Professional Summary
Cybersecurity analyst with hands-on experience in incident response, vulnerability research, and security operations within a defense contractor environment. Passionate about offensive security and actively training toward a career in penetration testing. Proven ability to operate within structured enterprise security programs, contribute to threat triage and tool procurement, and deliver research presentations to senior government stakeholders.
Experience
Information Assurance Analyst
Leonardo DRS — February 2025 – Present
Member of the Cyber Emergency Readiness Team (CERT) responsible for protecting enterprise systems across a defense contractor environment.
- Perform incident response and triage on emerging threats following the PICERL process, with full documentation at each phase
- Conduct vulnerability research across the Active Directory environment and coordinate with IT to remediate discovered vulnerabilities — including disabling LLMNR across the organization
- Investigated potential copycat phishing domains via OSINT using Phishlabs; triaged and reported suspicious contact and phishing email campaigns
- Reviewed ZScaler traffic reports to identify shadow IT, iCloud data exfiltration, and unauthorized file sharing; presented findings to the CISO
- Utilize industry-standard monitoring tools including Splunk, SentinelOne, Proofpoint, and the Microsoft Defender suite
- Assist with the evaluation, selection, and procurement of new cybersecurity tools
Cybersecurity Analyst Intern
Leonardo DRS — June 2024 – February 2025
- Performed incident response on emerging threats as a member of the CERT, following established playbooks, runbooks, and incident response procedures
- Conducted incident analysis using SIEM platforms including Carbon Black, Proofpoint, Splunk, and the Microsoft Defender suite
- Identified vulnerabilities within the organization and collaborated with IT on remediation efforts
- Gained hands-on experience with corporate security structure, acceptable use policies, and documentation standards
Education
Bachelor of Science in Information Technology
Miami University — College of Liberal Arts and Applied Science
- Concentration: Networking and Security
- Thematic Sequence: Organizational Leadership
- GPA: 3.32 / 4.0
Certifications & Training
| Certification | Organization | Earned | Expires |
|---|---|---|---|
| CompTIA CySA+ | CompTIA | Dec 2025 | Dec 2028 |
| CompTIA Security+ | CompTIA | Jul 2024 | Jul 2027 |
| Practical Ethical Hacking | TCM Security | — | — |
| Blue Team Foundations | Black Hills Information Security | — | — |
| Attack Emulation Tools (Atomic Red Team, CALDERA) | Black Hills Information Security | — | — |
In Progress:
- HTB Certified Penetration Testing Specialist (CPTS) — via HackTheBox Penetration Tester Learning Path
Technical Skills
Security Operations Incident Response (PICERL), Vulnerability Research, Threat Triage, OSINT, Phishing Analysis, Active Directory Security, Shadow IT Detection
Security Monitoring Splunk, SentinelOne, Proofpoint, Microsoft Defender Suite, Carbon Black, ZScaler, Phishlabs
Penetration Testing Burp Suite, Metasploit, Nmap, Responder, Mitm6, ntlmrelayx, Mimikatz
Attack Techniques LLMNR Poisoning, SMB Relay, IPv6 DNS Takeover, Kerberoasting, OWASP Top 10, Service Exploitation
Scripting & Automation Python, Bash
Infrastructure Linux (Kali, Ubuntu), Windows Server, Active Directory, DNS, WireGuard/VPN, Self-hosted services
Projects
Study Abroad: Computers and the Homeless
Miami University — Manchester, England
- Month-long study abroad focused on providing technology access to the homeless population
- Collaborated with Lifeshare, a nonprofit organization delivering internet literacy programs
- Wrote a Python script to perform web accessibility checking and suggest fixes, integrated with the ChatGPT API
- Established and delivered a pitch presentation for a collaboration platform to the Lifeshare client
Diplomacy Lab
Miami University × U.S. Department of State
- Research project and virtual presentation delivered to the U.S. Department of State
- Presented to over a dozen members across IT and security divisions on the use of Artificial Intelligence in voice phishing (vishing) attacks
- Covered practical threat vectors, real-world attack scenarios, and defensive recommendations
Capture the Flag Competitions
- SANS NetWars — Placed 15th out of 90 competitors
- HackTheBox Cyber Apocalypse 2025 — Placed 705th out of 8,130 teams
- Active on HackTheBox, completing penetration tests across machines with diverse OS and service configurations
Penetration Tester Learning Path (In Progress)
HackTheBox
- Completing the comprehensive Penetration Tester path on HackTheBox
- Covers Active Directory attacks, web application testing, network pivoting, post-exploitation, and professional reporting
- Directly prepares for the HTB Certified Penetration Testing Specialist (CPTS) certification
Home Lab
Self-hosted infrastructure running on a Raspberry Pi and VPS, built and maintained entirely independently.
- Deployed and manage a Jellyfin media server, Pi-hole DNS sinkhole, n8n automation platform, and Headscale VPN coordination server
- Configured Tailscale exit node routing through Mullvad VPN via WireGuard for privacy-preserving remote access
- Built an automated vulnerability alerting pipeline using n8n that monitors for CVEs affecting lab services and delivers alerts via Signal
- Runs this website (cadenrasey.com) and a public knowledge base (notes.cadenrasey.com) from personal infrastructure
Links
- LinkedIn: linkedin.com/in/caden-rasey
- GitHub: github.com/whamram
- HackTheBox: app.hackthebox.com/profile/overview
References available upon request