Profiles search

Nick Harris

Information Security Specialist - Attack Surface Management & Red Team
Oklahoma City, OK, United States

Details

Education: Associate of Science - AS

Cyber/Computer Forensics and Counterterrorism

Rose State College

2018 : 2019

Bachelor's degree

International Relations and National Security Studies

University of Oklahoma

2013 : 2016
Experience: Formalized the adversary emulations pod at Southwest. This was a natural capability maturation of the internal penetration testing program.

2023 : Present

Southwest Airlines

Adversary Emulations & Red Team

Conducted Internal and External penetration tests as a contractor for Critical Fault

Document control and drafting of deliverable reports

Technical documentation and policy review

2022 :

Critical Fault, LLC

Penetration Tester / Consultant

2020 :

Oklahoma Turnpike Authority

Information Security Architect

Developed internal offensive security / red-team operational practices & procedures for the ASMP team

Execution of penetration tests (application, infrastructure, cloud)

Contributed to the development of a proactive adversarial based approach to attack surface management

2022 : 2023

Southwest Airlines

Penetration Tester

Threat hunting

Vulnerability & risk assessment/mitigation

Vendor management

SIEM operations

DAST & SAST operations

PCI-DSS compliance efforts

Procedure & Policy documentation & review

2020 : 2020

Oklahoma Turnpike Authority

Senior Security Analyst
Company: Southwest Airlines
Years of Experience: 5

Skills

Advanced Threat Analytics (ATA), BASH, Burp Suite, Customer Service, Database Security, Data Management, Enterprise Risk Management, Ethical Hacking, Information Security, Information Security Awareness, Information Security Consulting, Information Security Engineering, Information Security Management System (ISMS), Internet Information Services (IIS), Internet Protocol Suite (TCP/IP), IT Risk Management, Kali Linux, Linux, Log Analysis, Microsoft Azure, Microsoft Office, Microsoft Server Platforms, Mobile Devices, Network Administration, Network Architecture, Network Engineering, Network Security, Penetration Testing, Public Speaking, Python, Red Teaming, Risk Management, Russian, Secure Network Architecture, Social Engineering, Social Media, Threat & Vulnerability Management, Threat Modeling, Transmission Control Protocol (TCP), Unix, Vulnerability Assessment, Wireless Networking

About

Information security professional proficient in offensive and defensive security. Experienced in drafting/establishing information security policy/procedure, penetration testing & enterprise information security management . BA (Oklahoma University - Int. Security Studies/Russian), AS (RSC - CyberSecurity / Digital Forensics), Security+, CCSP (Associate)