Resume

Professional Summary

Table of Contents

Cybersecurity analyst with experience in incident response, vulnerability research, and security operations within a defense contractor environment. Passionate about offensive security and actively training toward a career in ethical hacking. Proven ability to operate within structured enterprise security programs, contribute to threat triage and tool procurement, and deliver research presentations to senior government stakeholders.

Experience

Information Assurance Analyst — Leonardo DRS

February 2025 – Present

Member of the Cyber Emergency Response Team (CERT) responsible for protecting enterprise systems across a defense contractor environment.

  • Perform incident response and triage on emerging threats according to the PICERL response process, including documentation in a case management platform, as a member of the Cyber Emergency Response Team (CERT)
  • Perform vulnerability research and security testing on potential threats in our Active Directory environment, working with the IT team to mitigate discovered vulnerabilities
  • Utilize industry-standard security monitoring tools such as Splunk, SentinelOne, Proofpoint, and the Microsoft Defender suite
  • Assist with the evaluation, selection, and procurement of new security tools
  • Develop automation initiatives for the CERT including automated vulnerability alerting to our case management platform and facilitating communication between two different case management platforms to consolidate triage and metrics

Cybersecurity Analyst Intern — Leonardo DRS

June 2024 – February 2025

  • Performed incident response on emerging threats as a member of the CERT, following established playbooks, runbooks, and incident response procedures
  • Conducted incident analysis using security monitoring platforms including Proofpoint, Splunk, and the Microsoft Defender suite
  • Identified vulnerabilities within the organization and collaborated with IT on remediation efforts
  • Gained hands-on experience with corporate security structure, acceptable use policies, and documentation standards

Certifications & Training

  • Certifications
  • Courses
CertificationOrganizationEarned
Cybersecurity Analyst+ (CySA+)CompTIADec 2025
Security+CompTIAJul 2024
Practical Ethical Hacking (PEH)TCM SecurityJan 2023

In Progress:

  • HTB Certified Penetration Testing Specialist (CPTS) — HackTheBox
CourseOrganization
Blue Team FoundationsBlack Hills Information Security
Cisco CCNA 200-301 - The Complete Guide to Getting CertifiedUdemy
Python 101 for HackersTCM Security

In Progress:

  • Penetration Tester Learning Path — HackTheBox

Education

Bachelor of Science in Information Technology — Miami University College of Liberal Arts and Applied Science — 2024

  • Concentration: Networking and Security
  • Thematic Sequence: Organizational Leadership

Projects

Security Research & Initiatives

  • Independently researched and identified gaps in coverage for Active Directory attack vectors including LLMNR/NBTNS poisoning and IPv6 DNS takeover via DHCPv6 spoofing
  • Collaborated with IT to implement Group Policy changes and configuration hardening to mitigate discovered vulnerabilities
  • Stood up new automation initiatives including alerting on new vulnerabilities for monitored software in our case management platform and facilitating communication between various platforms to centralize case management
  • Stood up new process for monitoring, assessing, and taking down spoofing domains
  • Crawled company website to identify employee email addresses to identify attack surface following a phishing incident
  • Performed security testing with offensive tools to assess alerting and assist with detection engineering

Home Lab

Self-hosted infrastructure running on a Raspberry Pi and VPS, built and maintained entirely independently.

  • Deployed and managed a multitude of services on a Raspberry Pi home server including this website, a documentation site linked to my obsidian notes, an Authelia IAM server, Pi-hole DNS sinkhole, a Jellyfin media server, the n8n automation platform, AI infrastructure with a Web UI, and a Headscale (Tailscale) VPN coordination server
  • Implemented network segmentation and monitoring with separate LANs and vLANs for the home server network, work network, and general home network using a firewall appliance
  • Built an automated vulnerability alerting pipeline using n8n that monitors for CVEs affecting home lab services and delivering alerts via email and Signal
  • Performed periodic security assessments and penetration tests on home infrastructure to improve security practices

Capture the Flag Competitions

  • SANS NetWars — Placed 15th out of 90 competitors (top 17%)
  • HackTheBox Cyber Apocalypse 2025 — Placed 705th out of 8,130 teams (top 9%)

Penetration Tester Learning Path (In Progress) — HackTheBox

  • Completing the comprehensive Penetration Tester path on HackTheBox
  • Covers Active Directory attacks, web application testing, network pivoting, post-exploitation, and professional reporting
  • Directly prepares for the HTB Certified Penetration Testing Specialist (CPTS) certification

HackTheBox Labs

  • Ranked Professional on the HackTheBox platform
  • Aim for continuous improvement in offensive security by attacking HTB boxes
  • Actively participate in HTB seasons

Miami University

Study Abroad: Computers and the Homeless

Manchester, England

  • Month-long study abroad focused on providing technology access to the homeless population
  • Collaborated with Lifeshare, a nonprofit organization delivering internet literacy programs
  • Wrote a Python script to perform web accessibility checking and suggest fixes, integrated with the ChatGPT API
  • Established and delivered a pitch presentation for a collaboration platform to the Lifeshare client

Diplomacy Lab — Miami University × U.S. Department of State

  • Research project and virtual presentation delivered to the U.S. Department of State
  • Presented to over a dozen members across IT and security divisions on the use of Artificial Intelligence in voice phishing (vishing) attacks
  • Covered practical threat vectors, real-world attack scenarios, and defensive recommendations

Technical Skills

Security Operations Incident Response (PICERL), Vulnerability Research, Vulnerability Management, Threat Triage, OSINT, Phishing Analysis, Active Directory Security, Shadow IT Detection, Penetration Testing

Security Monitoring Splunk, SentinelOne, Proofpoint, Microsoft Defender Suite, ZScaler, Phishlabs

Enumeration & Reconnaissance Nmap, Gobuster, ffuf, Feroxbuster, Nikto, enum4linux-ng, smbclient, smbmap, ldapsearch, Wireshark, theHarvester, CeWL, Shodan, Amass, dnsrecon, WhatWeb

Exploitation Burp Suite, Metasploit, MSFVenom, Responder, Mitm6, ntlmrelayx, Impacket Suite (secretsdump, psexec, wmiexec, smbexec), NetExec, Hydra, Evil-WinRM, SQLMap, Netcat, Socat

Post-Exploitation Mimikatz, Rubeus, Kerbrute, Hashcat, John the Ripper, linPEAS, winPEAS, Chisel, Ligolo-ng, Proxychains, BloodHound

Attack Techniques LLMNR/NBTNS Poisoning, SMB Relay, IPv6 DNS Takeover, Kerberoasting, AS-REP Roasting, Pass the Hash, Pass the Ticket, Password Spraying, Credential Dumping, Web Shells, OWASP Top 10

Scripting & Automation Python, Bash, PowerShell, n8n

Infrastructure Linux (Kali, Ubuntu, Arch), Windows Server, Active Directory, DNS, Nginx, Apache, Docker, Git, WireGuard/VPN, Tailscale/Headscale, Always-on agents (Hermes Agent)

References available upon request