
Joe Bagdon
Verified Expert in Engineering
Expert AWS Developer
Joe is a seasoned security and infrastructure engineering professional with experience performing application and network assessments, writing and enforcing policies, providing defense for an enterprise environment, and administrating infrastructures. He has an in-depth knowledge of information security, information technology, and information warfare. Joe is a competent Python programmer, adding automation and integration that reduces workloads.
Portfolio
Experience
Availability
Preferred Environment
Linux, Cloudflare, Amazon Web Services (AWS), Application Security, Python, MacOS, Docker
The most amazing...
...thing I've done is creating and teaching the first-ever undergraduate network warfare training (UNWT) course for the U.S. Air Force.
Work Experience
Chief Information Security Officer
The Kit Company
- Built the overall information security program for the company.
- Achieved SOC2, Type 2 Certification, and HIPAA Compliance.
- Recreated and redeployed applications into ECS and Fargate using Terraform, providing hardened, increased security, elasticity, and reproducible environment.
Principal Engineer
AgileSecOps
- Contributed to policies, procedures, compliance initiatives, and technical implementations. CISO as a Service provided guidance and direction related to security, keeping key business objectives in mind.
- Developed Python and PowerShell scripts to integrate other threat intelligence products into specific platforms and gained solid experience with RESTful APIs.
- Played a key role in vulnerability scanning and management and penetration testing of infrastructure, mobile, and web applications.
Senior Manager of Information Security
Copart
- Rebuilt the security team to operate efficiently, with the ability to detect threats and maintain company compliances such as PCI, SOC2, ISO 27001, and Safe Harbor for over 180 locations worldwide.
- Led recertification of PCI environment by collecting evidence, recommending changes, and remediating issues.
- Spearheaded the internal risk management program to bind ownership of security risks with the appropriate business owners and provided an overview of risks to C-level executives.
- Installed Sumo Logic as the central syslog service and acted as the project lead, converting aging syslog and SIEM systems.
- Architected and deployed the intrusion detection systems and file integrity monitoring, including HIDS, NIDS, and FIM.
Manager of Information Security
Think Finance
- Oversaw the daily operations of information security, networking, and telephony teams.
- Wrote and maintained policies and procedures to ensure compliance with PCI and company standards.
- Built and configured a central logging system based on Elasticsearch and Kibana.
- Converted all systems from traditional antivirus to Bit9 application whitelisting.
- Built and installed a network-based intrusion detection system.
- Incorporated the SaltStack configuration management for all Linux servers and wrote configuration to automate compliance to the Center for Internet Security benchmarks.
Security Officer
Rally Software
- Interfaced with the customers to answer security-related questions and coordinate the customer security testing.
- Composed and enforced the security and privacy policies.
- Oversaw all aspects of an eCommerce site's PCI compliance.
- Obtained the FISMA NIST 800-53 moderate compliance for SaaS offering and maintained the ISO 270001 compliance, EU Safe Harbor, and HIPAA.
- Deployed the hose-based intrusion detection and network-based intrusion detection systems in both the corp and production environments.
- Collaborated directly with the operations administrators in a security and operations function.
- Performed vulnerability and penetration testing on a SaaS application offered by the company.
- Conducted periodic application reviews while interfacing with developers to solve security issues.
- Wrote the disaster recovery policy for the production environment and acted as the key contributor to the corp disaster recovery documentation.
Global Information Security Engineer
Prologis
- Provided all aspects of corporate security support, guidance, engineering, and management.
- Built and replaced an aging network-based intrusion detection system.
- Identified and managed the clean-up efforts of several botnets and other malicious infected systems located within the company’s worldwide infrastructure.
- Installed the central logging and reporting capability to support security and infrastructure administrators.
Lead System, Network, and Security Engineer
Tendril Networks
- Assessed compliance with the information technology controls and tested application technologies, development projects, data center operations, security, and information technology-related work processes.
- Developed and maintained the processes to include the security incident response, vulnerability assessment and scanning, patch management, security metrics and reporting, security event management, protection of PII, and encryption.
- Assessed the risk and internal operating controls by identifying areas of non-compliance and identified operational weaknesses, inefficiencies, and issues.
