diff --git a/Phillip_Tarrant_Resume_2026.docx b/Phillip_Tarrant_Resume_2026.docx index 05b1787..e02932d 100644 Binary files a/Phillip_Tarrant_Resume_2026.docx and b/Phillip_Tarrant_Resume_2026.docx differ diff --git a/Phillip_Tarrant_Resume_2026.pdf b/Phillip_Tarrant_Resume_2026.pdf index 3a4042a..e6f6f58 100644 Binary files a/Phillip_Tarrant_Resume_2026.pdf and b/Phillip_Tarrant_Resume_2026.pdf differ diff --git a/build_resume.sh b/build_resume.sh new file mode 100755 index 0000000..1390b57 --- /dev/null +++ b/build_resume.sh @@ -0,0 +1,58 @@ +#!/usr/bin/env bash +# Build the resume: regenerate the .docx from resume.json, render a .pdf via +# OnlyOffice's headless x2t converter, and ENFORCE a hard 3-page maximum. +# Exits non-zero (and deletes the stale PDF) if the render exceeds MAX_PAGES. +set -euo pipefail + +cd "$(dirname "$0")" + +MAX_PAGES=3 +DOCX="Phillip_Tarrant_Resume_$(date +%Y).docx" +PDF="Phillip_Tarrant_Resume_$(date +%Y).pdf" + +OO=/opt/onlyoffice/desktopeditors +X2T="$OO/converter/x2t" +# Font cache generated by the OnlyOffice desktop app (x2t needs it; the bundled +# converter ships without one and crashes otherwise). +FONTS="$HOME/.local/share/onlyoffice/desktopeditors/data/fonts" + +# --- 1. Generate the .docx from resume.json --- +node generate_resume.js + +# --- 2. Render .docx -> .pdf via x2t --- +if [[ ! -x "$X2T" ]]; then + echo "ERROR: OnlyOffice x2t not found at $X2T — cannot render/verify pages." >&2 + exit 3 +fi +if [[ ! -f "$FONTS/AllFonts.js" ]]; then + echo "ERROR: OnlyOffice font cache missing at $FONTS/AllFonts.js." >&2 + echo " Open the OnlyOffice desktop app once to generate it, then re-run." >&2 + exit 3 +fi + +TMP="$(mktemp -d)" +trap 'rm -rf "$TMP"' EXIT +cat > "$TMP/conv.xml" < + + $PWD/$DOCX + $PWD/$PDF + 513 + $FONTS + $FONTS/AllFonts.js + $OO/editors/sdkjs/slide/themes + $TMP + +XML + +( cd "$OO/converter" && LD_LIBRARY_PATH="$OO/converter:$OO" "$X2T" "$TMP/conv.xml" ) + +# --- 3. Enforce the page limit --- +PAGES="$(pdfinfo "$PDF" | awk '/^Pages:/ {print $2}')" +echo "Rendered $PDF — $PAGES page(s)." +if (( PAGES > MAX_PAGES )); then + echo "ERROR: resume is $PAGES pages, exceeds the $MAX_PAGES-page limit. Trim content." >&2 + rm -f "$PDF" + exit 1 +fi +echo "OK: within the $MAX_PAGES-page limit. Built $DOCX and $PDF." diff --git a/generate_resume.js b/generate_resume.js index 4b392bd..506bfb7 100644 --- a/generate_resume.js +++ b/generate_resume.js @@ -1,7 +1,7 @@ const fs = require('fs'); const { Document, Packer, Paragraph, TextRun, AlignmentType, - HeadingLevel, LevelFormat, ExternalHyperlink, BorderStyle + HeadingLevel, LevelFormat, ExternalHyperlink, BorderStyle, PageBreak } = require('docx'); // ============================================ @@ -21,7 +21,7 @@ const resumeData = JSON.parse(fs.readFileSync(INPUT_FILE, 'utf8')); function createBulletParagraph(text, reference) { return new Paragraph({ numbering: { reference: reference, level: 0 }, - spacing: { after: 60 }, + spacing: { after: 40 }, children: [new TextRun({ text: text, size: 22, font: "Arial" })] }); } @@ -29,7 +29,9 @@ function createBulletParagraph(text, reference) { // Format date from YYYY-MM to "Mon YYYY" function formatDate(dateStr) { if (!dateStr) return ''; - const date = new Date(dateStr + '-01'); + // Build from explicit parts so the date is local-time (avoids UTC-parse month shift) + const [year, month] = dateStr.split('-').map(Number); + const date = new Date(year, (month || 1) - 1, 1); return date.toLocaleDateString('en-US', { month: 'short', year: 'numeric' }); } @@ -109,7 +111,7 @@ children.push(new Paragraph({ // --- CAREER EXPERIENCE SECTION --- children.push(new Paragraph({ - spacing: { before: 120, after: 200 }, + spacing: { before: 80, after: 120 }, children: [new TextRun({ text: "Career Experience", bold: true, @@ -128,7 +130,7 @@ resumeData.work.forEach((job, index) => { // Job title and company children.push(new Paragraph({ - spacing: { before: 160, after: 60 }, + spacing: { before: 120, after: 40 }, children: [ new TextRun({ text: job.position, @@ -153,7 +155,7 @@ resumeData.work.forEach((job, index) => { // Job summary if (job.summary) { children.push(new Paragraph({ - spacing: { after: 100 }, + spacing: { after: 60 }, children: [new TextRun({ text: job.summary, size: 22, @@ -170,12 +172,12 @@ resumeData.work.forEach((job, index) => { } // Spacing after each job - children.push(new Paragraph({ spacing: { after: 