Sanders Diaz
Apopka
Summary
Dynamic security professional with extensive experience at AdventHealth, specializing in penetration testing and adversary emulation. Proven track record in enhancing security posture through effective red team coordination and technical training. Skilled in Python scripting and adept at translating complex findings into actionable strategies for executive stakeholders.
Overview
18
18
years of professional experience
1
1
Certification
Work History
Course Director
Full Sail University
01.2023 - Current
- Designed and delivered enterprise-level security curriculum focused on IAM, cryptography, threat modeling, and secure application architecture.
- Integrated MITRE ATT&CK, NIST, and OWASP frameworks into labs and use-cases, helping future security leaders understand architectural trade-offs.
- Mentored students on designing secure systems, conducting threat modeling exercises, and implementing enterprise-wide defense-in-depth strategies.
Application Security Penetration Tester
Advent Health
01.2019 - Current
- Performed web application penetration tests on 50+ enterprise applications, identifying critical vulnerabilities including CSRF, RCE, SQLi, LDAP injection, and authentication bypasses.
- Launched the organization’s first red team program and restarted the purple team initiative, enhancing testing maturity and cross-team collaboration between offensive and defensive units.
- Led red and purple team exercises that uncovered enterprise entry points, resulting in successful remediation and hardening of detection and response processes.
- Evaluated web application defense tools, including WAFs and runtime protections, providing recommendations to strengthen layered security architecture.
- Conducted enterprise-wide web application discovery across 200,000+ assets, supporting risk-based prioritization and testing coverage expansion.
Red Team Analyst
Lunarline
01.2018 - 01.2019
- Executed full-scope adversarial simulations targeting judicial environments; emulated APT techniques to test and challenge enterprise defenses.
- Designed and deployed custom C2 profiles, lateral movement tools, and phishing infrastructure.
- Delivered architecture-level recommendations to harden detection, identity, network segmentation, and monitoring controls.
- US Courts Contractor
Deputy Director/Lead Penetration Tester
Lunarline
01.2016 - 01.2018
- Scoped and led application, network, and wireless pentests; facilitated kickoff/out-brief sessions with stakeholders to align remediation to enterprise security architecture.
- Developed team-wide training on leveraging security tooling (e.g., containers, APIs) within complex enterprise environments.
- Served as primary liaison between technical teams and executives, translating findings into prioritized, architecture-aligned remediation strategies.
Lead Vulnerability Management Engineer
SAIC
01.2014 - 01.2016
- Built and led an enterprise VM program covering 50,000+ assets, integrating Qualys scanning, POA&M tracking, and secure code reviews.
- Assessed vulnerabilities by exploitability and business impact; produced risk-based remediation reports for technical and executive stakeholders.
- Coordinated remediation with IT, IR, Security Engineering, and third-party vendors.
- Led M&A security assessments to identify integration risks in target networks, codebases, and architectures.
- Authored SOPs and dashboards to streamline vulnerability lifecycle management and support audit readiness (NIST, PCI-DSS, FedRAMP).
Security Engineer
HD Supply
01.2012 - 01.2014
- Engineered and maintained SIEM and password management platforms, built custom detection/response logic and dashboards, and collaborated with SOC/IR teams to support threat detection, log correlation, and compliance readiness.
Sr. Information Security Analyst
Fiserv
01.2010 - 01.2012
- Performed enterprise vulnerability scanning and PCI remediation, maintained SIEM platforms, analyzed IPS/SIEM events, and conducted internal network penetration tests to validate detection and strengthen defensive architecture.
Sr. SOC Analyst
Terremark Worldwide
01.2008 - 01.2010
- Monitored multi-tenant MSSP environments, analyzed IDS/SIEM/firewall alerts, and conducted deep packet inspections to identify intrusions and C2 activity.
- Tuned detection rules, reduced false positives, and supported incident response across enterprise clients.
Education
B.S. - Computer Science
University of Illinois at Springfield
Illinois01.2018
Skills
- Penetration testing and adversary emulation
- Cobalt Strike and Burp Suite Pro
- Metasploit and Kali Linux
- Python, PowerShell, and Bash scripting
- Regex and Lua programming
- Security engineering and SIEM solutions
- Splunk and LogRhythm expertise
- IDS/IPS configuration with Snort and Suricata
- WAF testing and firewall auditing
- Threat detection and packet analysis
- Malware forensics and IOC/IOA development
- MITRE ATT&CK framework application
- Identity management with SAML, OAuth2, RBAC, LDAP, MFA
- Federation protocols implementation
- Compliance frameworks: NIST, ISO 27001, PCI-DSS, OWASP Top 10
- Leadership in red team coordination and exec briefings
- Process improvement through technical training and mentorship
Certification
- SANS SEC 503: Intrusion Detection in Depth (GCIA), #3978, Expired
- SANS SEC 504: Hacker Tools, Techniques, Exploits and Incident Handling (GCIH), #13558, Expired
- SANS SEC 560: Network Penetration Testing and Ethical Hacking (GPEN), #7358, Active
- SANS SEC 660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking (GXPN), #687, Active
Websites
Talks And Tools
- Bsides Orlando, Protocol Reverse engineering and fuzzing, 2016
- OWASP Orlando, Advanced IDS Evasions Using Scapy, 2016
- Github, https://github.com/d43m05/eScapy, 2016
Timeline
Course Director
Full Sail University
01.2023 - Current
Application Security Penetration Tester
Advent Health
01.2019 - Current
Red Team Analyst
Lunarline
01.2018 - 01.2019
Deputy Director/Lead Penetration Tester
Lunarline
01.2016 - 01.2018
Lead Vulnerability Management Engineer
SAIC
01.2014 - 01.2016
Security Engineer
HD Supply
01.2012 - 01.2014
Sr. Information Security Analyst
Fiserv
01.2010 - 01.2012
Sr. SOC Analyst
Terremark Worldwide
01.2008 - 01.2010
B.S. - Computer Science
University of Illinois at Springfield