Ryan McCusker

Professional Summary

Self-starter and results-driven Security Lead with experience in architecture, cloud, applications, and code review. Dynamic and pragmatic engineer with strong strategic and experimental approaches to problem-solving. Recognized for being an excellent leader with team members and clients, creating successful working environments in multiple organizations.

Core Competencies

• Cloud Security
• Application Security
• Security Tool Deployment
• Threat and Gap Analysis
• Python, Javascript, Typescript
• Team Building
• Risk Management

Professional Experience

VRChat, Remote (Jan 2023 – June 2024)

Security Engineer (AppSec and Cloud)

• Configured and installed Greenbone/OpenVAS in AWS for vulnerability assessment.
• Revamped IAM throughout AWS environment to follow principle of least privilege.
• Fixed multiple vulnerabilities that were brought by users and internally for the application.
• Programmatically tagged all AWS infrastructure, improving resource management and security.
• Revamped the admin accounts for the application itself, which was highly integrated in every aspect of the application for core functionality.
• Developed PowerShell scripts to migrate local environments to AWS, enhancing system scalability.
• Led the setup of a Jira SSO development environment, facilitating team collaboration.
• Led the external penetration tests to full remediation for all findings.
• Successfully set up an EKS cluster, including database and networking configurations, for Burp Suite integration.
• Implemented Amazon GuardDuty EKS Runtime Monitoring, enhancing security monitoring capabilities.
• Installed and configured EKS Runtime Monitoring add-on within AWS clusters.
• Managed AWS accounts for new environment standups and gave interoperability where required.
• Developed a DevSecOps Roadmap outlining key security objectives and milestones for the year.
• Established SSO and implemented stringent account lockdown protocols in the AWS environment.
• Configured Okta integration with multiple services to streamline identity management and access control.

DISH Network, Denver, CO (August 2021 – December 2022)

Lead Application Security Engineer

• Created security standardization roadmap for the SOC to have security analysts able to effectively do their job within a short time window for the 5G environment, which led to the SOC hitting company security goals earlier than previously planned.
• Created the security 5G architecture roadmap for all of infosec that is being used by all of Dish 5G to help lead the charge on becoming a more mature security environment.
• Created multiple secure CI/CD pipelines and in-house python scripting tools for SOC analysts and engineers.
• Engaged as a SME for 5G and AWS security for multiple incidents, and purple team engagements.
• Actively training five direct reports in the SOC from junior analyst to senior engineer.
• Worked on a security tool bakeoff to find the best SAST/DAST/SCA tools to integrate with our developers to shift left.
• Presented internally for security awareness month at multiple DISH locations in Colorado.
• Led the SOC in multiple incident responses for critical 5G infrastructure zero-day attacks.
• Worked with multiple C-suite executives to help shape security for 5G from an architecture standpoint.
• Moved from SOC to application security engineering team as an application security engineering lead due to high performance within the SOC.
• Created various security alerts for the SIEM and fixed various problems with ingesting and digesting logs properly so the analysts could effectively investigate the alerts in AWS.
• Worked on multiple incidents involving leaky APIs, vulnerable code, and led developer enablement to prevent similar issues in the future by writing articles in an internal knowledge base.
• Gave security recommendations and feedback with multiple complex architectures involving multiple cloud platforms, internal and external APIs, and on-prem equipment simultaneously.
• Set up, managed, and secured AWS SSO and IAM for multiple environments.

Charter Communications, Denver, CO (June 2020 – August 2021 - Contract)

Security Engineer III

• Mitigated BGP Hijacking ISP wide through automation scripts allowing tools to detect BGP Hijacks without false positives.
• Automated security scans to all devices within the pre-prod environment, setting a baseline of security regardless of type of device.
• Mirrored all traffic within the lab environment, ensuring that all traffic with potential malicious activity was being captured and identified.
• Created a risk management design for all new architecture, firewalls, and other devices being tested for potential deployment to production networks.
• Ensured security at the firmware level for DOCSIS devices and Firewalls.
• Performed in-depth bake-offs from multiple firewall vendors to ensure that certified solutions passed all security checks that were relevant to the solution that they provided.

TTEC, Denver, CO (Feb 2019 – June 2020)

Senior Information Security Engineer

• Performed multiple penetration tests as Lead Pen Tester for TTEC.
• Analyzed IT systems and processes to identify security gaps, and risks and present appropriate recommendations.
• Tested and implemented security controls on various systems and applications to ensure data integrity.
• Managed critical security situations and provided feasible solutions to ensure minimal impact on business operations.
• Acted as a technical leader by conducting training and providing guidance on complex security issues.
• Provided recommendations on the adoption of new tools and methodologies to ensure system security best practices.
• Developed and updated internal knowledge base and technical guides regarding security practices.