Microsoft, OneDrive/SharePoint Security Detection & Response (July 2024 to Present)
I work on the Security Detection & Response team for OneDrive and SharePoint. My work includes building and shipping detection rules mapped to MITRE ATT&CK techniques, re-engineering proactive blocking systems, leading security investigations and incident responses, conducting threat hunting via KQL, and driving weekly threat model reviews.
Amazon AWS, EC2 Networking (February 2021 to June 2024)
I worked on the Blackfoot Edge Applications team focusing on software defined networking at the EC2 layer. I designed a fully automated device remediation workflow covering 100K+ devices worldwide, reducing weekly sev2 alerts by over 70%. I implemented a low-latency packet filtering system in C with only 5-10 clock cycle overhead, engineered noisy-neighbor mitigation in C++, and owned the security strategy and review process for our 120-engineer organization, driving compliance with U.S. (FedRAMP), U.K., and Chinese government regulations.
Amazon AWS, Blackfoot Edge Applications (May 2020 to August 2020)
I designed and implemented memory mapped file IPC to create dynamically configurable network flow telemetry system. There was a significant emphasis on making sure the process performed quickly to avoid potentially not logging flows. In addition, I designed and built machine learning server health analysis tool, winning “Most Novel” award in Blackfoot Hackathon. The team demonstrated a significant interest in this project, and because no one on the team other than myself had experience with machine learning, I offered to hold a seminar on introductory topics on machine learning. On the last day of my internship I held a 90 minute seminar for the entire Blackfoot organization with questions and answers.
Goldman Sachs (May 2018 to August 2018)
I worked with the FICC Global Credit. Before my project, it was possible for traders to accumulate positions for private placement bonds in America and Europe. Due to differences in regulation (144A for America and Regulation S for Europe), traders could have offsetting positions for the same bond in different regions. Due to funding costs, this could cost traders a significant amount of money. Through the Deposit/Withdrawal At Custodian (DWAC) rule, it is possible for traders to convert one region's bond into the other's. I and another intern designed the algorithm and interface to automatically detect these bond pairs and notify traders. Through a workflow application, traders could select whether they wanted to action a DWAC or keep the positions.
Point72 Asset Management (June 2017 to August 2017)
I worked with the quantitative development team. My job was to convert the file parser used for electronic trading protocol files from C++ to a Python-readable format. This allowed the file parser to work with other scripts that the company already had. In addition, because the electronic trading protocol files could be extremely large, it was necessary to design a not-all-in-memory algorithm to handle this. Multithreading and flow control were crucial elements of the algorithm I designed. Using Boost Python, I was able to rewrite the parser and allow it to interface with other Python scripts.
Illini Emergency Medical Services (August 2015 to May 2019)
As a freshman in college I wanted to learn some medical skills because I felt they could be useful. I joined Illini EMS as soon as I could and I became CPR certified through them. I worked a variety of events and loved every minute of it. Towards the end of the semester, I applied for their Emergency Medical Technician class in hopes of further studying medical techniques and protocol. I was accepted and I spent a large portion of the following semester studying as an EMT and getting my EMT-B certificate and license. I immediately became a Lead EMT and helped teach the CPR and EMT-B classes. I enjoyed working for Illini EMS, and I'm grateful for everything their members have taught me. I made friends that I will surely keep for life.
Edge-Scott Fire Protection District (January 2018 to May 2019)
I joined ESFPD because I wanted to experience EMS outside of the confines of university life. I wanted to respond to real 911 calls. I had to go through a grueling two-month interview process during which I was tested on everything from protocol to the location of each item on each rig. After passing the tests, I was released as an EMT for ESFPD. It was around this time that I began my fire training. Training to be a fireman was one of the most difficult things I have done in my life and I am glad to say that by December 2018 I was a full fireman for ESFPD. I learned that one important aspect of the fire service is contributing to the community. It's more than putting out fires and certainly more than the lights and sirens. It's about making people feel safe. Working as a volunteer fireman for ESFPD is one of my proudest accomplishments.