- Performed penetration testing and vulnerability scans by utilizing BackTrack, Metasploit, Nessus, John the Ripper, Nikto, Nexpose, Burp Suite, and w3af.
Security and Operations Center Linux Administrator
DigitalGlobe
- Provided the security and administration support for Linux RHEL 5, Windows (XP, 2003, 7, 2008), Solaris 10, and IRIX systems.
- Troubleshot and resolved issues with the infrastructure components and company-built specialized software applications.
- Wrote scripts and programs to automate the monitoring and administration processes.
Intelligence and Network Security Administrator
U.S. Air Force
- Managed a development project team for network security attacks.
- Acted as the certified instructor and developer for the first-ever Air Force undergraduate network warfare course.
- Instructed students on the defense of hacker techniques and the use of malicious software, utilizing Linux hosts with Ruby, Python, and shell scripting.
- Performed penetration testing with open source software such as NMAP, Nessus, and Metasploit, and other malicious code found on the internet consisting of C++, Python, and shell scripting.
Experience
The Unstoppable Denial of Service
DevSecOps Champion
From Zero to Compliant – SOC 2, Type 2
I took the lead and performed most of the work with little interruption to daily operations. Everything from policies to technical implementations was accomplished within 30 days. The auditor provided the SOC 2, Type 1 certification a week later. The monitoring period passed without incident, and we obtained the SOC 2, Type 2, as promised.
Skills
Languages
Python, Bash Script, Python 3
Paradigms
HIPAA Compliance, Management, DevSecOps, DevOps, Penetration Testing
Platforms
Amazon Web Services (AWS), Docker, Linux, MacOS, Windows, AWS ALB, Burp Suite, Web, Kubernetes, Azure
Industry Expertise
IT Security, Security, Cybersecurity, Network Security
Other
Incident Response, Incident Management, Information Security, Cloudflare, SOC 2, Vulnerability Assessment, IT Audits, PCI DSS, PCI Compliance, Team Leadership, Host-based Intrusion Prevention, Intrusion Detection Systems (IDS), Team Management, HITRUST Certification, Web App Security, ISO 27001, Vulnerability Management, Risk Management, Data Loss Prevention (DLP), Policy, Disaster Recovery Plans (DRP), Compliance, Training, Threat Intelligence, SIEM, Web Security, Cloud Security, PCI, Security Audits, SaaS, System Administration, System-on-a-Chip (SoC), Business Continuity & Disaster Recovery (BCDR), Security Architecture, Security Analysis, Content Delivery Networks (CDN), Consulting, OWASP, Technical Hiring, Interviewing, Cloud, CISSP, Vulnerability Identification, Antivirus Software, IDS/IPS, Incident Handling, GitHub Actions, Firewalls, Technical Training, Intrusion Prevention Systems (IPS), Application Security, Mobile Device Management (MDM), Endpoint Detection and Response (EDR), CISO, Web Application Firewall (WAF), Military Operations, Hacking, Ethical Hacking, CI/CD Pipelines, Architecture, NIST, Single Sign-on (SSO), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Data Privacy, GDPR, Task Analysis, APIs, Source Code Review, Authentication, Cloud Architecture, Security Engineering, Data Governance, Data Protection, IT Governance, Monitoring, Teamwork, Okta, Group Policy, Threat Modeling
Libraries/APIs
Python API
Tools
AWS Fargate, GitHub, Sumo Logic, SaltStack, Virtualenv, VMware, Amazon Elastic Container Service (Amazon ECS), Ansible, OWASP Zed Attack Proxy (ZAP), Amazon Firewall, VPN, Metasploit, Amazon CloudWatch, Puppet, Terraform
Storage
Google Cloud, Database Security
Frameworks
Flask
Certifications
Certified Information Systems Security Professional
International Information Systems Security Certification Consortium (ISC)
AWS Business Professional
Amazon Web Services
AWS Technical Professional
Amazon Web Services
Programming for Everybody (Python)
Coursera
An Introduction to Interactive Programming in Python (Part 1)
Coursera
GIAC Certified Incident Handler (GCIH)
Sans Institute
GIAC Security Essentials (GSEC)
SANS Institute