Experience
Red Team Lead
F500 Manufacturing Company [CONFIDENTIAL]
March 2024 - Present
- Leads offensive security efforts to identify weaknesses in monitoring and alerting systems
- Implements ongoing, repetitive regression testing of security controls
- Assisted with implementing canary tokens and other intrusion detection capabilities
- Works with Active Directory and Entra teams to identify and mitigate account takeover techniques including ADCS, token theft, credential relaying, amongst others
- Supports zero trust initiative testing and validation
- Provides EDR configuration and implementation guidance
Director of Cyber Security
Skolem
December 2021 - March 2024
- Led comprehensive cybersecurity program for a DeFi trading and accounting platform
- Implemented robust security measures including EDR, application allowlisting, and log monitoring
- Developed and conducted security awareness training programs
- Managed Digital Forensics and Incident Response (DFIR) initiatives
- Implemented zero-touch deployment for endpoints
Red Team Founding Member and Technical Lead
Principal Financial Group
January 2019 - June 2022
- Led the development of Principal Financial's internal Red Team
- Established team documentation, reporting, and operational procedures
- Designed and managed Command and Control (C2) and payload delivery infrastructure
- Coordinated tabletop exercises and purple team events
Red Team Founding Member
Northern Trust Corporation
July 2015 - December 2018
- Established threat intelligence-driven attack methodologies to evaluate cybersecurity defenses
- Designed and managed Red Team infrastructure, including C2 servers and endpoint images
- Led post-exploitation and exfiltration operations for realistic threat simulation
- Created malleable C2 profiles for enhanced threat replication and defense evasion
- Built and supervised specialized password cracking infrastructure
Sr. Penetration Tester and Manager
Plante Moran, PLLC
October 2010 - July 2015
- Achieved complete Active Directory compromise at over 100 financial institutions
- Revamped penetration testing methodology, tooling, and reporting procedures
- Implemented specialized attack paths targeting AD, physical security, and social engineering
- Developed custom internal security assessment tools for the consulting team
- Led knowledge sharing program to improve team-wide offensive security capabilities
President
SMB IT Solutions
February 2010 - November 2010
- Founded and led IT consultancy specializing in open source business solutions
- Implemented server platforms and remote support systems for SMB clients
Systems Administrator
Plante Moran, PLLC
2006 - February 2010
- Managed systems administration, LDAP, and enterprise virtualization initiatives
- Designed disaster recovery systems that led to the creation of Linbit's DRBD-Proxy product
- Developed encrypted portable file server with cellular routing and snapshot capabilities
Community Involvement
Passionate contributor to the information security community. Frequent volunteer for Midwest information security conferences, with the goal of helping to teach, share, and support fellow infosec practitioners.
Volunteered across notable security conferences and projects demonstrating a long-standing commitment to the industry:
- Cobalt Strike Beta Tester (Feb. 2012+)
- BSides Chicago (2012-2016)
- BurbSec Core Staff (2013-2024)
- Hak4Kidz (2015-2019)
- CircleCityCon NOC (2014-2019)
- CircleCityCon CTF (2018-EOL)
- Blue Team Con CTF (2022+)
- BSides312 (2024+)
Presented at academic forums, hacker conferences, and financial industry leadership conferences on topics including Red Team business integration, communication effectiveness and strategies for offensive security teams, and technical benchmarks, metrics, and reporting for Red Teams.