Josh T - Security Architect at Consulting Company

Disclaimer: This information was obtained from publicly available sources online and is believed to be accurate at the time of publication. Valimates collects this information with proprietary technology and cannot guarantee the accuracy or completeness of the data. The purpose of the data is to inform the reader about the expertise of the individual and should not be used for any other purpose. Valimates does not have any affiliation with the individual.

Josh T Security Architect at Consulting Company

Claim Profile Update Profile Delete Profile

Josh T. is a seasoned Security Architect with over 20 years of experience in the IT industry, boasting a robust LinkedIn network of 2212 connections. Beginning as a Linux and security enthusiast, Josh has evolved into a distinguished professional, crafting secure-by-design architectures that encapsulate a wealth of knowledge from years of hands-on work in DevOps, cloud and infrastructure security, and software development. With a strategic mindset and a detail-oriented approach to problem-solving, Josh offers an exceptional skill set that marries technical prowess with an acute awareness of business and customer needs.

Currently working with a consulting company, Josh's expertise is evident in reviewing application architectures for security controls, performing security evaluations, and designing secure cloud-native systems within established frameworks such as CAF and WAF. A proponent of collaborative work and a strong communicator, Josh actively engages with various stakeholders, articulating the trade-offs and rationales behind decisions while asking clarifying questions when necessary. Equipped with an impressive command of industry standards and practices such as Zero Trust, MITRE ATT&CK, and OWASP Top 10, to name a few, Josh enhances security postures by implementing robust controls and policies.

Josh's career reflects a dedication to continuous learning and growth, underscoring their value as an "egoless engineer" still passionate about the profession. With a track record of successfully managing cloud operations for various companiesÃ¢â‚¬â€including a fintech startup and a SaaS organizationÃ¢â‚¬â€and leading significant projects at a Fortune 500 company and Target, Josh's expertise is comprehensive and versatile. Holding a Bachelor of Science degree in Cybersecurity and Information Assurance from Western Governors University, Josh remains open to full-time and contract opportunities, with a preference for remote work, affirming their commitment to delivering excellence in the realm of IT security and consulting.

More about this expert

Full name: Josh T
Location: Denver Metropolitan Area
Title: Security Architect
Company: Consulting Company
Industry: IT Services and IT Consulting
LinkedIn profile: https://www.linkedin.com/in/jt24680/
LinkedIn Connections: 2212
Summary: Started as a Linux and security hobbyist and now a professional with 20+ YoE Forges secure-by-design architectures using knowledge earned from years of hands-on experience in DevOps, cloud & infrastructure security, and software development Articulates tradeoffs, options, pros/cons, and the why behind my views and decisions Strong written and verbal communication skills, listens and asks clarifying questions Strategic thinker who can relate technical decisions to business and customer needs Exceptional analytical, problem solving, critical thinking, and interpersonal skills Organized, detail-oriented, and able to work both independently and collaboratively Lifelong learner, growth mindset, and an egoless engineer who still loves this profession Notes: Open to full time and contract (C2C / 1099 / W2) Proof of certifications available upon request US citizen 100% remote only please Thank you for spending time to read my profile. I look forward to hearing from you.
Skills: Cloud Computing Information Security Management

Education

Western Governors University: Bachelor of Science - BS
Attended in 2021
Field of study: Cybersecurity and Information Assurance
Independence High School

Positions

Consulting Company Remote · Remote: Security Architect
2022 - Present

⦁Reviewed proposed application architectures for technical security controls, authentication flows, data governance, regulatory compliance, and additional NFRs
⦁Performed security evaluations of prospective 3rd party SaaS and COTS products
⦁Designed secure, cost-effective, cloud native, scalable distributed systems using techniques in Cloud Adoption Framework (CAF) & Well-Architected Framework (WAF)
⦁Collaborated with business, technical, and GRC teams to create security policies
⦁Strengthened the security posture of Azure Active Directory by implementing controls and services such as Privileged Identity Management (PIM), conditional access, Entra Identity Governance access reviews, MFA / 2FA, and sign-in risk & user risk policies
⦁Performed gap analysis using Azure Security Center and Defender for Cloud CSPM to identify missing controls, then prioritized and remediated based on risk score
⦁Knowledge of and various degrees of experience with Zero Trust, MITRE ATT&CK (tactics, techniques, and procedures (TTP)), OWASP Top 10, Cyber Kill Chain, threat modeling (STRIDE), CASB, NIST Cybersecurity Framework (CSF), SANS CWE Top 25, SOAR, SIEM, Sentinel, AKS, Argo, Helm, immutable infrastructure, Datadog, cloud security, mTLS, M365 / O365, Data Loss Prevention (DLP), SASE, FIDO / FIDO2 passwordless, reference architectures, design patterns, blue team, least privilege, defense in depth, tokenization, privilege escalation, attack surface, and secure software supply chain
SaaS Startup Remote · Remote: DevOps Manager
2021 - 2022

