Refocus resume as Principal Security Engineer; tighten to 2 pages
- Reposition summary and skills toward hands-on AI + automation (IC track); lead skills with AI/ML Engineering, demote leadership - Condense summary to lead with a hard metric (47% of 3,500 weekly tickets) - Fold NWTF role into Earlier Experience to fit 2 pages - Add build_resume.sh: regenerate docx, render PDF via OnlyOffice x2t, and enforce a hard 3-page maximum - Fix timezone off-by-one in work dates and cert/award years Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Binary file not shown.
Binary file not shown.
58
build_resume.sh
Executable file
58
build_resume.sh
Executable file
@@ -0,0 +1,58 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# Build the resume: regenerate the .docx from resume.json, render a .pdf via
|
||||||
|
# OnlyOffice's headless x2t converter, and ENFORCE a hard 3-page maximum.
|
||||||
|
# Exits non-zero (and deletes the stale PDF) if the render exceeds MAX_PAGES.
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
|
MAX_PAGES=3
|
||||||
|
DOCX="Phillip_Tarrant_Resume_$(date +%Y).docx"
|
||||||
|
PDF="Phillip_Tarrant_Resume_$(date +%Y).pdf"
|
||||||
|
|
||||||
|
OO=/opt/onlyoffice/desktopeditors
|
||||||
|
X2T="$OO/converter/x2t"
|
||||||
|
# Font cache generated by the OnlyOffice desktop app (x2t needs it; the bundled
|
||||||
|
# converter ships without one and crashes otherwise).
|
||||||
|
FONTS="$HOME/.local/share/onlyoffice/desktopeditors/data/fonts"
|
||||||
|
|
||||||
|
# --- 1. Generate the .docx from resume.json ---
|
||||||
|
node generate_resume.js
|
||||||
|
|
||||||
|
# --- 2. Render .docx -> .pdf via x2t ---
|
||||||
|
if [[ ! -x "$X2T" ]]; then
|
||||||
|
echo "ERROR: OnlyOffice x2t not found at $X2T — cannot render/verify pages." >&2
|
||||||
|
exit 3
|
||||||
|
fi
|
||||||
|
if [[ ! -f "$FONTS/AllFonts.js" ]]; then
|
||||||
|
echo "ERROR: OnlyOffice font cache missing at $FONTS/AllFonts.js." >&2
|
||||||
|
echo " Open the OnlyOffice desktop app once to generate it, then re-run." >&2
|
||||||
|
exit 3
|
||||||
|
fi
|
||||||
|
|
||||||
|
TMP="$(mktemp -d)"
|
||||||
|
trap 'rm -rf "$TMP"' EXIT
|
||||||
|
cat > "$TMP/conv.xml" <<XML
|
||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<TaskQueueDataConvert xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
|
||||||
|
<m_sFileFrom>$PWD/$DOCX</m_sFileFrom>
|
||||||
|
<m_sFileTo>$PWD/$PDF</m_sFileTo>
|
||||||
|
<m_nFormatTo>513</m_nFormatTo>
|
||||||
|
<m_sFontDir>$FONTS</m_sFontDir>
|
||||||
|
<m_sAllFontsPath>$FONTS/AllFonts.js</m_sAllFontsPath>
|
||||||
|
<m_sThemeDir>$OO/editors/sdkjs/slide/themes</m_sThemeDir>
|
||||||
|
<m_sTempDir>$TMP</m_sTempDir>
|
||||||
|
</TaskQueueDataConvert>
|
||||||
|
XML
|
||||||
|
|
||||||
|
( cd "$OO/converter" && LD_LIBRARY_PATH="$OO/converter:$OO" "$X2T" "$TMP/conv.xml" )
|
||||||
|
|
||||||
|
# --- 3. Enforce the page limit ---
|
||||||
|
PAGES="$(pdfinfo "$PDF" | awk '/^Pages:/ {print $2}')"
|
||||||
|
echo "Rendered $PDF — $PAGES page(s)."
