ptarrant/resume
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Phillip Tarrant
2025-12-08 11:50:36 -06:00
commit c2cee5c708
19 changed files with 1492 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

401
resume.json Normal file
View File

@@ -0,0 +1,401 @@
{
"$schema": "https://raw.githubusercontent.com/jsonresume/resume-schema/v1.0.0/schema.json",
"basics": {
"name": "Phillip Tarrant",
"label": "Cybersecurity Director | Automation Leader",
"email": "ptarrant@gmail.com",
"phone": "(706) 294-6733",
"url": "https://www.linkedin.com/in/phillip-tarrant-cyber",
"summary": "Accomplished and analytical professional with 20+ years of experience in cybersecurity, server infrastructures, and data-center operations. Proven expertise in Cyber Operations, digital forensics, penetration testing, information system management, malware reversing, threat detection, and threat hunting with and without AI integration. Proactive leader with a proven record of managing multiple large teams and leading the charge to complete project goals. Managed MSSP operations for 50+ large business clients encompassing over 150,000 assets and 1 million+ users.",
"location": {
"city": "Morrison",
"region": "TN",
"countryCode": "US"
},
"profiles": [
{
"network": "LinkedIn",
"username": "phillip-tarrant-cyber",
"url": "https://www.linkedin.com/in/phillip-tarrant-cyber"
}
]
},
"work": [
{
"name": "Confidential",
"position": "Senior Information Security Consultant",
"location": "Remote",
"startDate": "2025-01",
"summary": "Contract consulting role providing cybersecurity leadership and technical expertise.",
"highlights": [
"Develop, design, and review risk assessments and vulnerability scans of client networks and systems",
"Developing and implementing robust security controls and countermeasures to mitigate identified risks",
"Designing and deploying secure architectures for cloud, on-premises, and hybrid environments",
"Providing guidance on compliance with industry regulations (HIPAA, PCI-DSS, GDPR, NIST 800-53)",
"Collaborating with clients to develop and implement incident response and disaster recovery plans",
"Conducting regular security audits and assessments to ensure ongoing compliance and security posture",
"Director role at MSSP restructuring SOC flow and training SOC Staff",
"Managed Vulnerability Management Program for one of the largest fintech client in the US using Qualys",
"Currently managing SOC operations for US Defense Space market supplier across multiple Microsoft tenants"
]
},
{
"name": "Compuquip Cybersecurity",
"position": "Director of Automation",
"location": "Doral, Florida",
"startDate": "2024-06",
"endDate": "2024-12",
"summary": "Lead the Automation Team to deliver the automation needs of the business.",
"highlights": [
"Spearheaded new automation processes and procedures including standup of new architecture and infrastructure",
"Drove and mentored the team in new Automation workflows using Python, AWS Lambda and SOAR technology",
"Developed custom AI processes to handle several key business needs using custom prompts and data",
"Built automation handling 3,500 tickets weekly with 47% closed without human involvement",
"Designed, programmed, and deployed AI tools, prompts, code, and logic for security automation"
]
},
{
"name": "Compuquip Cybersecurity",
"position": "SOC Director",
"location": "Doral, Florida",
"startDate": "2023-03",
"endDate": "2024-06",
"summary": "Directed Security Operations Center and Red Team operations for MSSP clients.",
"highlights": [
"Grew SOC client base from 16 to 52 customers over tenure with expansion of services",
"Improved SOC profitability from 18% to 52% margin (80% in one quarter) contributing to 15% annual net income growth",
"Directly managed team of 17 reports",
"Oversaw Red team / Offensive Security Teams and Managed Remediation Service projects",
"Managed DFIR engagements, MDR services, Proactive Vulnerability Scanning, Patching, and Pentesting",
"Maintained situational awareness reports for advanced threats (APT and FO incidents)",
"Part of leadership team with COO/CEO/CFO involved in quarterly strategic planning"
]
},
{
"name": "Compuquip Cybersecurity",
"position": "SOC Technical Manager",
"location": "Tampa, Florida",
"startDate": "2021-01",
"endDate": "2023-03",
"summary": "Managed SOC Operations and led incident research and engineering teams.",
"highlights": [
"Authored SOPs and training documentation for SOC team",
"Lead Incident Research and mentored SOC Engineers",
"Developed threat trend analysis reports and metrics",
"Managed SOC Operations and developed SOC playbooks/workflows",
"Generated end-of-month reports for managers and customers",
"Maintained situational awareness reports for advanced threats"
]
},
{
"name": "Travel Syndication Technology (TST)",
"position": "Sr. Cyber Security Architect",
"location": "Alpharetta, Georgia",
"startDate": "2020-04",
"endDate": "2021-01",
