Alexander Longo

- Worked as part of an internal team that exclusively performs penetration testing, incident response, vulnerability scanning, OSINT investigations, and Tier 3.

- Led and assisted in penetration tests of all types, including internal, external, physical, web app, and social engineering.

- Discovered a previously unknown CVE (zero-day exploit) in an externally-facing production environment for a penetration test client in the government sector.

- Proficient in Python, Powershell, SQL, Bash, PHP, Burp Suite, OWASP ZAP, SQLmap, Hydra, Nmap, Responder, Metasploit, Nikto, John the Ripper, Bloodhound, PowerView, CrackMapExec, Rubeus, Mimikatz, Nikto, Kali Linux, and many other pentesting tools.

- Deploy custom scripts to aid in pentesting and incident response using Python, Powershell, and Bash.

- Experience in leading multiple incident response engagements for companies in healthcare, business, government, education, and security sectors.

- Conducted an independent technical review and penetration test of many large-scale corporate networks as well as created and authorized the final reports.

- Deployed, managed, and performed in-depth investigations in popular EDR platforms such as Crowdstrike, Defender, and FortiEDR.

- Experienced in writing event search queries for Splunk, Crowdstrike, Elasticsearch, Defender, and FortiNet.

- Used digital forensics tools (Autopsy, FTK imager, etc.) to recover data, investigate ransomware attacks, and more.

-Triaged alerts coming into the SOC at Tier 1.

-Escalated true positives to Tier 2 for further investigation and remediation. Worked in a multitude of cybersecurity technologies to assist in alert triage and investigation.

-Worked in an internal DevOps team to automate playbooks for incoming alerts.

-Made use of popular firewalls, EDRs, SIEMs, and other tools to assist in investigation and remediation of alerts.

-Maintained regular contact with InfoSec teams in healthcare, government, education, security, and private business sectors.

-Experience in writing custom Python scripts for automation and general software development tasks.