Information Security Engineer with a passion for learning and securing systems. I excel at insider risk management, data loss protection, incident response, vulnerability risk analysis, threat intelligence, and utilizing SIEM and EDR/XDR solutions, effectively securing diverse on-premises, hybrid, and cloud environments.
Education
M.S. Cybersecurity, Network Security Management
Overall GPA: 3.93
B.S. Cybersecurity, System and Network Security
Overall GPA: 3.77 Departmental GPA: 3.90
Professional Experience
Remote
Information Security Engineer
June 2025 – Present
Associate Information Security Engineer
July 2024 – June 2025
On-site
Research Assistant, Cybersecurity
Jan 2024 – May 2024
Utilized Node.js, Javascript, CSS, and HTML to develop and implement a secure training platform for cybersecurity students
Developed training modules by analyzing prior real-world cybercrime incidents
Utilized Docker, MySQL, and Google’s OAuth Identity Authentication API to create a secure user management solution for the platform
Remote
Intern, Identity Access Management
May – Aug 2023
Worked with Microsoft Azure SSO utilizing SAML and OAUTH
Worked with various departments/applications of Universal Music Group to implement and enforce SSO for security
Collected information and risk criteria from application teams to prioritize SSO implementations
Remote
Intern, IT Technician
May – Aug 2020/21/22
Worked directly with customers on urgent, time-sensitive tickets and issues
Utilized Microsoft’s Active Directory, Bitbucket repositories, DBeaver SQL database administration tool, and the IntelliJ IDE
Worked with production code to make changes to connectors and plugins written in Groovy, SQL, YAML, & XML that managed Customers' Student Information Systems* and associated software
Worked on Customers’ servers with access to their SIS* containing production software and confidential student and customer information
Certifications
Additional Relevant Experience
Home Lab
Operates a dynamic, resilient home lab environment that integrates virtualization, containerization, network security, and automation to support secure infrastructure management, cybersecurity operations, and service deployment. Utilizes an 8-node Raspberry Pi cluster running a high-availability Docker Swarm with GlusterFS for distributed storage and Keepalived for automatic failover, ensuring both redundancy and load balancing. This platform hosts a range of internal services including monitoring, automation, and network management tools.
At its core, Proxmox manages multiple physical servers with clustering for seamless failover and ZFS-backed storage that guarantees data integrity and high-speed performance. The environment supports diverse virtualized systems, from Linux and Windows VMs to lightweight LXC containers.
A comprehensive network security architecture is in place, featuring a zone-based firewall with VLAN segmentation, a dedicated DMZ for external services, and an IDS/IPS system that leverages deep packet inspection, anomaly detection, and Threat Intelligence ingestion to automatically block malicious IPs. Reverse proxy architecture is handled by Traefik for internal traffic—integrated with Authelia for Single Sign-On (SSO)—and NGINX Proxy Manager (NPM) for external-facing services, providing TLS termination, security filtering, and controlled access.
Security monitoring is enhanced with a SIEM setup using Wazuh; logs are collected via agents and ingested into a centralized Syslog server for advanced correlation, anomaly detection, and forensic analysis. Custom scripts written in Python, BASH, and PowerShell automate log analysis, system health monitoring, backup management, and routine administrative tasks.
External security is further strengthened through Cloudflare, which offers DNS protection, DDoS mitigation, and web traffic filtering. This includes automatic bot blocking, geo-fencing to restrict non-US traffic, rate limiting, and Web Application Firewall (WAF) rules that mitigate known attack patterns. A UPS system ensures power redundancy and continuous monitoring of uptime and downtime, establishing a secure, scalable, and fault-tolerant environment ideal for cybersecurity operations, penetration testing, and infrastructure management.
Capture The Flag Cybersecurity Competitions
Regularly participates in Capture The Flag-styled competitions such as the National Cyber League and JerseyCTF as a part of Michigan Technological University's RedTeam and individually.
Utilizes offensive security tools such as Kali Linux and actively practices a wide variety of penetration testing and vulnerability analysis techniques.
