About Me

Greetings!

Background

Originally from the Bay Area, currently residing in the Southeast for over 10 years. I graduated with my Masters in Computer Science and a Graduate Certificate in Information Security and Privacy.

I worked as a developer in a former life and have since transitioned to InfoSec. Past roles have been as a Security Automation Engineer, Penetration Tester, etc. My foundation is Web Application Security (#webislife), but I dabble in Mobile Security and Cloud Security.

I’m an adjunct professor at two universities on both coasts. This keeps me busy but also fulfills the part of me that loves to do acts of service / give back to my community. I’ve also created a few courses with companies and universities such as Cybrary, Infosec Institute, and Drexel University and presented at a handful of growing conferences.

Passion Projects

  1. Securing medical devices: To give a background, I participated in the Biohacking Village (BHV) (which marries medical and cybersecurity) CTF at the 2020 DEFCON. I learned about medical history and found and tested vulnerabilities in insecure medical devices. I was hooked! I wanted to know more, so for DEFCON 2021, I participated in the Device Lab, a live network that allows researchers to pentest medical devices. I found five of the thirteen vulnerabilities during the engagement. Now I am the Device Lab co-lead and Education Lead with BHV. To learn more about BHV, click here.
  2. Security research/bug bounties: This inspiration came from number 1, working in the device lab. I dabbled in bug bounties here and there, but now I am making it a priority to increase my skills. I can’t wait to write more blog posts when I find more vulns!
  3. Cybersecurity education: My goal is to help increase marginalized groups in cybersecurity through education, as it’s a global issue. I created a non-profit, The Accelerated Training Program (T-ATP), with a mission statement of providing quality cybersecurity education to all, and to study systemic exclusion of cybersecurity education to marginalized groups. To learn more about T-ATP, click here.
  4. Education policy: This is intertwined with #3 (cybersecurity education). I just found out about education policy and education technology in the past two weeks. My ultimate goal of T-ATP is to change how cybersecurity education is taught in the United States, and worldwide through legislation. At this point, education policy will be the way to get there. If you’re in education policy, please reach out as I would like to connect and collaborate!

Future State

I want to use my passion projects to inspire the next generation of cybersecurity professionals and show prospective cybersecurity professionals they can succeed in this industry too.

This will be done by collaborating with the Office of the National Cyber Director or joining CISA’s Cybersecurity Advisory Committee’s subcommittees in Transforming the Workforce and the Technical Advisory Council.

Wanna know more? Let’s connect through email (hello@thefluffy007.com) or Calendly.

Leave a Reply