120 }, children: [] })); + children.push(new Paragraph({ spacing: { after: 60 }, children: [] })); }); // --- EDUCATION, CERTIFICATIONS, AND AWARDS SECTION --- children.push(new Paragraph({ - spacing: { before: 200, after: 160 }, + spacing: { before: 120, after: 100 }, children: [new TextRun({ text: "Education, Certifications, and Awards", bold: true, @@ -187,7 +189,7 @@ children.push(new Paragraph({ // Certificates if (resumeData.certificates) { resumeData.certificates.forEach(cert => { - const year = cert.date ? new Date(cert.date).getFullYear() : ''; + const year = cert.date ? cert.date.slice(0, 4) : ''; children.push(new Paragraph({ spacing: { after: 60 }, children: [ @@ -215,7 +217,7 @@ if (resumeData.certificates) { // Awards if (resumeData.awards) { resumeData.awards.forEach(award => { - const year = award.date ? new Date(award.date).getFullYear() : ''; + const year = award.date ? award.date.slice(0, 4) : ''; children.push(new Paragraph({ spacing: { after: 60 }, children: [ @@ -294,7 +296,7 @@ if (resumeData.education) { // --- TECHNICAL SKILLS SECTION --- children.push(new Paragraph({ - spacing: { before: 200, after: 160 }, + spacing: { before: 120, after: 100 }, children: [new TextRun({ text: "Technical Skills", bold: true, diff --git a/resume.json b/resume.json index 3b85c9b..8e61852 100644 --- a/resume.json +++ b/resume.json @@ -2,11 +2,11 @@ "$schema": "https://raw.githubusercontent.com/jsonresume/resume-schema/v1.0.0/schema.json", "basics": { "name": "Phillip Tarrant", - "label": "Director, Detection Engineering & Threat Hunting | Security Automation & AI Leader", + "label": "Principal Security Engineer | Security Automation & AI Engineering", "email": "ptarrant@gmail.com", "phone": "(706) 294-6733", "url": "https://www.linkedin.com/in/phillip-tarrant-cyber", - "summary": "Security leader with 20+ years of experience building and leading detection engineering, threat hunting, and SOC operations across MSSP and enterprise environments. Proven director-level track record managing multiple large teams, restructuring SOC workflows, and scaling detection and response programs. Deep technical foundation in digital forensics, malware reversing, incident response, and threat hunting with and without AI integration. Led MSSP operations for 50+ business clients encompassing 150,000+ assets and 1 million+ users. Experienced AI and automation leader with expertise in SOAR engineering, prompt engineering, LLM integration, AI security and guardrails, and deploying AI-driven detection solutions in secure, regulated environments.", + "summary": "Principal-level security engineer with 20+ years building detection and AI-driven automation across MSSP and enterprise environments. Ships production tooling end to end — custom SOAR platforms and LLM triage pipelines; built automation that closed 47% of 3,500 weekly tickets with no human touch. Deep DFIR and threat-hunting roots, now focused on applied AI security.", "location": { "city": "Morrison", "region": "TN", @@ -26,13 +26,13 @@ "position": "Principal Security Engineer", "location": "Remote", "startDate": "2026-03", - "summary": "Lead engineer owning security automation, AI development, and SIEM/logging strategy for the enterprise security program; drive detection engineering, threat hunting tooling, and analyst enablement while advising leadership on strategic security investments.", + "summary": "Lead engineer owning security automation, AI development, and SIEM/logging strategy for the enterprise security program; build detection engineering and threat hunting tooling while setting technical direction for the team.", "highlights": [ - "Own enterprise security automation, AI development, and SIEM/logging strategy across the security program", - "Architected and built a custom SOAR web application from the ground up — 20+ automated response actions unifying detection, reporting, and response across Microsoft 365, CrowdStrike, Google SecOps, and ReliaQuest data sources", - "Engineered a 'user activity tracker' that accelerates incident triage and proactive threat hunting across enterprise telemetry", + "Architected and built a custom SOAR web application from the ground up — 20+ automated response actions unifying detection, reporting, and response across Microsoft 365, CrowdStrike, Google SecOps, and ReliaQuest", + "Engineered a 'user activity tracker' that correlates enterprise telemetry to accelerate