PS C:\Users\alex>|

A little over two years ago during the summer after my first year of college I stumbled upon CPP Cyber and Cal Poly Swift. Ever since then I have dedicated most of my free time doing something cybersecurity related.

I am currently working at my school making cybersecurity-related labs for one of my professors, but over the summer I will be joining CrowdStrike as a Red Team Intern on their Professional Services team. Outside of work/school, I enjoy doing anything cybersecurity-related such as competing in competitions like CCDC, CPTC, and CyberForce. The certifications that I currently possess are OSCP+, Red Team Operator, and Security+. Below are some of my experiences and the competitions I have participated in.

Experience

Incoming Red Team Intern · CrowdStrike
Summer 2026 (Incoming) · Professional Services
  • Incoming intern on CrowdStrike's Professional Services team focused on red team operations.
Red Teaming Adversary Emulation Professional Services
Cyber Investigations Intern · MITRE
May 2025 – July 2024
  • Can't talk about it much. Message me!
Cyber Threat Intel Adversary Emulation MITRE ATT&CK
Network Engineering Intern · Johns Hopkins APL
May 2024 – August 2024
  • Collaborated with a team to develop a Python-based automation framework for remote network analysis, designed to capture network traffic (pcap files), video streams (VLC videos), and generate traffic patterns using MGEN.
  • Developed Bash and PowerShell scripts to automate the setup of a video analysis workbench.
  • Analyzed network degradation issues caused by 5G phones generating fake traffic via iPerf3, utilizing Wireshark.
  • Configured and validated Downlink and Uplink data transmission settings for video analysis.
Wireshark Python 5G Communications
Technical Support Assistant · Cal Poly Pomona
February 2024 – Present
  • Imaged devices for over 12 departments across Cal Poly utilizing PXE boot.
  • Utilized ServiceNow to efficiently track, manage, and close support tickets within established SLAs.
  • Helped end users diagnose and troubleshoot various hardware, software, and operating system related issues.
Customer Support Windows Troubleshooting Mac Troubleshooting

Competitions

Collegiate Penetration Testing Competition · Competitor, Windows and Linux Penetration Tester
June 2025 – Present | 1st Place Regionals, Globals Finalist
  • Performed Open Source Intelligence and source code analysis on public repositories to discover initial access points.
  • Exploited exposed databases, web applications, Active Directory configurations, and default service credentials.
  • Audited fictional companies against security best practices and compliance standards including DFARS and ITAR.
  • Authored report detailing findings, business impact, compliance issues, and remediation strategies to C-suite stakeholders.
OSINT Web Application Testing Reporting
Collegiate Cyber Defense Competition · Business Lead / Incident Response
April 2024 – April 2025 | 2nd @ Invitationals #1
  • Managed servers running HTTP, DNS, SMTP, MySQL, FTP, and Kubernetes.
  • Designed and implemented hardening techniques and strategies to mitigate red-team attacks on critical infrastructure.
  • Responded to business related tasks, such as incident reports, system inventory reports, and user access management.
Systems Administration Windows Server Hardening Incident Response
CyberForce Competition · Incident Response Lead
September 2023 – November 2023 | 16th Place
  • Searched for vulnerabilities utilizing Nessus, Nmap, WinPeas, LinPeas, and manual enumeration.
  • Created security documentation with an executive summary, network diagram, a full list of vulnerabilities found on all machines with remediation steps, and a detailed writeup on hardening machines.
  • Presented initial risk assessment and remediation of vulnerabilities found on machines to a panel of fictional executives.
  • Led the incident response team to respond to threat actors trying to gain access to critical infrastructure.
Incident Response Nessus Vulnerability Scanner Reporting
Information Technology Competition · IT Security Focus
April 2025 – May 2025 | 1st Place
  • Identified and exploited misconfigurations in AWS EC2 and DynamoDB services.
  • Exploited exposed databases, web applications, Active Directory misconfigurations, and default service credentials.
  • Created a detailed report detailing findings, business impact, and compliance violations for executives and presented findings to C-suite audience. Final Report
OWASP Burp Suite Reporting
NCAE Cyber Games · Networking Lead / Incident Response
January 2024 – April 2024 NCAE | 1st West Overflow, 2nd Nationally
  • Defended vulnerable servers running HTTPS, DNS, SSH, FTP, and MySQL from attackers in real time.
  • Set up network configurations for the team router and other UNIX based machines so endpoints can communicate with each other and outside networks.
  • Developed bash scripts to automate the securing of UNIX-based machines.
Firewalls Networking Incident Response
Hivestorm Competition · Windows Focus
September 2024 | 5th Place
  • Secured Windows Server 2022 VMs by patching vulnerabilities, removing malware, and hardening systems.
  • Applied Windows hardening techniques such as firewall configuration, disabling unnecessary services, enabling automatic updates, and enforcing secure group policies (password and account policies).
  • Conducted digital forensics on the Windows Server by analyzing logs, linking malicious scripts to services, and identifying indicators of compromise (backdoors, persistence mechanisms).
CIS Benchmarks Password Cracking Digital Forensics

Certifications

OSCP+ (OffSec Certified Professional)
OffSec Certification
  • Demonstrated practical penetration testing skills across Linux and Windows environments.
  • Performed enumeration, exploitation, privilege escalation, and post-exploitation to obtain proof-of-compromise.
  • Produced clear technical documentation and remediation recommendations in a professional penetration testing report.
  • Credential Verification
Penetration Testing Privilege Escalation Reporting
Certified Red Team Operator
June 2024
  • Gained hands-on experience with Cobalt Strike and C2 frameworks to execute red team operations in a realistic Windows domain lab environment.
  • Performed Active Directory enumeration, privilege escalation, Kerberos attacks, token impersonation, and lateral movement.
  • Utilized Cobalt Strike malleable C2 profiles and modifications to the Artifact Kit to evade Windows Defender.
Cobalt Strike Red Teaming Evasion
Security+ SY0-601
January 2024 – January 2027
  • Demonstrated understanding of core security concepts, including confidentiality, integrity, and availability (CIA triad).
  • Gained knowledge of security policies, frameworks (e.g., NIST, ISO), and regulatory compliance.
  • Learned about access control, identity management, and cryptographic protocols.
CIA Triad NIST IAM

Leadership / Clubs

Students with an Interest in the Future of Technology · Academy Director
April 2024 – May 2025
  • Managed and coordinated weekly technical security content to educate an audience of over 50 university students.
  • Led a presentation and workshop on SIEMs, utilizing Wazuh to view host and network logs, integrated with VirusTotal.
  • Developed an intentionally vulnerable Windows environment and configured Sliver C2 to teach students about red teaming topics.
  • Mentored students and competition teams to improve technical skills in defensive security.
Leadership Public Speaking Presenting
← Back to Home