Jeff McCutchan
Details
TD
V.P. Information Security Specialist, Red Team
As an Associate Principal, my duties include the following :
♦ Developing/implementing training programs for various topics, covering technical and soft skills
♦ Identifying deficiencies in internal processes, and providing solutions for them
♦ Helping establish goals for junior analysts
♦ Mentoring and coaching junior analysts
♦ Identifying service gaps, and assist bringing new services to market
Additionally, I perform a variety of offensive security services as described in my previous positions at SecureState.
2017 : 2017
SecureState
Associate Principal
I am responsible for interviewing potential hires, and providing employment recommendations to executive management, training employees to perform offensive security assessments, and mentoring junior staff.
Additionally, I serve as the subject matter expert for the following areas :
♦ Red Teaming
♦ Penetration Testing
♦ Social Engineering
♦ Web Application Security
Additional responsibilities include updating assessment methodologies and associated documents, maintaining website content associated with these services, assisting sales staff with scoping engagements, and promoting the SecureState brand through blogs, webinars, and other marketing content.
2016 : 2017
SecureState
Senior Analyst
As a Security Consultant at SecureState, I am a primary resource for performing client engagements. I am responsible for performing a number of offensive security assessments including :
♦ Red Team Engagements
♦ Internal and External Penetration Tests
♦ Web Application Security Assessments, using White, Black, and Grey methodologies
♦ Physical Penetration Tests
♦ Telephone and Email Social Engineering
♦ Wireless Security Assessments
♦ Mobile Device and Application Penetration Tests
For each engagement I provide clients with a high quality deliverable detailing testing methodology, vulnerabilities, and remediation strategies to help clients improve their overall security posture.
I have implemented a tracking program for engagements which allows SecureState to provide clients with thorough industry comparison statistics.
Additionally, I have assisted with the training of multiple new hires, quickly helping them achieve the high level of competence required to be successful at Securestate.
2012 : 2016
SecureState
Security Consultant - Profiling and Penetration Team
Providing technical support for customers via remote access and/or verbal directions. Ensuring customers were able to conduct business efficiently and effectively, fully leveraging a state-of-the-art point of sales system. Additional responsibilities included : occasional off hours technical support, on site repair or replacement of physical equipment, installation and customization of point of sales systems.
2010 : 2012
FuturePOS Ohio Inc.
Level III Support
About
As an individual who has been passionate about information security for several years, I have focused my education, and practical application on the offensive side of the industry. I am proficient with the methodologies, techniques, and tools necessary to conduct high value security assessments. I pride myself on being able to meet the security needs of clients. I am comfortable speaking to executive level and technical resources alike, and can articulate the value of performing security assessments as well as the business impacts of a real world attack.
I have contributed to open source projects including the Metasploit Framework and PowerShell Empire, implemented an innovative statistics tracking process for client engagements, and conducted hands-on internal training covering penetration testing methodology, tools, and techniques. I currently hold the OSCP and GPEN certifications.
Profile Photo