incident triage and proactive threat hunting", "Automated end-to-end quarantine email release across Microsoft 365 and Abnormal, cutting analyst response time on phishing and malicious mail", - "Mentor 2 junior engineers on a lean 5-person security team in secure coding and cybersecurity-forward AI usage; advise senior leadership on strategic detection engineering and security investments" + "Own enterprise security automation, AI development, and SIEM/logging architecture across the security program", + "Set secure-coding and cybersecurity-forward AI usage standards; mentor engineers and advise leadership on detection engineering investments" ] }, { @@ -41,12 +41,12 @@ "location": "Remote", "startDate": "2025-01", "endDate": "2026-03", - "summary": "Contract consulting role providing cybersecurity leadership and technical expertise.", + "summary": "Contract consulting role delivering hands-on security engineering, SOC operations, and vulnerability management for defense, fintech, and MSSP clients.", "highlights": [ - "Managing SOC operations for US Defense Space market supplier across multiple Microsoft tenants", - "Managed Vulnerability Management Program for one of the largest fintech clients in the US using Qualys", - "Director role at MSSP restructuring SOC flow and training SOC staff", - "Designing secure architectures and providing compliance guidance (HIPAA, PCI-DSS, GDPR, NIST 800-53)" + "Ran SOC operations for a US Defense Space market supplier across multiple Microsoft tenants", + "Managed the Vulnerability Management Program for one of the largest US fintech clients using Qualys", + "Restructured SOC workflow and trained analysts at an MSSP", + "Designed secure architectures and provided compliance guidance (HIPAA, PCI-DSS, GDPR, NIST 800-53)" ] }, { @@ -55,15 +55,14 @@ "location": "Tampa/Doral, Florida", "startDate": "2021-01", "endDate": "2024-12", - "summary": "Progressive leadership roles managing SOC operations, Red Team, AI development, and security automation for MSSP clients.", + "summary": "Progressive technical and leadership roles culminating in Director of Automation, owning AI development and security automation for MSSP clients.", "highlights": [ - "Grew SOC client base from 16 to 52 customers; improved profitability from 18% to 52% margin", - "Built automation handling 3,500 tickets weekly with 47% closed without human involvement", - "Managed team of 17 direct reports across SOC, Red Team, and DFIR engagements", - "Oversaw all AI development in a secure MSSP environment, building AI-powered security automation using Python, AWS Lambda, LLMs, and SOAR platforms", - "Designed and implemented prompt engineering frameworks and AI guardrails to ensure safe, accurate, and auditable AI outputs in production security workflows", + "Built automation handling 3,500 tickets weekly, closing 47% without human involvement", + "Owned all AI development in a secure MSSP environment — AI-powered security automation using Python, AWS Lambda, LLMs, and SOAR platforms", + "Designed prompt engineering frameworks and AI guardrails ensuring safe, accurate, auditable AI outputs in production security workflows", "Built RAG-based knowledge systems and LLM-driven triage pipelines for automated threat classification and analyst augmentation", - "Established AI governance policies including model evaluation, output validation, and security controls for LLM deployments" + "Established AI governance including model evaluation, output validation, and security controls for LLM deployments", + "Grew SOC client base from 16 to 52 customers and improved margin from 18% to 52% while leading a 17-person SOC, Red Team, and DFIR org" ] }, { @@ -72,10 +71,10 @@ "location": "Alpharetta, Georgia", "startDate": "2020-04", "endDate": "2021-01", - "summary": "Responsible for security architecture, training programs, and compliance across the organization.", + "summary": "Owned security architecture, detection tooling, and compliance across the organization.", "highlights": [ - "Steered organization through PCI and NIST 800 series audits", - "Created custom tools to automate attacks against infrastructure and design detections", + "Steered the organization through PCI and NIST 800 series audits", + "Built custom tools to automate attacks against infrastructure and engineer matching detections", "Saved $10,000+ through effective vendor/supplier negotiations" ] }, @@ -85,32 +84,19 @@ "location": "Marietta, Georgia", "startDate": "2018-08", "endDate": "2020-04", - "summary": "Incident Response/Digital Forensics lead, promoted to Architecture and Automation Team.", + "summary": "Incident Response/Digital Forensics lead, promoted to the Architecture and Automation Team.", "highlights": [ - "Lead investigator on critical incidents; managed multi-server compromise investigations across three teams", - "Led Malware Analysis in sandboxed environments; mentored junior analysts", - "Designed security data flow pipelines and automated SOC triage tools" - ] - }, - { - "name": "The National Wild Turkey Federation", - "position": "Technical Services Manager", - "location": "Edgefield, South Carolina", - "startDate": "2015-10", - "endDate": "2018-08", - "summary": "Managed IT team supporting 300+ staff members with focus on infrastructure and security.", - "highlights": [ - "Managed team of 8 technicians and developers supporting 300+ staff members", - "Migrated 3rd party tools to in-house solutions saving $50,000+ yearly", - "Managed security of entire web presence including network and application code" + "Lead investigator on critical incidents; ran multi-server compromise investigations across three teams", + "Led malware analysis in sandboxed environments and mentored junior analysts", + "Designed security data flow pipelines and automated SOC triage tooling" ] }, { "name": "Earlier Experience", - "position": "IT & Systems Administration Roles", + "position": "IT Leadership & Systems Administration Roles", "startDate": "1999-01", - "endDate": "2015-01", - "summary": "Progressive IT roles including Network/Server Administrator at NWTF, System Administrator at Morgan Thermal Ceramics, IT Coordinator at Briarwood Academy, and Technical Support at Sitel Group." + "endDate": "2018-08", + "summary": "Progressive IT and technical leadership roles, including Technical Services Manager at the National Wild Turkey Federation — led 8 technicians and developers supporting 300+ staff, saved $50,000+/year migrating 3rd-party tools in-house, and owned web/network/application security. Earlier: Network/Server Administrator at NWTF, System Administrator at Morgan Thermal Ceramics, IT Coordinator at Briarwood Academy, and Technical Support at Sitel Group." } ], "education": [ @@ -150,6 +136,23 @@ } ], "skills": [ + { + "name": "AI/ML Engineering & Automation", + "level": "Expert", + "keywords": [ + "LLM Integration", + "RAG Systems", + "Prompt Engineering", + "Agentic AI", + "AI Security & Guardrails", + "AI Governance", + "Model Evaluation", + "AWS Bedrock", + "AWS Lambda", + "Python Automation", + "Custom SOAR Development" + ] + }, { "name": "Security Operations, SIEM & SOAR", "level": "Expert", @@ -165,58 +168,42 @@ "Swimlane", "D3 SOAR", "Torq", - "Custom SOAR Development", "Playbook Development" ] }, { - "name": "Threat Detection, DFIR & Red Team", + "name": "Detection Engineering, DFIR & Red Team", "level": "Expert", "keywords": [ + "Detection Engineering", + "Threat Hunting", + "Malware Analysis", + "Incident Response", + "Volatility", "Darktrace", "Tanium", "Vectra", "FireEye", - "Volatility", - "Malware Analysis", - "Incident Response", - "Detection Engineering", - "Threat Hunting", "Abnormal Security", "Metasploit", "Purple Team" ] }, - { - "name": "AI/ML & Automation", - "level": "Expert", - "keywords": [ - "AWS Bedrock", - "LLMs", - "RAG", - "Prompt Engineering", - "AI Security & Guardrails", - "AI Governance", - "Agentic AI", - "Model Evaluation", - "Python Automation" - ] - }, { "name": "Cloud, Infrastructure & Programming", "level": "Advanced", "keywords": [ + "Python", + "PowerShell", + "Bash", "AWS", "Azure", "Oracle Cloud", - "Windows Server", - "Linux/UNIX", - "Active Directory", "Docker", "Kubernetes", - "Python", - "PowerShell", - "Bash" + "Windows Server", + "Linux/UNIX", + "Active Directory" ] }, { @@ -231,14 +218,14 @@ ] }, { - "name": "Leadership & Management", + "name": "Leadership & Mentorship", "level": "Expert", "keywords": [ - "Team Leadership (17+ reports)", + "Technical Leadership", + "Engineer Mentorship", "MSSP Operations", - "Budget Management", - "Vendor Negotiations", - "Training & Mentorship" + "Team Leadership (17+ reports)", + "Vendor Negotiations" ] } ], @@ -251,6 +238,6 @@ "meta": { "theme": "elegant", "version": "v1.0.0", - "lastModified": "2026-06-23" + "lastModified": "2026-07-06" } }