Skip to content

gregorybloom/resume

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Gregory Bloom

URL :   gwbloom.net - or - https://github.com/gregorybloom/resume                    CONTACT :   See application

Threat Analyst, Application Security Analyst, Full-Stack Developer, Junior Software Developer

SUMMARY

  • 10+ years of cybersecurity experience with focuses on web application security, endpoint threat detection, source code analysis (malware analysis, vulnerability testing)
  • Extensive experience in signature detection and code behavior analysis for malware and vulnerability analysis, threat analysis, incident handling in Agile teams
  • Lead team development: founding, training, onboarding, and leading multiple security teams at multiple companies. Built excellence through example and providing excellent technical assistance in developing team skills
  • Communicates amicably and clearly using thoughtful, level-headed insight and analysis, both written and verbal. Coordinates with a variety of audiences: customers, co-workers, stakeholders
  • Master's Degree in Computer Science. Always learning new IT, programming, and security skills

RECENT EXPERIENCE

Wordfence / Defiant Inc : Security Analyst, Threat Analyst

09/2018 - 04/2023

  • Researched and prototyped company's first Machine Learning prototype for malware identification, coordinating with Development team for first build
  • Performed application security review of WordPress plugins as they updated: vulnerability analysis via code analysis and debugging tools, white box testing, researching and creating exploitation method and scripting, confirming software functionality after firewall rule implementation
  • Conducted vulnerability analysis and security assessments for customers
    • Analysis included infection forensic analysis and remediation
  • Determined threat behaviors of obfuscated code (such as PHP and JS)
  • Established workflow, training, and data sample processes for the Threat Analysis team, including signature development, vulnerability triage, and ML
  • Led major pushes for improvement: detection recall, signature optimization, team strategy and priority, training initiatives, machine learning adoption
  • Created and performed major training initiatives, training team members on malware detection and malware research
  • Developed rapid tooling in Bash, PHP, and Python for machine learning, sample analysis, malware deobfuscation, and signature authorship workflows
  • Created and maintained comprehensive documentation - Bookstack docs, Diagrams.net workflows, training videos and sessions for team members, help info for all team-developed internal tools, video tutorials for complex workflow tools

SiteLock : Senior Web Security Research Analyst, Web Vulnerability Research Analyst

11/2013 - 08/2018

  • Researched, assessed, and redesigned security patches on major CMSs and plugins for backporting and distribution to customers
  • Performed static code analysis for security review using leading enterprise tools
  • Investigated compromised websites, removed infections, remediated PHP XSS and SQLi flaws
  • Deobfuscated and researched PHP and JavaScript code for behavior analysis (both malicious and legitimate code)
  • Lead internal incident responses (from detection/clean failures) to minimize customer impact, inform upper management, and conduct post-mortem analysis.
    • Wrote the official Incident Response Plan for internal failures relating to the team
  • Assembled and lead the malware analysis and vulnerability analysis teams
  • Established the mitigation, process, training, and incident handling process for both the malware analysis and vulnerability analysis teams
  • Developed sophisticated tool in Bash and Python for enhanced CMS analysis and summary reporting
    • Tool became part of standard protocol for entire support division for years
  • Authored web security articles for the SiteLock blog
  • Coordinated with customers over the phone and via email in order to resolve client issues and security incidents
  • Participated in sales and support calls as technical SME

SKILLS

Cybersecurity Frameworks: MITRE ATT&CK, OWASP Web Security Testing

Monitoring and SIEM: Google Chronicle, Splunk

Penetration Testing Tools: Burp Suite, Kali Linux, WPScan, nmap, Metasploit, Wireshark, BeEF

Malware Analysis & Detection: Perl Regex, YARA, HyperScan, ClamAV, IDA Free, msitools, VirusTotal

Vulnerability Hunting: Burp + XDebug, Veracode, direct code analysis and whitebox/debug level testing

Cloud Platforms: AWS, Google, data intake and IAM-based management

Coding Languages: JavaScript, PHP, Bash Scripting, Python, C#, Java, C++, Perl, HTML5/CSS3

Full-Stack Development: Git, jQuery, JSON, WordPress Plugin code, REST, Ajax, AWS Cloud Environment, Node.js, MEAN stack, LAMP stack, PHPStorm, relational databases like MySQL

Software Development: Electron JS, Android Development Environment, OOP, Data Structures, Design Patterns, APIs, SDKs, PyCharm, Visual Studio, IntelliJ IDEA, Apache, Unix/Linux

Machine Learning: Convolutional Neural Network fundamentals, Anaconda (Conda), Tensorflow, docker, data processing and transformation for machine learning input

Organization Processes: Jira, Agile, process mapping tools (Visio, bookstack).

PROCESS AND ROLE-DEFINED SKILLS

Application Security / Vulnerability Analysis: Vulnerability analysis, research, mitigation, and exploitation. White box testing, static and dynamic code analysis for security review

Code Development: Numerous JavaScript projects, Python/Bash tools, C# games, PHP-driven site tools. Code analysis, vulnerability assessments, web application security patching, software troubleshooting

Threat modeling: Client vulnerability and security analysis, defining probable threats, identifying prevention methodologies, infection and vulnerability mitigation, proactive threat capture and research

Communication: Provides thoughtful, level-headed insight and analysis, both written and verbal. Communicates amicably and clearly with customers, co-workers, stakeholders

Team leadership: Team founding, training, onboarding, and leading multiple security teams at multiple companies. Lead through example and provided excellent technical assistance to help develop the team. Designed incident handling, security triage, and process development for new teams

Process optimization: Documentation, automation, and improving team effectiveness through prioritization and training. Prepares workflows and triage priority charts for incident handling

Machine Learning: Convolutional Machine Learning fundamentals, Python pipeline implementation, data processing and transformation for machine learning input

Malware Reverse Engineering: Malware identification and analysis (detection signatures/regexes, decoding obfuscation, code analysis)

CERTIFICATIONS

Master's in Computer Science (Northern Arizona University, Flagstaff, AZ, USA)

Bachelor's in Computer Engineering (Queen's University, Kingston, ON, Canada)

GIAC GWAPT Certified - https://www.youracclaim.com/badges/422db4c3-f953-473e-8905-fc60feb064cb/public_url

CompTia PenTest+ Certified - https://www.youracclaim.com/badges/422db4c3-f953-473e-8905-fc60feb064cb/public_url

Cyberfire Malware Forensics Training - https://github.com/gregorybloom/resume/blob/main/assets/CyberFire2023Certificate.pdf - team bowser - Final Scores 01 & 02

AWS Certified Data Analytics - Specialty - https://www.credly.com/badges/53cf2b08-c981-4001-ab1d-66fe5a731a0c/public_url

Machine Learning - Online Coursera Stanford Cert - https://coursera.org/share/13854515ee24cca60f5701c96d7baea0

ACCOMPLISHMENTS / PROJECTS

  • Assessed vulnerabilities and exploits through white box testing of WordPress plugins and their updates
  • Lead, assembled, and trained multiple security analyst teams. Kept stakeholders involved and reprioritized whole team's direction as needs changed
  • Spearheaded proactive threat research efforts - finding, identifying, capturing, completely unknown and active malware in the wild
  • Prototyped company's first convolutional ML classifier for malware analysis
    • Uses alternative source code analysis approach instead of raw binary data, employs regression training for node weighting
  • Led major drives for improvement:
    • lead team strategy and priority
    • initiated, designed, and conducted team training initiatives
    • wrote numerous internal scripts and solutions, documenting everything
  • Wrote a JavaScript automatic synchronization framework for software dev
    • Detected changes to registered variables with Underscore.js and Backbone.js
    • used JSON schema to define: classes, registered variables, merging protocols
    • Used function generators to attach triggers for function-driven merging behavior
      • Variables, classes, and functions all defined by developer leveraging framework - none of the properties existed until use
    • Allowed asynchronous changes and merging of data on reconnection
      • Designed for decentralized tracking/merging with no core repo
  • Wrote JavaScript/C# video games for fun
    • Prototyped dozens of games over weekend contests in a rapid dev cycle
      • Created electron wrappers for the games and tested them on Android
  • Created the Karma card game private web prototype - for stakeholders' demo purposes
  • Found a flaw in Minecraft Java Edition 1.17.1 while doing a mod tutorial
  • Designed a data transformation system for Lowell Observatory for telescope alignment
  • Created the original sample catalog website for Merriam-Powell for high-res image samples
    • Images required back-end processing so 500+MB images could be viewed online

EDUCATION

Master of Science in Engineering, Computer Science

Northern Arizona University, Flagstaff, AZ

Programming and development of application architectures and web application behavior.

Bachelor of Applied Science, Computer (Software) Engineering

Kingston, Ontario, Canada

Software development, architectural design, software algorithms, and project management. Included embedded engineering and performance metrics.

INTERESTS

Programming and secure application development

Convolutional deep learning code analysis

Malware detection and analysis

Workflow process, automation, documentation, prioritization improvements

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published