|
||||||
|
if (( PAGES > MAX_PAGES )); then
|
||||||
|
echo "ERROR: resume is $PAGES pages, exceeds the $MAX_PAGES-page limit. Trim content." >&2
|
||||||
|
rm -f "$PDF"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo "OK: within the $MAX_PAGES-page limit. Built $DOCX and $PDF."
|
||||||
@@ -1,7 +1,7 @@
|
|||||||
const fs = require('fs');
|
const fs = require('fs');
|
||||||
const {
|
const {
|
||||||
Document, Packer, Paragraph, TextRun, AlignmentType,
|
Document, Packer, Paragraph, TextRun, AlignmentType,
|
||||||
HeadingLevel, LevelFormat, ExternalHyperlink, BorderStyle
|
HeadingLevel, LevelFormat, ExternalHyperlink, BorderStyle, PageBreak
|
||||||
} = require('docx');
|
} = require('docx');
|
||||||
|
|
||||||
// ============================================
|
// ============================================
|
||||||
@@ -21,7 +21,7 @@ const resumeData = JSON.parse(fs.readFileSync(INPUT_FILE, 'utf8'));
|
|||||||
function createBulletParagraph(text, reference) {
|
function createBulletParagraph(text, reference) {
|
||||||
return new Paragraph({
|
return new Paragraph({
|
||||||
numbering: { reference: reference, level: 0 },
|
numbering: { reference: reference, level: 0 },
|
||||||
spacing: { after: 60 },
|
spacing: { after: 40 },
|
||||||
children: [new TextRun({ text: text, size: 22, font: "Arial" })]
|
children: [new TextRun({ text: text, size: 22, font: "Arial" })]
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
@@ -29,7 +29,9 @@ function createBulletParagraph(text, reference) {
|
|||||||
// Format date from YYYY-MM to "Mon YYYY"
|
// Format date from YYYY-MM to "Mon YYYY"
|
||||||
function formatDate(dateStr) {
|
function formatDate(dateStr) {
|
||||||
if (!dateStr) return '';
|
if (!dateStr) return '';
|
||||||
const date = new Date(dateStr + '-01');
|
// Build from explicit parts so the date is local-time (avoids UTC-parse month shift)
|
||||||
|
const [year, month] = dateStr.split('-').map(Number);
|
||||||
|
const date = new Date(year, (month || 1) - 1, 1);
|
||||||
return date.toLocaleDateString('en-US', { month: 'short', year: 'numeric' });
|
return date.toLocaleDateString('en-US', { month: 'short', year: 'numeric' });
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -109,7 +111,7 @@ children.push(new Paragraph({
|
|||||||
|
|
||||||
// --- CAREER EXPERIENCE SECTION ---
|
// --- CAREER EXPERIENCE SECTION ---
|
||||||
children.push(new Paragraph({
|
children.push(new Paragraph({
|
||||||
spacing: { before: 120, after: 200 },
|
spacing: { before: 80, after: 120 },
|
||||||
children: [new TextRun({
|
children: [new TextRun({
|
||||||
text: "Career Experience",
|
text: "Career Experience",
|
||||||
bold: true,
|
bold: true,
|
||||||
@@ -128,7 +130,7 @@ resumeData.work.forEach((job, index) => {
|
|||||||
|
|
||||||
// Job title and company
|
// Job title and company
|
||||||
children.push(new Paragraph({
|
children.push(new Paragraph({
|
||||||
spacing: { before: 160, after: 60 },
|
spacing: { before: 120, after: 40 },
|
||||||
children: [
|
children: [
|
||||||
new TextRun({
|
new TextRun({
|
||||||
text: job.position,
|
text: job.position,
|
||||||
@@ -153,7 +155,7 @@ resumeData.work.forEach((job, index) => {
|
|||||||
// Job summary
|
// Job summary
|
||||||
if (job.summary) {
|
if (job.summary) {
|
||||||
children.push(new Paragraph({
|
children.push(new Paragraph({
|
||||||
spacing: { after: 100 },
|
spacing: { after: 60 },
|
||||||
children: [new TextRun({
|
children: [new TextRun({
|
||||||
text: job.summary,
|
text: job.summary,
|
||||||
size: 22,
|
size: 22,
|
||||||
