diff --git a/subfiles/experience/vermeer/appsec.tex b/subfiles/experience/vermeer/appsec.tex index 206cc2d..6ee6a78 100644 --- a/subfiles/experience/vermeer/appsec.tex +++ b/subfiles/experience/vermeer/appsec.tex @@ -2,14 +2,13 @@ \begin{document} \begin{itemize} \item Built and scaled Vermeer's DevSecOps program - \item Drove adoption of SAST, SCA, Secret Scanning, and other tools - \item Implemented security gates to enforce security-by-design - \item Configured automated fixes to improve security and reduce overhead - \item Audited and configured git repos using GitHub's API - \item Remediated hundreds of leaked secrets and vulnerabilities + \item Deployed SAST, SCA, Secret Scanning, and other tools + \item Enforced Security-by-Design through security gates and SLAs + \item Reduced developer toil by configuring automated security fixes + \item Automated git repo compliance using GitHub's API \item Pentested APIs, web applications, mobile apps, and embedded systems - \item Performed threat modeling for new products and features - \item Worked with Architects and Engineering Managers to standardize processes - \item Consulted for IT on architecture committee + \item Created threat models for numerous products + \item Standardized processes with Engineering Managers + \item Architecture committee member for IT development \end{itemize} \end{document} \ No newline at end of file diff --git a/subfiles/experience/vermeer/corpsec.tex b/subfiles/experience/vermeer/corpsec.tex index 4714a96..b225ec6 100644 --- a/subfiles/experience/vermeer/corpsec.tex +++ b/subfiles/experience/vermeer/corpsec.tex @@ -1,15 +1,14 @@ \documentclass[../../../main.tex]{subfiles} \begin{document} \begin{itemize} + \item Ransomware threat actors contained and eradicated post-foothold + \item Developed custom honeypots, incident response tools, and data analysis tools + \item Detection lab created and maintained for purple teaming + \item Used Detection-as-Code principles to write detections at scale \item Led investigations in high-pressure security events \item Mentored junior members of the SOC - \item Contained and eradicated multiple ransomware threat actors post-foothold - \item Wrote detections at scale using a detection-as-code approach - \item Built and maintained a detection lab environment \item Pentested APIs, web applications, embedded systems, and mobile apps - \item Worked with cross-functional teams to reduce workstation attack surface - \item Developed custom honeypots, incident response tools, and data analysis tools - \item Created CI/CD pipelines for custom tooling and detections-as-code - \item Administered security infrastructure on Linux and Windows systems + \item Administered security infrastructure such as BloodHound and Hashtopolis + \item Reduced workstation attack surface by working with cross-functional teams \end{itemize} \end{document} \ No newline at end of file