About

Like I said before, I'm just a guy from Iowa who: is politically jaded; a big geek; likes Viking shit (but lets be absolutely clear here -- all Nazis can go fuck themselves); works in InfoSec; is a hobbyist malware RE; loves bourbon, grilling & smoking, and drinking bourbon while grilling & smoking.

Professional life

I attended college at both the University of Northern Iowa and the University of Iowa, graduating from the latter with a degree in Political Science. During college I worked on the 2006 Iowa Democratic Party Coordinated Campaign and spent the 2008 Iowa Caucuses with John Edwards for President.

After graduating I spent a year with AmeriCorpsVISTA in South Central Los Angeles. Specifically I did work with the volunteer program at a low income housing community operated by the County of Los Angeles.

When my year of being a VISTA was up I moved back to Iowa and worked for a prominent LGBT political non-profit.

When the non-profit downsized and eliminated my position I found myself working in the transportation and logistics industry. This really sucked.

In fact, it sucked so much I went back to school and earned a Bachelor of Science in Computer Science from Drake University. While back in school I happened upon an elective course on US federal cybersecurity policy and determined cybersecurity is that field I really wanted to work in.

After I graduated from Drake in 2016 I did professional web development for a few years while trying to break into cybersecurity.

I currently work in cybersecurity with a mostly Blue Team focus, but I love all things in the field. Except for vendor risk management. I have no interest in doing vendor risk management.

Personal life

I currently serves as Treasurer and Board Member of a small, volunteer run non-profit called the Des Moines Science Fiction & Fantasy Society, and have done a lot of volunteer work for the group since around 2015.

Since 2020 I've also been on the board of SecDSM, a Des Moines based citysec group, serving as Secretary.

I share a home with my partner and our two dogs. We like working on projects around the house, going to Science Fiction conventions, watching anime, playing board games, and having friends over for BBQ.

Education and Stuff

  • Political Science, B.A.

    University of Iowa, 2008

  • Computer Science, B.S.

    Drake University, 2016
  • Splunk Cloud Certified Admin
    Splunk, 2021
  • AWS Certified Security - Specialty
    Amazon Web Services, 2020
  • GIAC Reverse Engineering Malware (GREM)
    SANS Institute, 2019
  • Splunk Enterprise Certified Admin
    Splunk, 2019
  • AWS Certified Cloud Practitioner
    Amazon Web Services, 2019
  • Splunk Core Certified Power User
    Splunk, 2018
  • Splunk Core Certified User
    Splunk, 2018
  • Cyber Risk Management (CYB)
    The Institutes, 2018
  • Associate in General Insurance (AINS)
    The Institutes, 2018

Just a few of the topic areas I really like working with:

  • Security Orchestration, Automation and Response (SOAR)
    Writing playbooks, integrations, and playbook actions. Have experience with Siemplify and Splunk Phantom; various levels of exposure to IBM Resilient, Swimlane, D3, and Palo Alto XSOAR.
  • Security Incident and Event Management (SIEM)
    Splunk! And if I'm being honest really only Splunk. I won't count any of the other SIEM and logging solutions I've played around with. I'm pretty good at alert and detection engineering, reporting, hunting, and stuff like that. Pretty rusty when it comes to data onboarding. I'm ok at creating dashboards, because while we are being honest... how many of those dashboards get looked at after you create and share them out?
  • Incident Resposne
    Investigation, triage, containment, and remediation. Authoring IR plans and procedures. Leading tabletops. Stuff like that.
  • Endpoint Detection and Response (EDR)
    You know! That fun enterprise grade solution to malware that is installed on your workstation! I have a lot of experience configuring that, including allow lists, block lists, and configuring exclusions. Won't list the specific vendors I have experience with.
  • DNS filtering and Web Proxy
    Block lists, allow lists, bypasses, and all the other good stuff that goes into protecting a company from phishing, malware, and other threats. I also won't list these vendors.
  • Web Application Firewall (WAF)
    One of those boogyman topics that lots of people are afraid to try and implement because of all the things that can go wrong. :-) My experience is mostly centered around AWS WAF and running local WAFs on servers.
  • AWS and Azure/M365
    Speaking of AWS, I'd probably be in a lot of trouble if my partner knew how much money I spend playing around in my personal AWS. But I do also have experience working in Azure and M365, even if I've not pursued any Microsoft certifications yet.
  • Malware Analysis!
    My capstone project at Drake was teaching myself malware analysis. I focus mostly on Windows x86 malware. This isn't really a day job activity so much as a hobby. But sometimes I think it would be really fun to be a professional RE.