For more information contact me at: michael.d.bateman42 @ gmail (d0t) com
* Experience leading Red Team operations/penetration tests/vulnerability assessments.
* Experience using Advanced Persistent Threat (APT) Tactics, Techniques and Procedures (TTPs).
* Experience creating and managing C2 infrastructure (cloud based redirectors).
* Experience writing code in: C/C++, C#, Bash, Batch, PowerShell and Python.
* Experience training and mentoring Red Team operators.
* Experience with Cobalt Strike, Burp Suite, Nmap, Kali Linux, Impacket, Rubeus, Certify and Mimikatz.
* Experience performing reconnaissance, phishing, lateral movement, persistence and privilege escalation.
Persistent Cyber Operator IV
Millennium Corporation [Huntsville, AL]
December 2021 to present
Provided Red Team support to PEO STRI’s Threat Systems Management Office (TSMO), leading Persistent Cyber Operations (PCO), long-term Red Team operations, focused on external/internal web/cloud testing. Led PCO operations using Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs), focusing on stealth and mission objective execution, operating within strict Rules of Engagement (ROE). Led training exercises using various APT TTPs to ensure realistic adversary emulation focused on allowing the Blue Team to learn and enhance their skills in detecting adversarial threats. Led short-term Red Team operations focused on completing specific mission objectives while operating under an ROE. Led phishing campaigns for "click" count and/or initial access. Participated in Red Team assessments using a wide variety of offensive security tools to include Cobalt Strike, Kali Linux, Burp Suite, Nmap, Dirbuster and in-house developed Red Team tools. Trained and mentored personnel from both internal and external organizations, ensuring proficiency in adversarial tactics, operational security, cyber threat emulation, logging, and other daily PCO-specific requirements. Created and maintained Red Team cloud-based infrastructure (redirectors) registering domain names, creating web page content, ensuring site categorization, and using iptables or cloud provider-based security controls to limit access to the infrastructure. Managed and maintained Battlegrounds for k>fivefour to support training of cyber security professionals across both commercial and DoD sectors. Created several scenarios from k>fivefour for use inside Battlegrounds that were focused on specific TTPs.
Sr. Threat and Vulnerability Analyst
Crest Security Assurance [Remote]
July 2021 to present
Providing Threat and Vulnerability Analysis support to the Cybersecurity & Infrastructure Security Agency (CISA).
Sr Principal Cyber Systems Engineer
Northrop Grumman [Huntsville, AL]
May 2021 to July 2021
Provided support for MDA's GMD Program as part of Northrop Grumman's Program Protection & Security (PP&S) program.
Network Engineer IV
Millennium Corporation [Huntsville, AL]
July 2019 to April 2021
Provided Red Team infrastructure support for PEO STRI’s Threat Systems Management Office (TSMO). Created and maintained Red Team cloud-based infrastructure (redirectors) registering domain names, creating web page content, ensuring site categorization, and using iptables or cloud provider-based security controls to limit access to the infrastructure. Participated in phishing campaigns for "click" count and/or initial access. Participated in Red Team assessments using a wide variety of offensive security tools including Cobalt Strike, Kali Linux, Burp Suite, Nmap, Dirbuster and in-house developed Red Team tools.
Cyber Engineer Principal
BAE Systems [Huntsville, AL]
April 2019 to July 2019
Acted as lead penetration tester for the Cyber Warrior Training Capability (CWTC) program. Led penetration tests against real and virtualized systems.
Red Team Security Engineer
Millennium Corporation [Huntsville, AL]
July 2018 to April 2019
Performed adversarial assessments as part of a Red Team supporting PEO STRI’s Threat Systems Management Office (TSMO). Participated in Red Team assessments using a wide variety of offensive security tools including Cobalt Strike, Kali Linux, Burp Suite, Nmap, Dirbuster and in-house developed Red Team tools.
Cybersecurity Field Engineer
Analog Devices [Huntsville, AL]
January 2017 to July 2018
Provided support to the Missile Defense Agency (MDA) Cyber Warrior Training Capability (CWTC) program. Built virtual environments to train students on cyber security topics and test students' understanding. Developed cyber security training class content. Provided support for network engineering, VMware ESXi, vCenter, vCloud, and Microsoft and Linux operating systems.
Cybersecurity Field Engineer
Sypris Electronics [Huntsville, AL]
July 2016 to December 2016
Provided support to the Missile Defense Agency (MDA) Cyber Warrior Training Capability (CWTC) program. Built virtual environments to train students on cyber security topics and test students' understanding. Developed cyber security training class content. Provided support for network engineering, VMware ESXi, vCenter, vCloud, and Microsoft and Linux operating systems.
