Hey Allen!  Can you start with an introduction of yourself and what you do at Maveris?

I am an Exploit Analyst at Maveris, or in layman’s terms, a Red Teamer/Penetration Tester. I work with a team to find, exploit, and report vulnerabilities to our customers. Part of my role also involves working with other cyber security teams to improve their processes and procedures, as well as provide various recommendations on how to better secure our customers’ infrastructure. We work with customer Cyber Security Operations Centers to test their signatures, validate existing known vulnerabilities, and conduct remediation testing after mitigations are in place. 

What’s one professional skill you’re currently working on?

Currently, I am studying to obtain my Offensive Security Experienced Pentester (OSEP) certification. Through this I’ve learned many skills applicable to penetration testing but the largest skill I feel I am walking away with is how to effectively interface with the Windows API to launch powerful attacks on the Windows Operating System. This skill alone should prove to be invaluable during future penetration tests or red teaming and will ultimately help show where vulnerabilities lie in our customer’s infrastructure.

What is one thing you appreciate about working at Maveris?

I love working with Maveris. One thing that I appreciate about Maveris is flexibility. Maveris enables me to do things that I was never able to do in the past while working other jobs. My full-time remote position saves me over 3 hours of commuting each day, meaning I get to spend more time with my family. A fantastic PTO package has allowed me to take stay-cations to get important things done at home without causing panic in the back of my mind that I will not be able to take actual vacation later on in the year. My team has my back when I need to step away to take care of a baby in a pinch. All in all, I’ve had more time for myself and my family than I’ve ever had before and I’m so incredibly grateful to Maveris and the teams I work with for the flexibility I have.

What’s your go-to productivity trick?

I’d love to say “working out” here, but after the birth of my twin girls, I can’t say that I have worked out consistently for a while. So, with that said, it would be a double macchiato and some fast-paced instrumental music. Oh yeah, that espresso machine has gotten a workout of its own this past year.

What’s one hobby you’d love to get into?

I’d love to get into electronics, it’s one area that I feel I know very little about and most of it seems like magic. I have dabbled here and there, but I have so many awesome ideas on things I could build. Things like Smart Mirrors, Home Automation, and pretty much anything showcased by DIYPerks. The only thing stopping me from doing this is time. I am at 95% utilization it seems, so maybe one day I can pursue these dreams.

What is one bit of advice you would give to someone just starting out in your career field?

Learn to code. Seriously, it’s one thing that will stand you apart from so many others in the increasingly saturated field of cyber security. I recommend checking out a free CodeCademy course and starting with Python as a first language, or check out the awesome and also free (online) Automate The Boring Stuff book. Why Python? Because it is shipped by default in most Linux operating systems and is used extensively in cyber security Open-Source tooling. I find it to be a simple yet decently explicit language and will enable you to build anything from a microservice to a full blown web application. Start small of course; print your “hello world” and work from there. Try to build a web application using Flask. Connect it to a database like SQLite. Put all of this on your resume and show off! Employers will undoubtedly be impressed with your aptitude to learn on your own, and even more impressed that their next hire knows how to code.