Brian Seel
Verified Expert in Engineering
Software Engineering Developer
New York City, NY, United States
Toptal member since September 29, 2022
Brian has over a decade of experience as a software developer, building tools and techniques for computer network exploitation at the National Security Agency. His core skill is his ability to solve multiple problems, from reverse engineering malware to writing data extraction tools or developing GIS maps. As a data analyst, Brian excels in helping decision-makers understand things in a data-driven way.
Portfolio
Experience
Availability
Preferred Environment
PyCharm
The most amazing...
...thing I have developed was a covert data transmission protocol using DNS packets.
Work Experience
Senior Developer
Sterling Data Company LLC
- Wrote a sales system that brought in data from various election data sources, enriched it with other data sources, and used that to populate an internally used Hubspot database.
- Created an extensive test suite that included mocked unit tests and end-to-end integration tests to verify the quality of the data that was being generated.
- Worked with various API endpoints to push and pull data, including APIs that were not fully documented. I wrote Python wrappers that managed the interaction with the APIs so that they could be interacted with in Pythonic ways from the core project.
Data Analyst and Developer
City of Baltimore
- Reverse-engineered data provider's websites to use Python to scrape data from behind authenticated accounts into agency data stores.
- Developed dashboards and maps in PowerBI and ArcGIS to provide at-a-glance portals for decision-makers to track agency metrics focused on the problems the agency was trying to solve at that time.
- Led data-centric stat meetings to review data, develop monthly action items, and identify new metrics to track.
- Wrote code that maintained highly available data and monitored data integrity issues to identify failures in the agency dataflows.
Software Developer
National Security Agency
- Created a client (written in Python) and a server (written in C++) that allowed for communication with Windows clients in situations of high latency, high packet loss, and low network reliability.
- Developed capabilities to enable computer network exploitation efforts, primarily by developing C++ codebases with testing scripts in Python.
- Explored and developed against the internals of Windows.
- Used collaborative development tools, such as SVN, Jenkins, Jira, Confluence, and Crucible, to enable our Agile team.
Software Developer
National Security Agency
- Developed Ruby-based plugins on top of IBM's Streaming Analytics platform to support ingesting massive amounts of agency data for use by analysts.
- Led a team of 12 developers, testers, DevOps, and writers operating on a two-week sprint cycle that worked to reduce a backlog of technical debt while also continuing to add customer-required functionality.
- Supported additional functionality and troubleshooting of IBM Streaming Analytics written in Ruby and C++.
Software Developer
National Security Agency
- Developed a network protocol to transmit sensitive data through overt channels.
- Built a Python-based fuzzer to find vulnerabilities in commercial off-the-shelf telecom hardware.
- Used collaborative development tools, such as SVN, Jenkins, Jira, Confluence, and Crucible, to enable our Agile team.
- Implemented a Windows driver that altered network packets before a software intrusion detection system could inspect them.
- Reverse-engineered binary files to determine what they were designed to do and patch out capabilities that needed to be bypassed.
- Became proficient in tailored access operations tools for network navigation, tactical forensic analysis, and collection of valuable intelligence information.
- Performed analysis of various operating system security configurations, packet analysis, port scanning, and vulnerabilities.
Instructor
Montgomery College
- Taught introductory Python to classes of 15-20 students, many of who had no experience writing code.
- Developed lesson plans and homework based on the college's general class structures and goals.
- Reinforced lecture topics through an ongoing class project that added skills learned from class.
Experience
TransitStat
https://github.com/city-of-baltimore/transitstatI also built a Python wheel for our data provider's undocumented API, which required a bit of reverse engineering to understand how it worked. The code is available here: https://github.com/city-of-baltimore/ridesystems.
The scraper: https://github.com/city-of-baltimore/ridesystems/blob/main/src/ridesystems/reports.py.
Bike Share Tracker
https://github.com/cylussec/bikesharedataI used that data to write a published article highlighting the problems, which resulted in the system being shut down three weeks later.
Articles:
• https://baltimorefishbowl.com/stories/the-baltimore-bike-share-system-is-about-to-fail-again/
• https://www.baltimoresun.com/business/bs-md-bike-share-ends-20180815-story.html
Public Bus Tracker
https://github.com/cylussec/bustrackingAn additional write-up is available here: https://cylus.org/how-we-made-a-website-to-track-our-bus-system-in-36-hours-e9870c3c3a38.
Some examples of the data were published here: https://cylus.org/mtas-on-time-performance-data-for-april-a378c86bd666.
Remote File Collection
https://github.com/cylussec/FileCollectionAutomated Traffic Violation Enforcement System
https://github.com/city-of-baltimore/atvesThis project aimed to bring the data together to be tracked on internal dashboards, which required three different scrapers and a data cleaning before being brought into our internal database. It required three scrapers to pull the data from our Red Light Camera vendor, our Speed Camera vendor, and our financial information. The financial information was behind a Windows-authenticated website, which required extensive reverse engineering and patching an external library to get it to work.
https://github.com/city-of-baltimore/atves/blob/main/src/atves/axsis.py
https://github.com/city-of-baltimore/atves/blob/main/src/atves/conduent.py
https://github.com/city-of-baltimore/atves/blob/main/src/atves/financial.py
Dashboard Mailer
https://github.com/city-of-baltimore/website-mailerThis project used Selenium to take the screenshots and the SMTP library to email the screenshots out.
Ticket Data Extraction
https://github.com/city-of-baltimore/ticketstatEducation
Master's Degree in Offensive Computer Security
Eastern Michigan University - Ypsilanti, MI, USA
Bachelor's Degree in Computer Science
University of Idaho - Moscow, ID, USA
Certifications
GIAC Certified Penetration Tester (GPEN)
Global Information Assurance Certification (GIAC)
Certified Information Systems Security Professional
ISC2
Skills
Libraries/APIs
ArcGIS, SQLAlchemy, Mypy, Python API, Pandas, Win32 API, REST APIs, React
Tools
PyCharm, Shell, Microsoft Power BI, Git, GitHub, pylint, Subversion (SVN), Metasploit, Confluence, Jenkins, Jira, ELK (Elastic Stack), GIS, Windows Driver Kit (WDK), Crucible, Pytest
Languages
C++, C++11, Python 3, SQL, Python, C, R, Python 2, HTML, Ruby, x64 Assembly, Assembly, Assembler x86
Paradigms
Penetration Testing, Scrum, ETL, Agile, Security Software Development, Fuzz Testing, Continuous Integration (CI), Continuous Delivery (CD)
Platforms
Windows, Linux, Amazon Web Services (AWS), IBM InfoSphere Streams, Docker, HubSpot
Industry Expertise
Network Security
Storage
JSON, SQL Server 2017, MySQL, Amazon DynamoDB
Frameworks
Selenium
Other
Software Engineering, Data, Networks, Hacking, Computer Security, Web Scraping, Data Cleaning, Tox, Data Visualization, CNE, Automation Scripting, APIs, Data Engineering, Operating Systems, Windows Internals, Operational Security (OPSEC), Cryptography, Access Control, GitHub Actions, CI/CD Pipelines, Data Analytics, Data Analysis, CISSP, Intrusion Detection Systems (IDS), Packet Communication, Digital Forensics, Vulnerability Assessment, DAX, Data Modeling, API Integration, Data Science, API Documentation, Geospatial Data, Geographic Information Systems, Reverse Engineering, Analytics, Analysis, Network Exploitation, Technical Writing, Training, Education, Front-end, Data Organization
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring