Ashley Taylor

Information security professional with over 14 years of technology experience.

Skills

Architecture
  • Firewalls
  • AV Systems
  • VPN
  • VNC
Languages, Operating Systems & Tools
  • Powershell
  • Python
  • git
  • Kali Linux
  • Debian Linux
  • Windows
  • HTML
  • CSS
Security Tools
  • Metasploit
  • Wireshark
  • Sparta
  • SearchDiggity
  • tcpdump
  • nmap
  • netcat
  • Nessus
Security
  • Critical Controls
  • Incident Response
  • Security Policy Creation
  • Vulnerability Assessment and Remediation
  • Risk Assessment
Product Knowledge
  • Palo Alto Networks
  • Quest Kace
  • SonicWall
  • Netmotion Wireless
  • Barracuda Networks
  • Sophos
  • Kaspersky
  • VMware
  • Bomgar
Other Skills
  • Software Automated Deployment
  • Public Speaking
  • Cybersecurity Education
  • Server Administration

Experience

IT Security Officer

Local Government

Develop and maintain vulnerability management program, security policies, security infrastructure, endpoint security system, and end-user education program. Additionally, assist the networking/server administration teams and lead overall security initiatives. Major projects include updating all security policies, establishing a cybersecurity education program that includes simulated phishing, securely configuring web and email security gateways, auditing network environment and cleaning up unused accounts, and securing all possible internal websites with HTTPS.

November 2017 - Present

Public Safety Technical Support

Local Government

Maintained servers, network infrastructure, and a fleet of mobile devices for the public safety department. Additionally, developed security procedures and automated software distributions for the city. Major projects included two full mobile fleet replacements, establishing a complete remote support environment, and setting up and deploying a multi-factor authentication system for public safety mobile devices.

February 2008 - November 2017

Systems Administrator

Software Development Company

Maintained network infrastructure and server environment for a software development company. Responsibilities included setting up test servers in a wide variety of operating systems (Windows, Linux, Unix, and Solaris), maintain Apache webservers, maintain network infrastructure (modem, routers, switches, firewall, and email security gateway), build and maintain user systems, and maintain tape backups. A major project included establishing a new and secure software repository that could be accessed remotely by developers.

January 2007 - February 2008

Student Systems Administrator

University

Assisted the College of Engineering Information Technology team in providing support for the Center for Biofilm Engineering laboratories. A major project included replacing all computers in the student laboratory.

January 2006 - January 2007

Education

SANS Technology Institute

Masters of Science
Information Systems Engineering - Penetration Testing Focus
2018 - 2021

Montana State University

Bachelor of Science
General Business - Information Systems Management Option
2013 - 2017

Certifications

GIAC Penetration Tester

GPEN
Certified understanding of password attacks, password hash attacks, domain escalation techniques, persistence techniques, exploitation fundamentals, Kerberos attacks, Metasploit, data exfiltration, penetration testing planning, penetration testing with PowerShell and the Windows Command Line, scanning and host discovery, vulnerability scanning, reconnaissance, and web application injection attacks.
2019 - Current

GIAC Certified Incident Handler

GCIH
Certified understanding of detecting, responding and resolving computer security incidents. Certification cover knowledge of the steps of the incident handling process, detecting malicious applications and network activity, common attack techniques, detecting and analyzing system and network vulnerabilities, and continuous process improvement by discovering the root cause of incidents.
2019 - Current

GIAC Certified Project Manager

GCPM
Certified understanding of abilities critical to making projects successful including effective management of communications, time, costs, quality, procurements, and risks associated with information technology, security, and application development projects.
2019 - Current

GIAC Security Essentials

GSEC
Certified understanding of access control and password management, active defense, contingency planning, critical controls, cryptography, defense in depth, defensible network architecture, endpoint security, incident handling and response, risk management, Windows security, Linux security, log management & SIEM, malicious code and exploit mitigation, network device security, network security infrastructure, security policy, threat hunting, vulnerability management, web communication security, and wireless network security.
2018 - Current

Organizations

Local Toastmasters Club

Secretary

May 2018 - Present

SANS Advisory Board

Board Member

October 2018 - Present

Women's Society Cyberjutsu

Member

January 2019 - Present

Live Talks

Cybersecurity and Business

Montana State University - Billings
Introducing cybersecurity in a business envrionment and explaining recent major breaches. We also discussed the various career opportunies that exist in cybersecurity.
March 2019
Nifty tech tag lists from Wouter Beeftink