Ashley Wolfe

OT Penetration Tester

• Performed Operational Technology risk and vulnerability assessments and provided results and recommendations to various clients.
• Analyzed security policies for usefulness and value to suggest security policy improvements.
• Developed risk assessment reports to identify threats and vulnerabilities.

Cyber-Physical Engineering

• Provided application and control systems design and development for systems of varying complexity to support cyber-physical range training products.
• Maintained, debugged and optimized automation programs.
• Established best practices and innovative solutions to enhance production rates and output quality.
• Reduced project completion time with efficient resource allocation and effective communication strategies.

Team Lead

• Formed strategic partnerships and connected with potential clients to drive business development.
• Conducted meetings with staff to discuss production progress and to attain production objectives.
• Presented production ideas and determined creative scenarios for production and delivery.
• Optimized engineering processes by implementing innovative solutions and streamlining workflow.
• Developed schedules for production, editing, and duplication for timely delivery.
• Worked closely with organizational leadership and board of directors to guide operational strategy.
• Led teams of up to 4 in developing and implementing cyber-physical training products and OT cybersecurity assessments

• Meet with clients to set rules of engagement, timelines, and expectations
• Accurately document and report on findings discovered during penetration testing activities
• Use automated tools as well as manual testing methods to identify and validate vulnerabilities identified in client organizations
• Uncover meaningful risks relative to specific client environments and their (information) assets, exploitable through identified attack vectors
• Provide regular contributions to Security community through research (blog post, tool, whitepapers, e-book, etc.)
• Worked effectively in fast-paced environments, often supporting 2-4 clients simultaneously.

• Conducted security audits to identify vulnerabilities.
• Recommend improvements in security systems and procedures.
• Assessed security compliance, security program organization, policies and procedures, general risks and vulnerabilities.
• Developed reasonable and cost effective recommendations for security improvement.
• Led and executed over 50 offensive security engagements from start to end.
• Communicated with stakeholders and clients, and advised importance of conducting offensive security operations such as penetration testing, red teaming, attack simulations, and threat hunting.
• Developed and maintained various security offerings and documentation to supplement sales.
• Served on technical advisory team to develop, maintain and support lab images, system images and remote access devices for assessments.

• Responded to and, where appropriate, resolved or escalated reported security incidents.
• Designed, installed, configured, supported and maintained over 50 security tools according to industry best practices, including firewalls, intrusion detection and prevention devices and SIEM within Critical Infrastructure environment.
• Provided operational and system administration support for all firewalls, IDS/IPS, vulnerability management and other security systems in OT space.
• Maintained network security diagrams and support Operational Technology security architectural requirements.
• Participated in various projects as technical expert and/or as technical resource. Particularly working as technical expert for ICS Security.
• Participated in incident management, asset management, change management, project management, and continuous improvement of companies security posture.
• Planned security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
• Troubleshot deployment and system issues within green field deployment.
• Developed and automated meaningful reports that meet compliance and reporting requirements.
• Mentored and trained over 15 new Operational Technology field support team that will require limited access to various security tooling.
• Researched and applied threat information for Industrial Control Systems in order to increase organization’s intrusion detection capabilities.
• Performed risk and vulnerability assessments and provided results and recommendations to senior management.

• Performed assessments of technology such as applications, databases, servers, networking devices (i.e., firewalls and routers), and security tools such as IDS/IPS, anti-malware, and authentication systems (e.g., Active Directory).
• Upgraded security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
• Implemented security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
• Conducted vulnerability research in software that is critical for user safety on internet.
• Configured and troubleshoot security infrastructure appliances or software.
• Provided documentation on start-up, shut down and first level troubleshooting of processes to help desk staff.
• Implemented company policies, technical procedures and standards for preserving integrity and security of data, reports and access.

Major Project: Implemented 5 IDS/IPS and logging infrastructure to all facilities, including plant facilities with automated ICS controls. Analyzed traffic from different facilities to determine baseline for alerts and severity of alerts based on data classification. Tuned logging infrastructure to provide relevant information to analysts.

• Acted as JRSS Training Instructor and Subject Matter Expert for Bro IDS and Argus. Wrote 2 training courses and developed 8 lab environments to support courses.
• Collected and analyzed training metrics to identify training gaps.
• Provided systems administration support for Linux and Windows systems including server and workstation upgrades, backup and disaster recovery monitoring, user account setup and security administration.
• Acquired training to perform setup, maintenance and operation of numerous security devices to include VMware, Palo Alto, and Palo Alto Panorama.
• Conducted research into and applied knowledge of Government test and evaluation concepts and related engineering, acquisition and operations activities as needed to support T&E activities.
• Executed testing and data collection per plan and produced associated test plans, procedures, and reports/briefings.
• Performed day to day operations, management and administration to protect confidentiality, integrity and availability of information assets and technology infrastructures of organization, including but not limited to IDS/IPS, Firewalls, and Anti-virus.
• Obtained Interim Secret Clearance.

• Responsible for architecture, deployment and maintenance of Tenable products (LCE, NESSUS, PVS, SecurityCenter).
• Responsible for architecture, deployment and maintenance of security appliances (Forescout NAC, Suricata, Malwarebytes & Sophos anti-virus, RSA VPN, Barracuda anti-spam).
• Categorized, assessed and responded to security incidents and reported findings to management with intent of being proactive and evaluate business risks and impact.
• Evaluated how new Standard Operating Procedures (SOP) affect employees and IT and how existing SOP can be enhanced.
• Provided feedback to Dev teams of PVS, NESSUS, Security Center and LCE to help improve Tenable's products.
• Analyzed collected data to find attack patterns and determine ways to remediate existing vulnerabilities.
• Evaluate products, while keeping in mind low impact on users, that security team would like to deploy.
• Documented deployment of new product and update existing documentation coordinated deployment of new products with IT and other departments.
• Managed 8 firewalls, 2 network monitoring and 2 server monitoring both on- and off-site.

• Served as primary liaison between customer and Tenable for technical related issues.
• Analyzed and clarified over 700 customer technical inquiries.
• Analyzed vulnerability scan results, system audits, and log events Recreating customer software issues in lab environment.
• Ensured customer feedback is properly channeled into Product Management and Research & Development.
• Maintained in-depth knowledge of Tenable products and information security best-practices.
• Created and published solution knowledge for re-use by customers and Tenable employees.
• Consulted via telephone to understand user problems, run through testing scripts and ask probing questions to locate root causes
• Documented repair processes and helped streamline procedures for future technical support actions

• Seek and secure financial and in-kind support from 6 corporations and corporate foundations.
• Maintain excellent relationships with existing corporate and business donors and partners.
• Develop sponsorship programs that increased sponsors and support by 25% for major Security Weekly initiatives and programs.
• Write relevant correspondence as appropriate, develop and edit proposals, reports, correspondence, and solicitations, and develop and deliver presentations.
• Work on projects related to Cyber Security, including technical segments for podcast, developing labs for SANS course, and various research projects.
• Assistance with deployment and upkeep of Security Weekly website content.
• Conducted research for various projects, leading to well-informed decisions and successful outcomes.