@@ -170,12 +172,12 @@ resumeData.work.forEach((job, index) => {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Spacing after each job
|
// Spacing after each job
|
||||||
children.push(new Paragraph({ spacing: { after: 120 }, children: [] }));
|
children.push(new Paragraph({ spacing: { after: 60 }, children: [] }));
|
||||||
});
|
});
|
||||||
|
|
||||||
// --- EDUCATION, CERTIFICATIONS, AND AWARDS SECTION ---
|
// --- EDUCATION, CERTIFICATIONS, AND AWARDS SECTION ---
|
||||||
children.push(new Paragraph({
|
children.push(new Paragraph({
|
||||||
spacing: { before: 200, after: 160 },
|
spacing: { before: 120, after: 100 },
|
||||||
children: [new TextRun({
|
children: [new TextRun({
|
||||||
text: "Education, Certifications, and Awards",
|
text: "Education, Certifications, and Awards",
|
||||||
bold: true,
|
bold: true,
|
||||||
@@ -187,7 +189,7 @@ children.push(new Paragraph({
|
|||||||
// Certificates
|
// Certificates
|
||||||
if (resumeData.certificates) {
|
if (resumeData.certificates) {
|
||||||
resumeData.certificates.forEach(cert => {
|
resumeData.certificates.forEach(cert => {
|
||||||
const year = cert.date ? new Date(cert.date).getFullYear() : '';
|
const year = cert.date ? cert.date.slice(0, 4) : '';
|
||||||
children.push(new Paragraph({
|
children.push(new Paragraph({
|
||||||
spacing: { after: 60 },
|
spacing: { after: 60 },
|
||||||
children: [
|
children: [
|
||||||
@@ -215,7 +217,7 @@ if (resumeData.certificates) {
|
|||||||
// Awards
|
// Awards
|
||||||
if (resumeData.awards) {
|
if (resumeData.awards) {
|
||||||
resumeData.awards.forEach(award => {
|
resumeData.awards.forEach(award => {
|
||||||
const year = award.date ? new Date(award.date).getFullYear() : '';
|
const year = award.date ? award.date.slice(0, 4) : '';
|
||||||
children.push(new Paragraph({
|
children.push(new Paragraph({
|
||||||
spacing: { after: 60 },
|
spacing: { after: 60 },
|
||||||
children: [
|
children: [
|
||||||
@@ -294,7 +296,7 @@ if (resumeData.education) {
|
|||||||
|
|
||||||
// --- TECHNICAL SKILLS SECTION ---
|
// --- TECHNICAL SKILLS SECTION ---
|
||||||
children.push(new Paragraph({
|
children.push(new Paragraph({
|
||||||
spacing: { before: 200, after: 160 },
|
spacing: { before: 120, after: 100 },
|
||||||
children: [new TextRun({
|
children: [new TextRun({
|
||||||
text: "Technical Skills",
|
text: "Technical Skills",
|
||||||
bold: true,
|
bold: true,
|
||||||
|
|||||||
139
resume.json
139
resume.json
@@ -2,11 +2,11 @@
|
|||||||
"$schema": "https://raw.githubusercontent.com/jsonresume/resume-schema/v1.0.0/schema.json",
|
"$schema": "https://raw.githubusercontent.com/jsonresume/resume-schema/v1.0.0/schema.json",
|
||||||
"basics": {
|
"basics": {
|
||||||
"name": "Phillip Tarrant",
|
"name": "Phillip Tarrant",
|
||||||
"label": "Director, Detection Engineering & Threat Hunting | Security Automation & AI Leader",
|
"label": "Principal Security Engineer | Security Automation & AI Engineering",
|
||||||
"email": "ptarrant@gmail.com",
|
"email": "ptarrant@gmail.com",
|
||||||
"phone": "(706) 294-6733",
|
"phone": "(706) 294-6733",
|
||||||
"url": "https://www.linkedin.com/in/phillip-tarrant-cyber",
|
"url": "https://www.linkedin.com/in/phillip-tarrant-cyber",
|
||||||
