{ "$schema": "https://raw.githubusercontent.com/jsonresume/resume-schema/v1.0.0/schema.json", "basics": { "name": "Phillip Tarrant", "label": "Cybersecurity Director | Automation Leader", "email": "ptarrant@gmail.com", "phone": "(706) 294-6733", "url": "https://www.linkedin.com/in/phillip-tarrant-cyber", "summary": "Accomplished and analytical professional with 20+ years of experience in cybersecurity, server infrastructures, and data-center operations. Proven expertise in Cyber Operations, digital forensics, penetration testing, information system management, malware reversing, threat detection, and threat hunting with and without AI integration. Proactive leader with a proven record of managing multiple large teams and leading the charge to complete project goals. Managed MSSP operations for 50+ large business clients encompassing over 150,000 assets and 1 million+ users.", "location": { "city": "Morrison", "region": "TN", "countryCode": "US" }, "profiles": [ { "network": "LinkedIn", "username": "phillip-tarrant-cyber", "url": "https://www.linkedin.com/in/phillip-tarrant-cyber" } ] }, "work": [ { "name": "Confidential", "position": "Senior Information Security Consultant", "location": "Remote", "startDate": "2025-01", "summary": "Contract consulting role providing cybersecurity leadership and technical expertise.", "highlights": [ "Managing SOC operations for US Defense Space market supplier across multiple Microsoft tenants", "Managed Vulnerability Management Program for one of the largest fintech clients in the US using Qualys", "Director role at MSSP restructuring SOC flow and training SOC staff", "Designing secure architectures and providing compliance guidance (HIPAA, PCI-DSS, GDPR, NIST 800-53)" ] }, { "name": "Compuquip Cybersecurity", "position": "SOC Technical Manager → SOC Director → Director of Automation", "location": "Tampa/Doral, Florida", "startDate": "2021-01", "endDate": "2024-12", "summary": "Progressive leadership roles managing SOC operations, Red Team, and security automation for MSSP clients.", "highlights": [ "Grew SOC client base from 16 to 52 customers; improved profitability from 18% to 52% margin", "Built automation handling 3,500 tickets weekly with 47% closed without human involvement", "Managed team of 17 direct reports across SOC, Red Team, and DFIR engagements", "Developed AI-powered security automation using Python, AWS Lambda, and SOAR platforms" ] }, { "name": "Travel Syndication Technology (TST)", "position": "Sr. Cyber Security Architect", "location": "Alpharetta, Georgia", "startDate": "2020-04", "endDate": "2021-01", "summary": "Responsible for security architecture, training programs, and compliance across the organization.", "highlights": [ "Steered organization through PCI and NIST 800 series audits", "Created custom tools to automate attacks against infrastructure and design detections", "Saved $10,000+ through effective vendor/supplier negotiations" ] }, { "name": "Intercontinental Exchange", "position": "Cyber Security Engineer → Senior Cyber Security Engineer", "location": "Marietta, Georgia", "startDate": "2018-08", "endDate": "2020-04", "summary": "Incident Response/Digital Forensics lead, promoted to Architecture and Automation Team.", "highlights": [ "Lead investigator on critical incidents; managed multi-server compromise investigations across three teams", "Led Malware Analysis in sandboxed environments; mentored junior analysts", "Designed security data flow pipelines and automated SOC triage tools" ] }, { "name": "The National Wild Turkey Federation", "position": "Technical Services Manager", "location": "Edgefield, South Carolina", "startDate": "2015-10", "endDate": "2018-08", "summary": "Managed IT team supporting 300+ staff members with focus on infrastructure and security.", "highlights": [ "Managed team of 8 technicians and developers supporting 300+ staff members", "Migrated 3rd party tools to in-house solutions saving $50,000+ yearly", "Managed security of entire web presence including network and application code" ] }, { "name": "Earlier Experience", "position": "IT & Systems Administration Roles", "startDate": "1999-01", "endDate": "2015-01", "summary": "Progressive IT roles including Network/Server Administrator at NWTF, System Administrator at Morgan Thermal Ceramics, IT Coordinator at Briarwood Academy, and Technical Support at Sitel Group." } ], "education": [ { "institution": "Virginia College", "area": "Network Administration", "studyType": "Associate", "startDate": "2014", "endDate": "2016", "score": "4.0", "courses": [] } ], "certificates": [ { "name": "GWAPT - Web Application Penetration Tester", "issuer": "GIAC", "date": "2020-01-01" }, { "name": "GCFA - Forensic Analyst", "issuer": "GIAC", "date": "2019-01-01" }, { "name": "GCIH - Incident Handler", "issuer": "GIAC", "date": "2018-01-01" } ], "awards": [ { "title": "Lethal Forensicator Coin Winner", "awarder": "SANS/GIAC", "date": "2019-01-01", "summary": "SANS Challenge Coin for excellence in digital forensics" } ], "skills": [ { "name": "Security Operations & SIEM", "level": "Expert", "keywords": [ "Splunk", "ELK Stack", "Microsoft Sentinel", "Microsoft Defender", "Sentinel One", "Rapid7 IDR", "Stellar Cyber" ] }, { "name": "SOAR Platforms", "level": "Expert", "keywords": [ "Swimlane", "D3 SOAR", "Torq", "Playbook Development", "Workflow Automation" ] }, { "name": "EDR & Threat Detection", "level": "Expert", "keywords": [ "Darktrace", "Tanium", "Vectra", "FireEye", "Sentinel One", "Detection Engineering" ] }, { "name": "DFIR & Forensics", "level": "Expert", "keywords": [ "Volatility", "Malware Analysis", "Reverse Engineering", "Incident Response", "Evidence Collection", "Multi-host Investigation" ] }, { "name": "Penetration Testing & Red Team", "level": "Advanced", "keywords": [ "Metasploit", "Web Application Security", "Attack Simulation", "Red Team Oversight", "Purple Team Testing", "Vulnerability Assessment" ] }, { "name": "Cloud Platforms & Security", "level": "Advanced", "keywords": [ "AWS", "Azure", "Oracle Cloud", "Lambda", "EC2", "Cloud Security Architecture", "Hybrid Environments" ] }, { "name": "AI/ML & Automation", "level": "Advanced", "keywords": [ "AWS Bedrock", "Large Language Models", "RAG", "Machine Learning", "Python Automation", "Custom Tool Development" ] }, { "name": "Programming & Scripting", "level": "Advanced", "keywords": [ "Python", "PowerShell", "Bash", "SQL", "YAML" ] }, { "name": "Infrastructure & Systems", "level": "Expert", "keywords": [ "Windows Server", "Linux/UNIX", "Active Directory", "VMware", "Docker", "Kubernetes", "Network Architecture" ] }, { "name": "Compliance & Frameworks", "level": "Advanced", "keywords": [ "NIST 800-53", "PCI-DSS", "HIPAA", "GDPR", "CIS Benchmarks", "Security Audits" ] }, { "name": "Leadership & Management", "level": "Expert", "keywords": [ "Team Leadership (17+ reports)", "MSSP Operations", "Budget Management", "Vendor Negotiations", "Training Programs", "Hiring & Mentorship" ] } ], "languages": [ { "language": "English", "fluency": "Native speaker" } ], "meta": { "theme": "elegant", "version": "v1.0.0", "lastModified": "2025-12-08" } }