecuritybypenetrationtesting
Download
advertisement