"summary": "Security leader with 20+ years of experience building and leading detection engineering, threat hunting, and SOC operations across MSSP and enterprise environments. Proven director-level track record managing multiple large teams, restructuring SOC workflows, and scaling detection and response programs. Deep technical foundation in digital forensics, malware reversing, incident response, and threat hunting with and without AI integration. Led MSSP operations for 50+ business clients encompassing 150,000+ assets and 1 million+ users. Experienced AI and automation leader with expertise in SOAR engineering, prompt engineering, LLM integration, AI security and guardrails, and deploying AI-driven detection solutions in secure, regulated environments.",
|
"summary": "Principal-level security engineer with 20+ years building detection and AI-driven automation across MSSP and enterprise environments. Ships production tooling end to end — custom SOAR platforms and LLM triage pipelines; built automation that closed 47% of 3,500 weekly tickets with no human touch. Deep DFIR and threat-hunting roots, now focused on applied AI security.",
|
||||||
"location": {
|
"location": {
|
||||||
"city": "Morrison",
|
"city": "Morrison",
|
||||||
"region": "TN",
|
"region": "TN",
|
||||||
@@ -26,13 +26,13 @@
|
|||||||
"position": "Principal Security Engineer",
|
"position": "Principal Security Engineer",
|
||||||
"location": "Remote",
|
"location": "Remote",
|
||||||
"startDate": "2026-03",
|
"startDate": "2026-03",
|
||||||
"summary": "Lead engineer owning security automation, AI development, and SIEM/logging strategy for the enterprise security program; drive detection engineering, threat hunting tooling, and analyst enablement while advising leadership on strategic security investments.",
|
"summary": "Lead engineer owning security automation, AI development, and SIEM/logging strategy for the enterprise security program; build detection engineering and threat hunting tooling while setting technical direction for the team.",
|
||||||
"highlights": [
|
"highlights": [
|
||||||
"Own enterprise security automation, AI development, and SIEM/logging strategy across the security program",
|
"Architected and built a custom SOAR web application from the ground up — 20+ automated response actions unifying detection, reporting, and response across Microsoft 365, CrowdStrike, Google SecOps, and ReliaQuest",
|
||||||
"Architected and built a custom SOAR web application from the ground up — 20+ automated response actions unifying detection, reporting, and response across Microsoft 365, CrowdStrike, Google SecOps, and ReliaQuest data sources",
|
"Engineered a 'user activity tracker' that correlates enterprise telemetry to accelerate incident triage and proactive threat hunting",
|
||||||
"Engineered a 'user activity tracker' that accelerates incident triage and proactive threat hunting across enterprise telemetry",
|
|
||||||
"Automated end-to-end quarantine email release across Microsoft 365 and Abnormal, cutting analyst response time on phishing and malicious mail",
|
"Automated end-to-end quarantine email release across Microsoft 365 and Abnormal, cutting analyst response time on phishing and malicious mail",
|
||||||
"Mentor 2 junior engineers on a lean 5-person security team in secure coding and cybersecurity-forward AI usage; advise senior leadership on strategic detection engineering and security investments"
|
"Own enterprise security automation, AI development, and SIEM/logging architecture across the security program",
|
||||||
|
"Set secure-coding and cybersecurity-forward AI usage standards; mentor engineers and advise leadership on detection engineering investments"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -41,12 +41,12 @@
|
|||||||
"location": "Remote",
|
"location": "Remote",
|
||||||
"startDate": "2025-01",
|
"startDate": "2025-01",
|
||||||
"endDate": "2026-03",
|
"endDate": "2026-03",
|
