Aaron Sanderson
www.linkedin.com/in/SecurityAaron
Means, KY 40346 •- •-SKILLS
Network/Information Security, Computer Network Defense, Threat Hunt, Open Source Intelligence,
Incident Response/Management, Information Assurance, Penetration Testing (Kali, Metasploit, Cobalt
Strike), Red Teaming (Threat Emulation), Scripting (BASH, PowerShell, Python, SQL), Windows
Client/Server
CERTIFICATIONS
(ISC)2 CISSP (463198)
EC-Council CEH (ECC-)
Active US DoD Top Secret/SCI, with current SSBI
RELEVANT PROFESSIONAL EXPERIENCE
Janus Associates
Senior Penetration Tester/Threat Analyst/Security Consultant (11/2020 - 05/2025)
Remote Security Consultant and Penetration Tester with Janus Associates. Assisting clients in analyzing
technical environments, helping them understand information security problems and methods of solving
each. Conducting technical penetration testing in client sites. Performing gap analyses of client
environments in compliance with accepted security frameworks and compliance requirements. Preparation
of technical reports containing information security test results and analysis. Utilize Open Source
Intelligence to provide a wholistic picture of risk to clients. Conduct Threat Hunts, Incident Response, and
Forensic Analysis on behalf of customers and communicate risk using NIST 800 series, MITRE ATT&CK,
and the Cyber Kill Chain to stakeholders and executives.
Aermor
Red Team Operator/Penetration Tester/Threat Analyst (11/2019 - 10/2020)
Worked with the Navy Red Team (one of nine NSA Certified DoD Red Teams) to provide Cyber Threat
Emulation to Fleet, Command, and Joint Exercises during pre-deployment training, acquisition program
assessments, and operational readiness assessments. Act as a penetration tester using current threat
techniques as part of an opposition force team to scan, identify analyze and exploit vulnerabilities, establish
persistence, escalate privileges and create effects on target systems, under clear rules of engagement with
formal approval and authorities. Utilize Open Source, Commercial, and Government reporting on emerging
tools, techniques, and procedures used by the PenTesting community and Advanced Threat Groups to
create focused training and threat campaign plans using the MITRE ATT&CK framework. Provide resident
subject matter expertise, advice and mentorship to DoD enlisted pentesters.
Apogee Engineering
Penetration Tester (12/2018 - 11/2019)
Analyze the results from automated web testing tools to validate findings, determine their business impact,
and eliminate false positives. Demonstrate expertise with website scanning and exploitation tools such as
but not limited to: HP WebInspect, Burp Suite, etc. Support execution of and help in development of TTPs
for website penetration testing or Blue Teaming. Use commercial and open source network cyber
assessment tools (e.g. Nmap, Metasploit, and Nessus). Exploit common vulnerabilities and
misconfigurations associated with common operating systems (Windows, Linux, etc.), protocols (HTTP,
FTP, SQL, etc.), and network security services (PKI, HTTPS, etc.). Produce written reports and briefs on
the results of penetration tests. Conduct planning and execute Blue Teaming, Penetration Testing, and/or
Capture the Flag events. Research various cyber actors' TTPs, organizational structures, capabilities,
personas, and environments, and integrate findings into Cyber Blue Teaming or penetration test operations.
Develop and utilize testing methodology for threat emulation and vulnerability validation.
Aermor
Cyber Forensic Analyst (08/2018 - 12/2018)
Network Forensic Analyst augmenting Cyber Defense Command watch floor (SOC/NOC) capabilities.
Utilized Open Source and Proprietary IDS (Snort), IPS, and SEIM (Splunk) to conduct Threat Hunting and
develop incident reporting.
EWA Warrior Services
Red Team Operator/Penetration Tester/Threat Analyst (03/2018 - 08/2018)
Served on the Navy Red Team with the same duties as identical position with Aermor.
Army National Guard/Army Reserve
Master Intelligence Sergeant/All-Source Intelligence Analyst (35F/35Z) (11/2001 - Present)
Lead, Train and Mentor teams and units of 5 to 150 Soldiers in Garrison, Field, and when Deployed.
Supervise the receipt, analysis, dissemination, and storage of intelligence information from Open and
Closed reporting. Develop intelligence in support of domestic and overseas missions as a uniformed service
member. Supervises the Intelligence Cycle. Quality controls analysis performed by subordinates.
Conduct Annual Physical Security inspections and Threat Vulnerability Assessments.
Symantec
Principal Security Consultant (12/2013 - 03/2018)
Resident Consultant acting as staff augmentation to a DOD contract providing expert level assistance with
the full suite of Symantec Enterprise Software and Hardware (Endpoint Protection, Mail Security for
Exchange, Mail Gateway, Endpoint Encryption, Scan Engine, Data Center Protection, LiveUpdate
Administrator, Security Information Manager) to protect and manage critical assets. Duties include:
perform assessment, design, implementation, incident planning and forensic services for a global enterprise
network (over 250,000 endpoints) while remaining in compliance with applicable regulations and policies.
Use standard Microsoft (PowerShell, WinDBG, SQL, SysInternals) and Open Source (WireShark, NMap)
tools to quickly determine root cause and remediation of multi-vendor incidents. Served as a subject matter
expert on emerging vulnerabilities and threat actors using Closed and Open Source reporting.
Senior Business Critical Services Remote Product Specialist (05/2012 - 12/2013)
Delivered a polished, high-touch level of technical product support to a portfolio of high profile and high
impact customers while managing a customer’s support experience. Serve as a trusted advisor and subject
matter expert to assist customer with securing their environment, complying with applicable regulations,
responding to security incidents, and use Security Assessment tools (NMAP, Nessus, Metasploit, BASH,
Python) to demonstrate potential risk to customer leadership. Participate in, and lead activities (training,
mentoring, projects, etc.) to help strengthen the technical abilities of peers and other teams. Drive continued
self-development in both technical and professional areas to optimize effectiveness in role. Additionally,
served as an Incident Manager for Symantec Business Continuity Program.
BCS Remote Product Specialist (04/2008 - 05/2012)
Senior Technical Support Analyst (06/2005 - 04/2008)
Technical Support Analyst (08/2004 - 06/2005)
Delivered enterprise customer support for Symantec Security Products to include AntiVirus, Firewall,
AntiSpam, and Content Filtering; on Windows and Linux platforms.
