Profiles search
Danny Rappleyea
Manager and Security Architect for Genesys Cloud CX
Durham, NC, United States
Details
Experience:
- Manage the penetration testing program for the Genesys Cloud CX product, with testing by internal staff, third-parties, private bug-bounty challenges, and customers.
- Create purple-team exercises with the security operations team to ensure that common attacks alert appropriately.
- Oversee an internal security development team, building security tooling into our CI/CD pipeline and change management process to handle over a hundred production pushes per day.
- Work with development teams to add security requirements into new product features, and test the security of those features before general release.
- Evaluate, procure, and implement new security products.
2021 : Present
Genesys
Manager & Security Architect
- Managed the penetration testing program with third parties and customers, and perform penetration testing of the Genesys Cloud product.
- Built a security development team to transform a bunch of security scripts into mature microservices that integrate into our CI/CD pipeline and DevOps tooling.
2018 :
Genesys
Team Lead of Security Development, PureCloud
Protect the PureCloud suite of cloud-based contact center and unified communications solutions from modern-day attacks.
• Perform web application and network level penetration tests against Internet-facing and internal services. Research leading edge attack methods for javascript web frameworks and nosql databases
• For common attack scenarios, find commercial, open source and internally-developed solutions to detect attacks as they occur
• Embed automated security testing into an Agile build process to provide security coverage in an environment with many systems and builds deployed each day
2015 :
Genesys
Information Security Strategist, PureCloud
• Manage the penetration testing practice for Tangible Security using Allen Harper's pentest methodology described in the book Gray Hat Hacking
• Manage a small staff of penetration testers
• Perform penetration tests for clients across a broad spectrum of industries including financial, retail, hospitality and government.
• Consult with clients on PCI compliance, SIEM, incident response and implementing security controls to improve their security maturity
2013 : 2015
Tangible Security
Director of Penetration Testing
Enables organizations to meet their information security goals. Performs penetration testing, security assessments, PCI and regulatory compliance assessments, and implements key security technologies.
• Performed penetration tests for over a dozen clients, providing actionable plans for eliminating security risks to the organizations’ sensitive information.
• Discovered a security flaw in a major security vendor’s product; gave responsible disclosure to the vendor and worked with them to validate that the flaw was remediated before the patch was released.
• Performed security assessment and regulatory compliance review for a major state agency as part of their security strategy for transitioning operations from mainframe to distributed and virtualized technology.
2010 : 2013
Secure Enterprise Computing
Security Engineer
- Create purple-team exercises with the security operations team to ensure that common attacks alert appropriately.
- Oversee an internal security development team, building security tooling into our CI/CD pipeline and change management process to handle over a hundred production pushes per day.
- Work with development teams to add security requirements into new product features, and test the security of those features before general release.
- Evaluate, procure, and implement new security products.
2021 : Present
Genesys
Manager & Security Architect
- Managed the penetration testing program with third parties and customers, and perform penetration testing of the Genesys Cloud product.
- Built a security development team to transform a bunch of security scripts into mature microservices that integrate into our CI/CD pipeline and DevOps tooling.
2018 :
Genesys
Team Lead of Security Development, PureCloud
Protect the PureCloud suite of cloud-based contact center and unified communications solutions from modern-day attacks.
• Perform web application and network level penetration tests against Internet-facing and internal services. Research leading edge attack methods for javascript web frameworks and nosql databases
• For common attack scenarios, find commercial, open source and internally-developed solutions to detect attacks as they occur
• Embed automated security testing into an Agile build process to provide security coverage in an environment with many systems and builds deployed each day
2015 :
Genesys
Information Security Strategist, PureCloud
• Manage the penetration testing practice for Tangible Security using Allen Harper's pentest methodology described in the book Gray Hat Hacking
• Manage a small staff of penetration testers
• Perform penetration tests for clients across a broad spectrum of industries including financial, retail, hospitality and government.
• Consult with clients on PCI compliance, SIEM, incident response and implementing security controls to improve their security maturity
2013 : 2015
Tangible Security
Director of Penetration Testing
Enables organizations to meet their information security goals. Performs penetration testing, security assessments, PCI and regulatory compliance assessments, and implements key security technologies.
• Performed penetration tests for over a dozen clients, providing actionable plans for eliminating security risks to the organizations’ sensitive information.
• Discovered a security flaw in a major security vendor’s product; gave responsible disclosure to the vendor and worked with them to validate that the flaw was remediated before the patch was released.
• Performed security assessment and regulatory compliance review for a major state agency as part of their security strategy for transitioning operations from mainframe to distributed and virtualized technology.
2010 : 2013
Secure Enterprise Computing
Security Engineer
Company:
Genesys
About
Cloud computing brings a challenge of security at scale, ensuring security across hundreds of microservices deployed many times per day to global regions that each have unique compliance and data sovereignty requirements. My experience blends the four pillars of penetration testing, security, compliance, and automation to meet that challenge.
Profile Photo
