You are on page 1of 2

LEONTRAPPETT

161SamGatesRd.
OgdenUT84404
8016957575

Email:
ltrappett@gmail.com

Twitter:
@lokutakathepcn3rd
Site:
thepcn3rd.blogspot.com
LinkedIn:
linkedin.com/in/infosecpassion

Experience

SilentBreakSecurity,PleasantGrove,UT
SeniorSecurityConsultant
4/2016toCurrent

HiredtoManageanAdaptiveEndpointMonitoringServiceforPotentialClients

CreatedanArchitecturetoManagetheAdaptiveEndpointMonitoringServicethroughPHP,MySQL,Python,JSON,Grok
Patterns,CentOS,Windows7/10,ElasticSearch,Logstash,Graylog,Filebeat,CbAPI,andGraylogAPI

UtilizedCarbonBlack(Cb)ResponderAdministratorTraining,CbResponderAdvancedAdministratorTraining,and
ResponderAdvancedAnalystSkillsTrainingastheyappliedtoEndpointMonitoringandtheArchitectureCreated

ImplementedmethodstoutilizetheCbAPItogatherinformationandsenditthroughFilebeattoaGraylogServerviaTLS

WentthroughandlearnedfromthecourseandmaterialofDarkSideOps:CustomPenetrationTestingcoursetaught
exclusivelybySilentBreakSecurity

GalileoProcessing,SaltLake,UT
SeniorSecurityEngineer
10/2015to4/2016

Automatedaverymanualprocesstoconductquarterlyvulnerabilityscanning.Iutilizedpythontocapturepackets,
conductnmapscans,createthroughtheNessusAPIscansforthesubnet,andverifyaccesscontrollistsweresetup
properlythroughtestingofthecurrentsubnetgoingtootherinternalsubnets.

ConducedtheannualPCIInternalPenetrationTestwhichledtoimprovingthesecuritypostureinSoftwareDevelopment,
EndpointManagementutilizingGPO,disablingNetBIOSandLLMNR,andawarenessofCurrentThreats

UtilizedPythonandtheNessusAPItogeneratereportsandprovidebettervisibilitywiththeinformationcollectedduring
theQuarterlyvulnerabilityscans,rescansandadhocscansthatwereconducted

Created/ModifiedprovidedThreatSTOPscriptstopullthreatintelligencefeeds,inputthemintoCiscoASAFirewalls,and
allowformonitoringoftheIPAddressesinthefeedsintheeventaclient'sIPaddresswaslisted

CreatedreportsinSplunktoidentifymalwarebeacons,interestingactivityinwebproxylogs,antivirus,andreportsto
meetPCIcompliance.AlsoreceivedtrainingandimplementedSplunkEnterpriseSecurity
WorkedwithWindowsServer2008/2012,Windows7,OracleLinux,OracleDB,VMWareESX/ESXi,multipleCisco
devicesASA/UCS/Nexus/ESA/WSA,FireEye,NetScoutandthethemonitoringoftheminaSplunkSIEM

LDSBusinessCollege,SaltLake,UT
AdjunctFacultyInformationTechnologyBasedonContract
1/2016to4/2016

TaughtIT220RiskAnalysis&Governancethisisanewclasstheyhaveaddedtothecurriculum.
AssistedindevelopingthecurriculumforIT220asamemberoftheAdvisoryCommitteeasLDSBusinessCollege

Courseisbasedonstudentslearningandunderstandingthetop20CriticalSecurityControls,KillChainAnalysis,Risk
Analysis,andthegovernancebasedoncompliancetoprivateandgovernmentcompliance(GLBA/PCIandothers)

BankofUtah,Ogden,UT
ITSecurityOfficer
3/2007to2/2009and11/2011to10/2015

CoordinatedandwasprojectleadforRiskAssessments,RiskManagementandMitigation,OversightofVendors/Service
Providers,BusinessContinuity,IncidentResponseasitappliestoGLBAandotherstateandfederalregulations
CreatedmoreefficientmethodstoconductandmaintainaBusinessImpactAnalysis,BusinessContinuityPlansand
Managingover750vendorsbybuildingacollaborativewebbasedapplicationinPHPwithaMySQLdatabase
SolvedcriticalandtimesensitiveprojectsinvolvingeDiscovery,networkforensics,incidentresponse,businesscontinuity
andmanyotherprojects
Identifiedmultiplevulnerabilitiesinwebapplications,storageofsensitiveinformation,andwindowsgrouppolicyWorked
closelywithITStaffandvendorstofixormitigatethem
WorkedwithWindowsServer2003/2008/2012,WindowsXP/Vista/7,Linux,AS/400,iSeries,VMWareESX/ESXi,many
Ciscodevices,mobiledevices,andthetheintegrationofthemintoaSIEM

