About Thomas
Over 20 years of IT experience, with 10+ years of experience in cybersecurity as an individual contributor and as a cybersecurity manager. Served non-government, commercial clients as well as the Customs and Border Protection agency, and Department of Defense customers, including Army, National Guard, and Army Reserve.
​
Strong interest in reverse engineering, pentesting, red-teaming, and security research.
​
Spearheaded web application penetration testing initiative using open source DevSecOps and penetration testing tools in Black-, Grey- and Crystal-Box security testing approaches.
Improved upon the Fortify continuous integration pipeline for static code analysis of over 40 applications.
Network analysis and incident response using IDS and SIEM tools to keep the program assets and data safe.
Skilled and proficient in a wide range of information security tools, scripting languages, and programming languages.
Exceptional development, testing and accreditation skills. Ability to lead and manage cybersecurity teams and develop solutions aligned with DoD, Army, CBP, and commercial cybersecurity regulations.
Proficient with information security tools including Kali Linux, Burp Suite, Wireshark, Nmap, Nessus, Metasploit, Netcat, and others
Experienced with WinDbg, Immunity Debugger, OllyDbg, and Ghidra
Strengthened pentesting skills on OffSec’s Playground, HacktheBox, VulnHub, and OWASP Juice Shop vulnerable machines
Maintained, updated, and administered Fortify continuous integration builds and scans
Implemented “security gates” in Gitlab Ultimate pipeline for CBP customer to prevent new critical and high vulnerabilities from being merged into codebases and deployed.
Led, mentored, and developed a strong cybersecurity team with varying skillsets, consisting of over 15 cyber professionals
Applying Agile project management principles and practices
Experienced with Ansible, Docker, Grafana, PostgreSQL and various AWS and Azure cloud automation tools
Proficient with Python, PowerShell, C#, Java, ASP.NET, JavaScript, Oracle PL/SQL, Git, Team Foundation Server, Microsoft Test Manager, SourceTree, Red Hat Enterprise Linux, Microsoft Windows, Mac OSX, iOS and the Microsoft Office suite
Experience with C++, Fortran, Pascal, ASM, AutoCAD, MATLAB, Mathematica, various Linux distributions and Unix (on Sun SPARCstations)
Work Experience
November 2023 - Present
April 2022 - Present
October 2021 - April 2022
July 2016 - October 2021
August 2013 - July 2016
- Cryptactical, LLC founded and began operations.
- Senior Software Security Architect
- Application Security Engineer
- Cybersecurity Architect (CBP/DHS)
- Acting Enterprise Cybersecurity Manager (DoD)
- Cybersecurity Operations Manager (DoD)
- Principal Information Security Specialist (DoD)
- Program Manager / Application Developer (DoD)
​
Certified Cybersecurity
We provide cybersecurity services and subject matter expertise that crosses into multiple security domains:
Defensive Cybersecurity
Certified Information Systems Security Professional
(CISSP)
​
Certified Secure Software Lifecycle Professional
(CSSLP)
​
GIAC Cloud Security Automation (GCSA)
Offensive Security
Offensive Security Wireless Professional
(OSWP)
​
GIAC Web Application Penetration Tester
(GWAPT)
Certified Ethical Hacker
(CEH)
Cybersecurity Leadership
Project Management Professional (PMP)
​
Certified Scrum Master
(CSM)
Certified Scrum Product Owner (CSPO)
Education
• M.S. Cybersecurity Technology - University of Maryland Global Campus (UMGC), Adelphi, Md. - 09/2019
• B.S. Computer Information Systems - Strayer University, Sterling, Va. - 12/2001
• Electrical Engineering undergraduate work completed - Virginia Tech, Blacksburg, Va. – 05/2000. Studied advanced mathematics, physics, chemistry and engineering courses.
​
• High School Diploma - South Lakes High School, Reston, Va. - 1996
Honors & Accomplishments
• Eagle Scout
• Strayer University Dean’s List, 5 consecutive terms (4.0 GPA)
• Former Member of National Honor Society Alpha Sigma Lambda (Iota Eta Chapter)
• University of Maryland Global Campus, Cybersecurity Technology Master’s Curriculum, 4.0 GPA