I am cyber incident response practitioner, cyber strategist, and public policy advisor. This page outlines career elements in reverse order.

MOXFIVE

I joined old Mandiant colleagues as an advisor at MOXFIVE1 in 2021 and now lead the Cyber Incident Management practice. MOX is laser focused on street smart response, helping clients recover from hard-down cyber events without the noise and ambiguity all too common in the space.

Most cases are widespread ransomware events, and my client record here is weighted toward hospital networks, manufacturing, and state/local government.

Our work is full scope; we provide forensics, recovery engineering, project management, data mining, negotiations, surge helpdesk, equipment rentals - any technical element you may need during a response.

Boston Consulting Group

From 2019-2021, I was a member of BCG’s cyber strategy consulting chapter. (M&A, frameworks, NIST)

More details to come.

US Senate

In 2018, I was a policy advisor in the Office of Senator Rand Paul by way of the TechCongress fellowship. (fellow reflection: fellow reflection).

More details to come.

Mandiant

After graduating RIT, I joined Mandiant’s DC office. Mandiant aims to “respond to every breach that matters”, focusing on nation-state attacks2 targeting defense, government, and strategic commercial firms. I was with the firm through some pretty wild chapters, including the landmark APT1 report, FireEye’s buyout, iSight’s integration, and Mandia’s return to CEO.

Mandiant consulting was a phenomenal place to start a cyber career. Sharing a few personal highlights:

  • Investigated breaches for nearly fifty organizations across defense, finance, healthcare, professional services, and government.
  • Gave expert testimony in the jury trial for what DOJ calls “the largest known computer hacking and securities fraud scheme”3.
  • Chartered and produced the Security Operations Center for a top Asia-Pacific bank.
  • Developed and taught security courses for major financial services firms, industry conferences, and federal law enforcement.
  • Discovered and created analysis tools for novel forensic artifacts and C2 channels.
  • Traveled all over the US and to foreign countries on four continents.
  • At the time I resigned, I was the only consultant to deliver every service offering4.

The company has since rebranded from FireEye back to Mandiant, spun off FireEye assets (now Trellix), and got scooped up by Google. Many friends remain at the firm and it’s a blast watching their success. Mandiant remains one of the best places to start a cyber career and a keystone private sector response provider.

Cisco Systems

While attending RIT, I did a 7 month co-op with Cisco Systems in Cary, NC. We worked in possibly the largest pure networking lab in the world, recreating customer networks to support TAC casework. We touched just about every device Cisco produced, from stacked switches to carrier routing systems the size of a small food truck.

Cisco’s program was a fantastic experience - by the time you’re done you have configured just about every layer 1-3 arrangement imaginable. I picked up my CCNA while I was in Cary, and later picked up the CCNA security certicate as well. I was lucky enough to work with a great cohort, many of whom are still crushing it at Cisco all these years later.

Other activities

TechCongress

More details to come.

Coding it Forward

More details to come.

Milton Hershey School

More details to come.

Electronic Frontier Foundation

More details to come.

Education

Rochester Institute of Technology

I graduated from RIT with honors out of their Computer Security BS program (then called “Information Security & Forensics”). I picked up a minor in American Politics and achieved Dean’s List my final seven consecutive terms.

Through the master’s course program I published research at the 2012 International Conference on Security & Management (SAM), and was an active member in SPARSA (now RITSEC), RITLUG, the billiards club, and had co-ops with Wheatland Chili School District, Cisco Systems, and Mandiant.

Three year season ticket holder for RIT Hockey.

(USCHO pictures!!!)

Milton Hershey School

It’s unusual to highlight secondary school in a career arc, but MHS was an important chapter that offered a ton of opportunity. (charity, responsibility, career paths, certifications, internships).

More details to come.

  1. Inc 5000’s fastest growing security startup and 39th overall ↩︎

  2. Advanced persisent threats”, or APT ↩︎

  3. Korchevsky v USA ↩︎

  4. Incident response, strategic readiness, transformation, technical assurance, Mandiant Academy, ThreatSpace, and Managed Defense ↩︎