WeberStateUniversity,Ogden,UT
AdjunctFacultyComputerScienceBasedonContract
5/2008to12/2015(7Semestersduringthistimeframe)

TaughtSpringof2013,2014,2015SecurityVulnerabilitiesandAttackPrevention(CS4740),Fallof2009andSummer
2008ComputerArchitectureforSecurityAssurance(CS3840),Summerof2009LinuxSystemAdministration,andFallof
2008AdvancedNetworking(CS3705)withemphasisonprotocolanalysis
CoordinatedandcommunicatedsuccessfullywithstudentstoaccomplishmanyprojectsusingVMWareESXi,WinHex,
WindowsServer2003/2008,Helix(LinuxForensicsDistro),Backtrack/Kali(LinuxNetworkAdministrationandSecurity
Distro),Wireshark,Metasploit,JohntheRipper,Pythonscripting)
IntheSpringof2013workedwithstudentstoconductasecurityassessmentofalocalcompanywheretheysuccessfully
wereabletodeliverawellwrittenreportoftheirfindingsandrecommendations
DemonstratedtostudentshowtoanalyzemajorprotocolsinclusiveofBGP,OSPF,SMTP,HTTP,FTP,SpanningTree,
SNMP,TerminalServices,andmanyothers
DemonstratedtostudentshowtoanalyzethebinaryofFAT12,FAT16,FAT32,NTFS,EXT2,andEXT3filesystems

ImagingManagement,Murray,UT
NetworkAdministrator11/2009to11/2011

ImplementedCisco2900seriesroutersandCisco5500firewallsatthreenewlocationsandupgradedtwolocations

ImplementedacompleterolloutofexternalandinternalmonitoringsystemsusingNagios,aninternalsyslogserver
utilizingSplunk,acomputerinventorysystemusingOCS,aCompelentSAN,andahelpdesksystembasedonosTicket

Maintainingnetworkconnectivity,windowsgrouppolicies,awindowssoftwareupdateserver,andKaspersky/Sophos
AntiVirusforover70serversand220workstations

ImplementedandwastheadminformaintaininganEmailSystembasedonZimbra(atthetimewasownedbyVMWare)

Createdmultiplebashscriptstoimplementadditionalfunctionstothehelpdesksystem,aphysiciansforum,backups
usingrsyncformultiplelinuxservers,mysqldatabasedumps,andavarietyofreportssentfrominformationgathered

Education
SANSGIACInformationSecurityProfessional#2620

WeberStateUniversity
BachelorsofScienceinComputerScienceemphasisinNetworkSecurityandAdministration
MinorinTelecommunicationsBusinessEducation
DegreeGPA:3.6(Graduatedwithcumlaudestatus)

GreatITSecurityBooksIHaveReadandRecommend

BlackHatPythonPythonProgrammingforHackersandPentestersbyJustinSeitz
ViolentPythonACookbookforHackers,ForensicAnalysts,PenetrationTesters,andSecurityEngineersbyTJOConner
CISSPAllinOneExamGuideSixthEditionbyShonHarris
SQLInjectionAttacksandDefensebyJustinClarke
GrayHatHackingTheEthicalHackersHandbookbyHarper,Harris,Ness,Eagle,Lenkey,Williams
AdvancedPenetrationTestingforHighlySecuredEnvironments:TheUltimateSecurityGuidebyLeeAllen
TheWebApplicationHackersHandbookSecondEditionbyDafyddStuttardandMarcusPinto
MetasploitThePenetrationTestersGuidebyDavidKennedy,JimOGorman,DevonKearns,andMatiAharoni
PracticalMalwareAnalysisThehandsOnGuidetoDissectingMaliciousSoftwarebyMichaelSikorskiandAndrewHonig
ThePracticeofNetworkSecurityMonitoringRichardBejtlich
CountdowntoZeroDayStuxnetandtheLaunchoftheWorldsFirstDigitalWeapon,KimZetter
SpamNation,ThisInsideStoryofOrganizedCybercrimeFromGlobalEpidemictoyourFrontDoor,BrianKrebs
TheArtofMemoryForensicsDetectingMalwareandThreatsinWindows,LinuxandMacMemory,Ligh,Case,Levy,Walters

Other

InvitedtoandattendedaUSCyberChallengeCyberCamphostedatSanJoseStateUniversityin2012,2013,2014
WorkedwithKarenEvans,NationalDirectoroftheUSCyberChallengeandcohostedtheabove2015campinUtah.
Activeparticipantinuscyberquests.orgsinceFebruary2012
ThreatspaceonlineCTFinAugustof2012Took1stPlace,announcementwaspostedviaTwitter
CurrentmemberoftheIndustryAdvisoryCommitteeforWeberStateUniversityComputerScienceDepartmentandLDS
BusinessCollegeInformationTechnologyDepartment