Extracurriculars
Michigan Technological University
Security Team, Networking and Computing Student Association (NCSA)
Michigan Technological University
Member, RedTeam@MTU
Teaching / Lab Assistant Experience:
Michigan Technological University
Cybersecurity, Teaching / Lab Assistant
Information Governance and Risk Management, Teaching / Lab Assistant
CyberHusky, Teaching / Lab Assistant
Server Cluster for Michigan Technological University's College of Computing
As a Graduate Project, led the design, configuration, and implementation of a high-performance, highly available server cluster to support the Cybersecurity and CNSA programs
Utilizing the Proxmox Hypervisor and TrueNAS Scale, successfully clustered and configured 21x servers, using management tools like TrueCommand, NetBox, Ansible, and Cloud-Init to automate tasks and optimize cluster performance
Created comprehensive documentation for cluster maintenance, ensuring long-term reliability
Significantly improved the Cybersecurity and CNSA program's capabilities through the development of a robust and scalable server infrastructure, resource optimization, and high availability
Technical Skills
Security Operations & Threat Management:
SIEM (Wazuh, Sentinel) • EDR/XDR • SOAR • IDS/IPS • Firewall Management • Threat & Vulnerability Management • Vulnerability Analysis & Scanning • Penetration Testing & Exploitation • Patch & Vulnerability Management (Tenable Nessus) • Incident Response & Digital Forensics • User Security & Insider Risk Management
Network & Infrastructure Security:
Network Security & Configuration (TCP/IP, Routing) • DNS Management & Proxies • Single Sign-On (SSO) & Identity Management (OAuth, SAML 2.0) • Reverse Proxy Security (Traefik with Authelia for SSO, NGINX Proxy Manager) • DDoS Mitigation & Web Application Firewall (WAF) • Cloudflare Security (DNS protection, bot blocking, geo-fencing, rate limiting)
Cloud, Compliance & Operating Systems:
Microsoft Azure & Active Directory Security • Windows/Linux Security • Azure Security (Sentinel, Purview, DLP, Logic Apps, KQL) • Cloud Security & Concepts (Azure, GCP) • Compliance & Governance (GRC, Communication Compliance, NIST) • MITRE ATT&CK & NIST CSF/RMF • OWASP & TTPs
Virtualization & Containerization:
Proxmox Virtualization • Docker Swarm • LXC Containers • High Availability (HA) & Network-Attached Storage (NAS) • Hypervisors & Server Security
Automation & Scripting:
BASH, PowerShell, Python
Offensive Security & Analysis:
Nmap • Burp Suite (PortSwigger) • Wireshark & PCAP Analysis • Active Directory Exploitation & Enumeration • Capture The Flag (CTF) Competitions & Red Teaming • Open Source Intelligence (OSINT) • Steganography & Cryptography
Monitoring, Logging & Documentation:
Log & Data Analysis • Security Information & Event Management (SIEM) Tools • Syslog Server Integration (Wazuh Agent Log Correlation) • Uptime & Downtime Monitoring • Technical Documentation
References
American Systems
2025
"Andrew was an incredible person to work with. I would define Andrew as someone who is hard-working, takes initiative, and can solve problems. There have been numerous times when Andrew went out of his way to see a problem and then fix it accordingly without anyone directing him to do so. His technical skills, alongside of these intangibles make him incredibly easy to work with. When working alongside Andrew, he always has fresh ideas on how to tackle different issues. One of the qualities that made Andrew special, was that he not only came up with ideas, but every idea could be broken down into logical and actionable steps. Additionally, he has shown a proven capability in incident response and a mastery in scripting (Automation included). I have meet very few people with the technical skills and intangibles that Andrew possesses.
Lastly, I would like to say that Andrew's character is second to none. His attitude is always positive and did an excellent job working with others. He is a team player and puts others first. Skills aside, his priority is always on improving the team he is a part of and this made him an invaluable member of the Security Operations Center Team. It was an absolute privilege to work alongside him."
American Systems
2025
"I hired Andrew right out of College with a need for someone to come and hit the ground running. Andrew exceeded all expectations and quickly learned many different tools we used in the CyberOps. As the CyberOps Manager, I was able to give him task and know they would get done on time and get done efficiently. I started given him IT projects to manage and he excelled by staying on top of the projects and keeping management updated on status. Andrew contributions significantly improved the Cyber Security of the company. I would gladly work with Andrew again and highly recommend him for any Cyber Security position."
Michigan Technological University, Associate Chair - Department of Applied Computing
2024
Michigan Technological University
2024
"I had the pleasure of teaching and mentoring Andrew Martin in my course: Blockchain Fundamentals and Applications. In my course, Andrew demonstrated exceptional analytical skills and a keen understanding of complex cryptographic algorithms and security protocols. I also had the opportunity to witness Andrew’s problem-solving abilities during practical project assignments. His innovative thinking and creative approach are invaluable in finding unique solutions and applying theoretical knowledge to real-world challenges. I have been consistently impressed by Andrew’s academic prowess, dedication, and passion for the computing and cybersecurity industry, and I would highly recommend him to potential employers."
Universal Music Group, Senior Manager - Identity & Access Management
2023
"Andrew worked for me during his summer internship in 2023. He was a consummate professional, always looking for more ways to contribute to the team. He delivered requests quickly and took on tasks that were sometimes challenging and/or tedious without hesitation or complaint. I truly enjoyed working with Andrew over the last several months and would recommend him for virtually any entry-level position in Cybersecurity."
Level Data Inc., President
2022
"Andrew worked for us at Level Data. He is very bright, talented, curious, and eager to learn. He was always willing to take on new projects. He is a perfectionist who loves new challenges. Andrew’s fantastic communication and interpersonal skills make him exceptional and allow him to stand out from his peers. Andrew has an incredibly bright future and will be a great asset to any organization lucky enough to have him as an employee."