Cybersecurity & Automation Engineer

Specializing in SecOps and Endpoint Detection & Response (EDR). Proven expertise architecting and managing SentinelOne and CrowdStrike Falcon environments at massive scale.

Technical Skills

Endpoint Security
Automation (PowerShell/Python)
Cloud & Identity (Azure)
Infrastructure & Linux
Networking & Firewalls
Security Tooling

Detailed Competencies

  • Endpoint Security: SentinelOne (Multi-tenant), CrowdStrike Falcon
  • Automation: PowerShell (Advanced), Python, Bash, REST APIs
  • Cloud & Identity: Entra ID, Azure App Registrations, MS Graph
  • Infrastructure: Windows Server, Linux (RHEL/Debian), VMware
  • Networking: Syslog, VPNs, ACLs, VLANs, Firewalls
  • Tooling: Horizon3.ai, ThreatLocker, Splunk (Cribl)

Experience

Cybersecurity Engineer

Visual Edge IT

2025

Managed security operations for a massive fleet of ~17,000 endpoints, serving as the primary subject matter expert for EDR engineering and automation.

  • Administered multi-tenant SentinelOne EDR deployment (~17,000 endpoints, 700+ tenants), fine-tuning policies and reducing false positives.
  • Engineered custom PowerShell automation (SentinelOne AIO Toolkit) to standardize agent lifecycle management.
  • Partnered with SOC analysts to perform targeted tuning in SentinelOne and CrowdStrike, improving signal-to-noise.
  • Designed configurable network quarantine policies in SentinelOne using JSON syntax to maintain essential services.

Linux Systems Administrator

HardenedVPN LLC

2019 — 2024
  • Architected L3/L4 DDoS mitigation strategies leveraging Cloudflare Magic Transit.
  • Managed secure, distributed VPN infrastructure across 6 global locations.
  • Engineered host-level traffic control using iptables/nftables for granular rate-limiting.

Sr. Technical Support Advisor III

Apple Inc.

2014 — 2017
  • Provided Tier 3 support for macOS and iOS security-related issues.
  • Mentored junior advisors on escalated cases and technical consistency.

Projects

SentinelOne AIO Toolkit

Creator & Maintainer

Designed and shipped a one-touch S1 lifecycle tool that standardizes purge/install/rollback across heterogeneous Windows fleets. Used in production to recover endpoints broken by unstable agent builds.

PowerShellAutomationSentinelOne API

Home Lab Platform

Designer & Operator

Production-style home lab with MikroTik routing (10GbE), UniFi wireless, and RHEL/Windows infrastructure. Hosts 100+ TB storage and containerized security tooling for prototyping.

Rocky LinuxWindows ServerMikroTikDockerSplunk

NextgeNmap

Project Lead

Cross-platform GUI for Nmap using Python and Qt. Adds reusable scanning profiles and report automation, transforming XML output into human-readable HTML reports.

PythonQtNmapSecurity Tools

Certifications

CompTIA

Security Analytics Professional (CSAP)

Cybersecurity Analyst+ (CySA+)

Security+ (Sec+)

Microsoft

Azure Administrator Associate (AZ-104)

Security, Compliance, and Identity (SC-900)

AZ-900, DP-900

Education

Cybersecurity Bootcamp (Professional Education)

2023

Colorado State University / Fullstack Academy

Completed 36 CEUs (360 hours) of hands-on labs in network, host, and application security.

Ranked 1st in cohort Capture-the-Flag (CTF) competitions.