||||||
"summary": "Contract consulting role providing cybersecurity leadership and technical expertise.",
|
"summary": "Contract consulting role delivering hands-on security engineering, SOC operations, and vulnerability management for defense, fintech, and MSSP clients.",
|
||||||
"highlights": [
|
"highlights": [
|
||||||
"Managing SOC operations for US Defense Space market supplier across multiple Microsoft tenants",
|
"Ran SOC operations for a US Defense Space market supplier across multiple Microsoft tenants",
|
||||||
"Managed Vulnerability Management Program for one of the largest fintech clients in the US using Qualys",
|
"Managed the Vulnerability Management Program for one of the largest US fintech clients using Qualys",
|
||||||
"Director role at MSSP restructuring SOC flow and training SOC staff",
|
"Restructured SOC workflow and trained analysts at an MSSP",
|
||||||
"Designing secure architectures and providing compliance guidance (HIPAA, PCI-DSS, GDPR, NIST 800-53)"
|
"Designed secure architectures and provided compliance guidance (HIPAA, PCI-DSS, GDPR, NIST 800-53)"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -55,15 +55,14 @@
|
|||||||
"location": "Tampa/Doral, Florida",
|
"location": "Tampa/Doral, Florida",
|
||||||
"startDate": "2021-01",
|
"startDate": "2021-01",
|
||||||
"endDate": "2024-12",
|
"endDate": "2024-12",
|
||||||
"summary": "Progressive leadership roles managing SOC operations, Red Team, AI development, and security automation for MSSP clients.",
|
"summary": "Progressive technical and leadership roles culminating in Director of Automation, owning AI development and security automation for MSSP clients.",
|
||||||
"highlights": [
|
"highlights": [
|
||||||
"Grew SOC client base from 16 to 52 customers; improved profitability from 18% to 52% margin",
|
"Built automation handling 3,500 tickets weekly, closing 47% without human involvement",
|
||||||
"Built automation handling 3,500 tickets weekly with 47% closed without human involvement",
|
"Owned all AI development in a secure MSSP environment — AI-powered security automation using Python, AWS Lambda, LLMs, and SOAR platforms",
|
||||||
"Managed team of 17 direct reports across SOC, Red Team, and DFIR engagements",
|
"Designed prompt engineering frameworks and AI guardrails ensuring safe, accurate, auditable AI outputs in production security workflows",
|
||||||
"Oversaw all AI development in a secure MSSP environment, building AI-powered security automation using Python, AWS Lambda, LLMs, and SOAR platforms",
|
|
||||||
"Designed and implemented prompt engineering frameworks and AI guardrails to ensure safe, accurate, and auditable AI outputs in production security workflows",
|
|
||||||
"Built RAG-based knowledge systems and LLM-driven triage pipelines for automated threat classification and analyst augmentation",
|
"Built RAG-based knowledge systems and LLM-driven triage pipelines for automated threat classification and analyst augmentation",
|
||||||
"Established AI governance policies including model evaluation, output validation, and security controls for LLM deployments"
|
"Established AI governance including model evaluation, output validation, and security controls for LLM deployments",
|
||||||
|
"Grew SOC client base from 16 to 52 customers and improved margin from 18% to 52% while leading a 17-person SOC, Red Team, and DFIR org"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -72,10 +71,10 @@
|
|||||||
"location": "Alpharetta, Georgia",
|
"location": "Alpharetta, Georgia",
|
||||||
"startDate": "2020-04",
|