⦁People manager, hands-on individual contributor, and agile project manager
⦁Lead Agile ceremonies including daily standup (Scrum Master), sprint planning, sprint retrospective, and backlog management sessions using a Jira-based Kanban board
⦁Laid the technical and procedural foundations for an AWS disaster recovery (DR) plan
⦁Implemented AWS GuardDuty and EventBridge for threat detection and alerting
⦁Deployed Sophos Intercept EDR XDR to Linux servers and containerized workloads
⦁Upgraded all Ubuntu servers to a newer version hardened with CIS security controls
⦁Frequent interactions with CodePipeline, CodeBuild, GitHub Actions, Atlassian Confluence, Slack, PagerDuty, OpenTelemetry, API Gateway, ECS, Prometheus, Artifactory, Tomcat, Nginx, EKS, Consul, OIDC, OAuth / OAuth2, SSO, and Auth0 JWTs
Fintech Startup Remote · Remote: Manager, Cloud Operations
2019 - 2021

⦁Set clear priorities, tracked work progress, removed blockers, and updated stakeholders
⦁Used blameless post-mortems to drive process improvement and increase site reliability
⦁Created formal processes around Kubernetes upgrades (plan, test, upgrade, validate)
⦁Made use of canary deployments and feature flags to reduce risk and impact of changes
⦁An event-driven architecture using PubSub message queues on Google Cloud Platform (GCP) along with GKE, Grafana dashboards, Graylog, BigQuery, Airflow, SDLC (Software Development Life Cycle), SQL, MySQL RDBMS, Istio service mesh, Ansible
F500 Company Denver Metropolitan Area · Remote: Lead SaaS Infrastructure Engineer
2015 - 2019

⦁Azure cloud & security architect for projects to create new revenue streams in the form of GDPR and FedRAMP compliant copies of our existing SaaS applications
⦁Reduced toil by creating an auto-remediation system using Rundeck and Ansible
⦁Reduced AWS operating costs by 40% via cleanup, consolidation, and right-sizing
⦁Application security (AppSec) & DevSecOps static code analysis (SAST) with Veracode
⦁Container vulnerability scanning and real time protection with Twistlock / Prisma Cloud
⦁Partnered with auditors to gather requested evidence samples for SOC 2 Type 2 audits
⦁Frequent interactions with AWS services including EC2, VPC, S3 buckets (object storage and blob storage), RDS database, CloudFront, CloudWatch, CloudTrail, Lambda serverless, load balancers, Secrets Manager, Parameter Store, Identity and Access Management (IAM), ACM SSL/TLS X.509 certificates, security groups, NAT gateway, EFS, DocumentDB, and auto scaling groups (ASGs), and WAF
⦁Terraform, Dynatrace for application performance management (APM) / distributed tracing / observability / telemetry, ElasticSearch, microservices, Docker containers, Nagios monitoring, Python, Splunk logging, IPsec VPN, security engineering, MongoDB, Kubernetes, IaaS, PaaS, YAML, encryption, TCP/IP, VLANs, OSI model, Apache Kafka, Okta, firewalls, cryptography, virtualization, SAML, FIPS 140-2, NIST 800-53, Redis, Ping, Red Hat, CentOS, Cloudflare, and more
Target Greater Minneapolis-St. Paul Area · On-site: DevOps Engineer
2014 - 2015

⦁Designed GitOps-style workflows for cloud infrastructure development and deployment
⦁Built proof-of-concepts (POCs) of cloud-based CI/CD pipelines for target.com
⦁Wrote and tested Chef cookbooks using ChefSpec, Ruby, Vagrant, Packer, and Jenkins
⦁Hands-on with GitHub, pull requests, code reviews, HTTP, HTTPS, REST / RESTful APIs, JSON, object-oriented programming (OOP) patterns, and Amazon Web Services
Target Greater Minneapolis-St. Paul Area · On-site: Lead Technical Architect
2012 - 2014

⦁Our successful project enabled the sale of Target's pharmacies to CVS for $2 billion
⦁Collaborated with cross-functional teams including networking, security, and IT
⦁Automated the deployment of infrastructure, Linux VMs, and pharmacy software
⦁Mapped out dependencies and removed roadblocks & bottlenecks from the critical path
⦁Responsible for HIPAA Security Rule as well as enterprise architecture artifacts including design documentation, implementation plans, operations runbooks, Visio diagrams (infrastructure, security, data), and disaster recovery procedures