"summary": "Responsible for security architecture, training programs, and compliance across the organization.",
"highlights": [
"Formulated and oversaw phishing and developer security training programs",
"Developed and maintained cloud security protections and security posture",
"Created custom tools to automate attacks against infrastructure and design detections",
"Saved $10,000+ through effective vendor/supplier negotiations",
"Steered organization through PCI and NIST 800 series audits",
"Devised, created, and upgraded cybersecurity related policies and procedures",
"Designed and implemented automated security verification and attack programs"
]
},
{
"name": "Intercontinental Exchange",
"position": "Senior Cyber Security Engineer",
"location": "Marietta, Georgia",
"startDate": "2020-03",
"endDate": "2020-04",
"summary": "Part of the Architecture and Automation Team focused on security data flow and automation.",
"highlights": [
"Designed and maintained security data flow from network endpoints through aggregation, parsing, and storage",
"Created methods, processes, and algorithms to extract knowledge from structured/unstructured data",
"Designed custom tools to automate SOC triage and response activities",
"Incorporated security into infrastructure CI/CD pipelines including cloud technologies",
"Formulated vulnerability and threat hunting dashboard for tracking and mitigation"
]
},
{
"name": "Intercontinental Exchange",
"position": "Cyber Security Engineer",
"location": "Marietta, Georgia",
"startDate": "2018-08",
"endDate": "2020-03",
"summary": "Part of the Incident Response / Digital Forensics Team as lead investigator.",
"highlights": [
"Served as lead investigator on critical incidents with thorough investigations",
"Created extensive documentation on processes and procedures for the entire IR team",
"Served as leader in Malware Analysis in isolated sandboxed environments",
"Developed skills of junior agents including custom malware writing through training",
"Managed multi-server compromise investigations coordinating across three teams and time zones"
]
},
{
"name": "The National Wild Turkey Federation",
"position": "Technical Services Manager",
"location": "Edgefield, South Carolina",
"startDate": "2015-10",
"endDate": "2018-08",
"summary": "Managed IT team supporting 300+ staff members with focus on infrastructure and security.",
"highlights": [
"Managed team of technicians and developers facilitating 300+ staff members",
"Oversaw 8 direct reports with performance management responsibilities",
"Conducted vendor/supplier negotiations to minimize costs",
"Managed security of entire web presence including network and programming code",
"Efficiently managed doubling of server space and usage",
"Migrated 3rd party tools to in-house solutions saving $50,000+ yearly"
]
},
{
"name": "The National Wild Turkey Federation",
"position": "Network / Server Administrator",
"location": "Edgefield, South Carolina",
"startDate": "2015-01",
"endDate": "2015-10",
"summary": "Managed Windows and Linux server environments with focus on infrastructure and automation.",
"highlights": [
"Designed, managed, and monitored infrastructure systems (LANs, WANs, Security)",
"Developed and maintained process automation through scripting and programming",
"Administered servers, computers, printers, routers, switches, firewalls, and phones",
"Spearheaded performance tuning, hardware upgrades, and resource optimization"
]
},
{
"name": "Morgan Thermal Ceramics",
"position": "System Administrator",
"location": "Augusta, Georgia",
"startDate": "2014-10",
"endDate": "2014-12",
"summary": "Contract role managing network support and infrastructure upgrades.",
"highlights": [
"Managed network support and upgrades including fiber optic link installation",
"Served key role implementing 35 managed switches with several VLANs",
"Resolved major data outage in main switch room without assistance",
"Completed three-month contract in one month",
"Developed automated cloning system to minimize cost and speed deployment"
]
},
{
"name": "Briarwood Academy",
"position": "IT Coordinator / Network Administrator / System Administrator",
"location": "Warrenton, Georgia",
"startDate": "2006-08",
"endDate": "2014-04",
"summary": "Oversaw IT department budgets and deployment strategies for the school.",
"highlights": [
"Oversaw budgets and deployment strategies for entire IT department",
"Administered servers, desktop computers, printers, routers, switches, firewalls",
"Shifted all servers from physical to virtual to save space and minimize costs",
"Rolled out wireless for entire campus comprising several acres",
"Negotiated and delivered fiber link for the school free of charge",
"Managed Linux NAS storage solutions for 200+ workstations"
]
},
{
"name": "Pronet",
"position": "Computer Service Technician",
"location": "Georgia",
"startDate": "2005-05",
"endDate": "2006-08",
"summary": "IT expert for hire in block time situations and emergency disaster recovery."