"startDate": "2020-04",
|
||||||
"endDate": "2021-01",
|
"endDate": "2021-01",
|
||||||
"summary": "Responsible for security architecture, training programs, and compliance across the organization.",
|
"summary": "Owned security architecture, detection tooling, and compliance across the organization.",
|
||||||
"highlights": [
|
"highlights": [
|
||||||
"Steered organization through PCI and NIST 800 series audits",
|
"Steered the organization through PCI and NIST 800 series audits",
|
||||||
"Created custom tools to automate attacks against infrastructure and design detections",
|
"Built custom tools to automate attacks against infrastructure and engineer matching detections",
|
||||||
"Saved $10,000+ through effective vendor/supplier negotiations"
|
"Saved $10,000+ through effective vendor/supplier negotiations"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
@@ -85,32 +84,19 @@
|
|||||||
"location": "Marietta, Georgia",
|
"location": "Marietta, Georgia",
|
||||||
"startDate": "2018-08",
|
"startDate": "2018-08",
|
||||||
"endDate": "2020-04",
|
"endDate": "2020-04",
|
||||||
"summary": "Incident Response/Digital Forensics lead, promoted to Architecture and Automation Team.",
|
"summary": "Incident Response/Digital Forensics lead, promoted to the Architecture and Automation Team.",
|
||||||
"highlights": [
|
"highlights": [
|
||||||
"Lead investigator on critical incidents; managed multi-server compromise investigations across three teams",
|
"Lead investigator on critical incidents; ran multi-server compromise investigations across three teams",
|
||||||
"Led Malware Analysis in sandboxed environments; mentored junior analysts",
|
"Led malware analysis in sandboxed environments and mentored junior analysts",
|
||||||
"Designed security data flow pipelines and automated SOC triage tools"
|
"Designed security data flow pipelines and automated SOC triage tooling"
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "The National Wild Turkey Federation",
|
|
||||||
"position": "Technical Services Manager",
|
|
||||||
"location": "Edgefield, South Carolina",
|
|
||||||
"startDate": "2015-10",
|
|
||||||
"endDate": "2018-08",
|
|
||||||
"summary": "Managed IT team supporting 300+ staff members with focus on infrastructure and security.",
|
|
||||||
"highlights": [
|
|
||||||
"Managed team of 8 technicians and developers supporting 300+ staff members",
|
|
||||||
"Migrated 3rd party tools to in-house solutions saving $50,000+ yearly",
|
|
||||||
"Managed security of entire web presence including network and application code"
|
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "Earlier Experience",
|
"name": "Earlier Experience",
|
||||||
"position": "IT & Systems Administration Roles",
|
"position": "IT Leadership & Systems Administration Roles",
|
||||||
"startDate": "1999-01",
|
"startDate": "1999-01",
|
||||||
"endDate": "2015-01",
|
"endDate": "2018-08",
|
||||||
"summary": "Progressive IT roles including Network/Server Administrator at NWTF, System Administrator at Morgan Thermal Ceramics, IT Coordinator at Briarwood Academy, and Technical Support at Sitel Group."
|
"summary": "Progressive IT and technical leadership roles, including Technical Services Manager at the National Wild Turkey Federation — led 8 technicians and developers supporting 300+ staff, saved $50,000+/year migrating 3rd-party tools in-house, and owned web/network/application security. Earlier: Network/Server Administrator at NWTF, System Administrator at Morgan Thermal Ceramics, IT Coordinator at Briarwood Academy, and Technical Support at Sitel Group."