Systems Engineer IV (NASA HOSC Network Engineer IV)
COLSA Corporation [Huntsville, AL]
June 2015 to July 2016
Provided network engineering and troubleshooting support to the Huntsville Operations Support Center (HOSC) at NASA's Marshall Space Flight Center (MSFC). Installed and configured Nexus 1000v distributed virtual switches on VMware vSphere 5.5 and 6.0. Experience configuring and troubleshooting VMware ESXi 5.5 and 6.0.
Network Administrator - Senior
Jacobs Technology, Inc [Huntsville, AL]
August 2004 to June 2015
Provided local, campus and wide area network support to the Program Executive Office, Missiles and Space (PEO MS) at Redstone Arsenal which includes four separate networks. Managed over 100 Cisco devices across all four networks to include switches, routers and firewalls. Supported remote locations through dark fiber, Metro Ethernet, DS3 and T1 circuits. Configured and maintained routing using static routes and BGP for both IPv4 and IPv6. Installed, maintained and monitored network intrusion detection devices. Investigated and analyzed network traffic from packet captures using Wireshark, Cisco ASA and Palo Alto firewalls. Provided system administration for Red Hat Enterprise Linux. Mentored and assisted network team members with network processes as well as network management.
Security Engineer
TEKsystems [Huntsville, AL]
April 2004 to August 2004
Provided information assurance support for Dynetics Inc. Developed multiple Certification and Accreditation test procedures for DoD DITSCAP Certification and Accreditation projects. Installed and secured a Red Hat (Linux) server running Snort and ACID.
System Analyst
Jacobs Sverdrup [Huntsville, AL]
June 2002 to April 2004
Provided information assurance support as a member of the U.S. Army Garrison, Redstone DOIM IA Team, Local Computer Incident Response Team Redstone (LCIRT-R). Used commercial, DoD and open-source intrusion detection systems to monitor and analyze network traffic for violations of U.S. Army policy as well as unauthorized, suspicious or malicious activity. Thoroughly investigated and analyzed anomalous traffic using several intrusion detection systems. Created incident reports by gathering traffic captures from available intrusion detection systems for escalation to higher level staff and/or other government agencies. Mentored and assisted LCIRT-R team members with intrusion detection processes. Wrote instructions on how to read data from several of the intrusion detection sensors.
System Analyst II
NCCIM L.L.C [Huntsville, AL]
November 2001 to June 2002
Provided information assurance support as a member of the U.S. Army Garrison, Redstone DOIM IA Team, Local Computer Incident Response Team Redstone (LCIRT-R). Used commercial, DoD and open-source intrusion detection systems to monitor and analyze network traffic for violations of U.S. Army policy as well as unauthorized, suspicious or malicious activity. Thoroughly investigated and analyzed anomalous traffic using several intrusion detection systems. Created incident reports by gathering traffic captures from available intrusion detection systems for escalation to higher level staff and/or other government agencies. Mentored and assisted LCIRT-R team members with intrusion detection processes. Wrote instructions on how to read data from several of the intrusion detection sensors.
• Information Security (10+ years)
• CISSP (10+ years)
• Network Security (10+ years)
• Cobalt Strike (6+ years)
• Kali Linux (7+ years)
• Burp Suite (4+ years)
• Cisco (10+ years)
• Active Directory (10+ years)
• DNS
• Security (10+ years)
• VPN (10+ years)
• VMware (10+ years)
• LAN (10+ years)
• Network Firewalls (10+ years)
• WAN (10+ years)
• System Administration
• Network Monitoring (10+ years)
• Microsoft Windows (10+ years)
• Operating Systems
• DHCP
• Python (3 years)
• Bash Scripting (10+ years)
• Batch Scripting (10+ years)
https://www.michaeldbateman.com/
https://www.redteamtrainingreviews.com
Altered Security - Certified Enterprise Security Professional - AD CS (CESP - ADCS)
November 2023 to November 2026
k>fivefour - Red Team Journeyman Certified (RTJC)
July 2023 to Present
Zero-Point Security - Red Team Lead (CRTL)
January 2023 to Present
Zero-Point Security - Red Team Operator (CRTO)
November 2022 to Present
Altered Security - Certified Red Team Professional (CRTP)
October 2019 to July 2032
Altered Security - Certified Red Team Expert (CRTE)
August 2019 to July 2026
Offensive Security - Offensive Security Certified Professional (OSCP)
April 2017 to Present
k>fivefour - Red Team Apprentice Operator (RTAC)
August 2018 to Present
ISC2 - Certified Information Systems Security Professional (CISSP)
November 2008 to Present
CompTIA - Security+
October 2003 to Present
EC-Council - Certified Ethical Hacker (CEH)
October 2018 to Present