},
{
"name": "Sitel Group",
"position": "Tier 3 Support",
"startDate": "1999-05",
"endDate": "2001-05",
"summary": "Assisted Tier 2 technicians with customer service issues and tested new developing technologies."
}
],
"education": [
{
"institution": "Virginia College",
"area": "Network Administration",
"studyType": "Associate",
"startDate": "2014",
"endDate": "2016",
"score": "4.0",
"courses": []
}
],
"certificates": [
{
"name": "GWAPT - Web Application Penetration Tester",
"issuer": "GIAC",
"date": "2020-01-01"
},
{
"name": "GCFA - Forensic Analyst",
"issuer": "GIAC",
"date": "2019-01-01"
},
{
"name": "GCIH - Incident Handler",
"issuer": "GIAC",
"date": "2018-01-01"
},
{
"name": "A+ Certification",
"issuer": "CompTIA",
"date": "2001-01-01"
}
],
"awards": [
{
"title": "Lethal Forensicator Coin Winner",
"awarder": "SANS/GIAC",
"date": "2019-01-01",
"summary": "SANS Challenge Coin for excellence in digital forensics"
}
],
"skills": [
{
"name": "Security Operations & SIEM",
"level": "Expert",
"keywords": [
"Splunk",
"ELK Stack",
"Microsoft Sentinel",
"Microsoft Defender",
"Sentinel One",
"Rapid7 IDR",
"Stellar Cyber"
]
},
{
"name": "SOAR Platforms",
"level": "Expert",
"keywords": [
"Swimlane",
"D3 SOAR",
"Torq",
"Playbook Development",
"Workflow Automation"
]
},
{
"name": "EDR & Threat Detection",
"level": "Expert",
"keywords": [
"Darktrace",
"Tanium",
"Vectra",
"FireEye",
"Sentinel One",
"Detection Engineering"
]
},
{
"name": "DFIR & Forensics",
"level": "Expert",
"keywords": [
"Volatility",
"Malware Analysis",
"Reverse Engineering",
"Incident Response",
"Evidence Collection",
"Multi-host Investigation"
]
},
{
"name": "Penetration Testing & Red Team",
"level": "Advanced",
"keywords": [
"Metasploit",
"Web Application Security",
"Attack Simulation",
"Red Team Oversight",
"Purple Team Testing",
"Vulnerability Assessment"
]
},
{
"name": "Cloud Platforms & Security",
"level": "Advanced",
"keywords": [
"AWS",
"Azure",
"Oracle Cloud",
"Lambda",
"EC2",
"Cloud Security Architecture",
"Hybrid Environments"
]
},
{
"name": "AI/ML & Automation",
"level": "Advanced",
"keywords": [
"AWS Bedrock",
"Large Language Models",
"RAG",
"Machine Learning",
"Python Automation",
"Custom Tool Development"
]
},
{
"name": "Programming & Scripting",
"level": "Advanced",
"keywords": [
"Python",
"PowerShell",
"Bash",
"SQL",
"YAML"
]
},
{
"name": "Infrastructure & Systems",
"level": "Expert",
"keywords": [
"Windows Server",
"Linux/UNIX",
"Active Directory",
"VMware",
"Docker",
"Kubernetes",
"Network Architecture"
]
},
{
"name": "Compliance & Frameworks",
"level": "Advanced",
"keywords": [
"NIST 800-53",
"PCI-DSS",
"HIPAA",
"GDPR",
"CIS Benchmarks",
"Security Audits"
]
},
{
"name": "Leadership & Management",
"level": "Expert",
"keywords": [
"Team Leadership (17+ reports)",
"MSSP Operations",
"Budget Management",
"Vendor Negotiations",
"Training Programs",
"Hiring & Mentorship"
]
}
],
"languages": [
{
"language": "English",
"fluency": "Native speaker"
}
],
"meta": {
"theme": "elegant",
"version": "v1.0.0",
"lastModified": "2025-12-08"
}
}