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"education": [
|
"education": [
|
||||||
@@ -150,6 +136,23 @@
|
|||||||
}
|
}
|
||||||
],
|
],
|
||||||
"skills": [
|
"skills": [
|
||||||
|
{
|
||||||
|
"name": "AI/ML Engineering & Automation",
|
||||||
|
"level": "Expert",
|
||||||
|
"keywords": [
|
||||||
|
"LLM Integration",
|
||||||
|
"RAG Systems",
|
||||||
|
"Prompt Engineering",
|
||||||
|
"Agentic AI",
|
||||||
|
"AI Security & Guardrails",
|
||||||
|
"AI Governance",
|
||||||
|
"Model Evaluation",
|
||||||
|
"AWS Bedrock",
|
||||||
|
"AWS Lambda",
|
||||||
|
"Python Automation",
|
||||||
|
"Custom SOAR Development"
|
||||||
|
]
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "Security Operations, SIEM & SOAR",
|
"name": "Security Operations, SIEM & SOAR",
|
||||||
"level": "Expert",
|
"level": "Expert",
|
||||||
@@ -165,58 +168,42 @@
|
|||||||
"Swimlane",
|
"Swimlane",
|
||||||
"D3 SOAR",
|
"D3 SOAR",
|
||||||
"Torq",
|
"Torq",
|
||||||
"Custom SOAR Development",
|
|
||||||
"Playbook Development"
|
"Playbook Development"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "Threat Detection, DFIR & Red Team",
|
"name": "Detection Engineering, DFIR & Red Team",
|
||||||
"level": "Expert",
|
"level": "Expert",
|
||||||
"keywords": [
|
"keywords": [
|
||||||
|
"Detection Engineering",
|
||||||
|
"Threat Hunting",
|
||||||
|
"Malware Analysis",
|
||||||
|
"Incident Response",
|
||||||
|
"Volatility",
|
||||||
"Darktrace",
|
"Darktrace",
|
||||||
"Tanium",
|
"Tanium",
|
||||||
"Vectra",
|
"Vectra",
|
||||||
"FireEye",
|
"FireEye",
|
||||||
"Volatility",
|
|
||||||
"Malware Analysis",
|
|
||||||
"Incident Response",
|
|
||||||
"Detection Engineering",
|
|
||||||
"Threat Hunting",
|
|
||||||
"Abnormal Security",
|
"Abnormal Security",
|
||||||
"Metasploit",
|
"Metasploit",
|
||||||
"Purple Team"
|
"Purple Team"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"name": "AI/ML & Automation",
|
|
||||||
"level": "Expert",
|
|
||||||
"keywords": [
|
|
||||||
"AWS Bedrock",
|
|
||||||
"LLMs",
|
|
||||||
"RAG",
|
|
||||||
"Prompt Engineering",
|
|
||||||
"AI Security & Guardrails",
|
|
||||||
"AI Governance",
|
|
||||||
"Agentic AI",
|
|
||||||
"Model Evaluation",
|
|
||||||
"Python Automation"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"name": "Cloud, Infrastructure & Programming",
|
"name": "Cloud, Infrastructure & Programming",
|
||||||
"level": "Advanced",
|
"level": "Advanced",
|
||||||
"keywords": [
|
"keywords": [
|
||||||
|
"Python",
|
||||||
|
"PowerShell",
|
||||||
|
"Bash",
|
||||||
"AWS",
|
"AWS",
|
||||||
"Azure",
|
"Azure",
|
||||||
"Oracle Cloud",
|
"Oracle Cloud",
|
||||||
"Windows Server",
|
|
||||||
"Linux/UNIX",
|
|
||||||
"Active Directory",
|
|
||||||
"Docker",
|
"Docker",
|
||||||
"Kubernetes",
|
"Kubernetes",
|
||||||
"Python",
|
"Windows Server",
|
||||||
"PowerShell",
|
"Linux/UNIX",
|
||||||
"Bash"
|
"Active Directory"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -231,14 +218,14 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "Leadership & Management",
|
"name": "Leadership & Mentorship",
|
||||||
"level": "Expert",
|
"level": "Expert",
|
||||||
"keywords": [
|
"keywords": [
|
||||||
"Team Leadership (17+ reports)",
|
"Technical Leadership",
|
||||||
|
"Engineer Mentorship",
|
||||||
"MSSP Operations",
|
"MSSP Operations",
|
||||||
"Budget Management",
|
"Team Leadership (17+ reports)",
|
||||||
"Vendor Negotiations",
|
"Vendor Negotiations"
|
||||||
"Training & Mentorship"
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
@@ -251,6 +238,6 @@
|
|||||||
"meta": {
|
"meta": {
|
||||||
"theme": "elegant",
|
"theme": "elegant",
|
||||||
"version": "v1.0.0",
|
"version": "v1.0.0",
|
||||||
"lastModified": "2026-06-23"
|
"lastModified": "2026-07-06"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user