Profiles search

Mack J.

Cybersecurity Engineering | Python | Go | OWASP | Nmap | Nessus | Burp Suite | Qualys | Kubernetes | Ansible | Docker | Automation | GitLab | Splunk | GRC | Windows | MacOS | Linux | AWS | Azure
Tampa, FL, United States

Details

Education: Associate's degree

Cyber security and information technology

Eastern Gateway College
Experience: Information Security Engineer

2022 - Present

* Designed secure and resilient Python applications for vulnerability management.

* Strengthened application security through design, implementation, and code reviews.

* Conducted automated cybersecurity testing for services, web apps, and APIs.

* Coordinated with Engineers, Operations, and other teams to implement risk analysis.

* Conducted threat and impact analysis to identify vulnerabilities with cloud platforms.

* Integrated governance, risk, and compliance activities into cybersecurity programs to ensure regulatory compliance and improve security posture.

Senior IT Specialist

2018 - 2022

* Oversaw security infrastructure and ensured regulatory compliance with industry best practices.

* Coordinated with internal and external stakeholders as needed to develop and implement technical solutions to remediate vulnerabilities and reduce risk

IT Specialist

2015 - 2018

* Developed and delivered comprehensive training to increase awareness of cyber threats and best practices across all levels of the organization

* Provided support for security infrastructure and Apple technical platform.

Support Specialist

2013 - 2015

* Conducted root cause analysis to resolve technical issues with Mac, PC and mobile platforms.

* Managed customer relationships through effective communication and problem-solving.

2012 : Present

Apple

Information Security Engineer
Company: Apple
Years of Experience: 11

Skills

Active Directory, Amazon Web Services (AWS), Analytical Skills, Application Security, Automation, Autopsy, Burp Suite, California Consumer Privacy Act (CCPA), Cloud and Distributed Computing, Compliance PCI, Cybersecurity, Disaster Recovery, Docker, Elastic Stack (ELK), Firewalls, General Data Protection Regulation (GDPR), Google Cloud Platform (GCP), Identity & Access Management (IAM), Incident Management, Incident Response, Information Security, Infrastructure, Intelligence cycle, ISO 27001, Java, Kubernetes, Linux, Microsoft Azure, Microsoft Office, Mitre, Network Security, OWASP, Penetration Testing, Project Management, Python (Programming Language), Risk Management, Security Information and Event Management (SIEM), SOAR, Software Development Life Cycle (SDLC), Splunk Enterprise, SQL, Team Leadership, Tenable Nessus, Threat & Vulnerability Management, Threat Modeling, Threat research, Unix Administration, Vulnerability Assessment, Windows System Administration, Wireshark

About

As a seasoned cybersecurity professional with a decade of experience under my belt and the opportunity to work with a lot of smart people, I have honed my skills in Python coding, vulnerability detection, and GRC (Governance, Risk, and Compliance).



I am devoted to exploring the ever-evolving information security trends that facilitate the seamless coordination of security and compliance with internal and external stakeholders. A comprehensive knowledge of automated security testing, web applications, APIs, and a passion for learning has provided me with a set of skills that spans defensive and offensive methodologies.



Topics That Interest Me:

🔹 Threat intelligence.

🔹 Network Security

🔹 Firewall Security

🔹 Endpoint Security

🔹 Intrusion Detection

🔹 Data Loss Prevention

🔹 Security Information and Event Management (SIEM)

🔹 Identity and Access Management (IAM)

🔹 Penetration Testing

🔹 Vulnerability Management

🔹 Patch Management

🔹 Application Security

🔹 Cloud Security

🔹 Mobile Device Security

🔹 Social Engineering

🔹 Phishing and Spear Phishing

🔹 Ransomware

🔹 Malware Analysis

🔹 Cyber Threat Intelligence

🔹 Cybersecurity Frameworks

🔹 Risk Management Frameworks

🔹 Disaster Recovery

🔹 Business Continuity Planning

🔹 Cyber Insurance

🔹 Third-Party Risk Management

🔹 Data Privacy

🔹 Compliance Auditing

🔹 Cybersecurity Policies and Procedures

🔹 Security Awareness Training

🔹 Cybersecurity Metrics and KPIs

🔹 Regulatory Compliance

🔹 PCI DSS Compliance

🔹 HIPAA Compliance

🔹 GDPR Compliance

🔹 ISO 27001/27002 Compliance

🔹 NIST Cybersecurity Framework

🔹 Cybersecurity Risk Assessments

🔹 Security Assessments and Audits

🔹 Security Governance

🔹 Risk Management

🔹 Security Incident Management

🔹 Security Governance

🔹 Cybersecurity Metrics and Reporting

🔹 Cybersecurity Training and Education

🔹 Cybersecurity Best Practices

🔹 Security Architecture and Engineering

🔹 Security Testing and Evaluation

🔹 Security Information Management

🔹 Security Risk Management

🔹 Threat Modeling

🔹 Security Operations

🔹 Security Assessment and Authorization

🔹 Cybersecurity Consulting

🔹 Cybersecurity Management

🔹 Identity and Access Governance

🔹 Data Governance

🔹 Compliance Management

🔹 Vendor Management

🔹 Security Standards

🔹 Security Policies

🔹 Security Compliance

🔹 Security Governance Models

🔹 Cybersecurity Tools and Technologies

🔹 Cybersecurity Awareness Programs

🔹 Security Incident Response Planning

🔹 Security Compliance Monitoring