Derek Jones

Derek Jones

Professional Cybermonger

CV

Professional Summary

❯ cat ~/whoami.txt
Derek Jones (TS/SCI + CI Poly) is a distinguished professional in cybersecurity, blending a rich background in cyber operations with strategic expertise. His career is marked by accomplishments in advanced project management, strategic cyber operations advising, and technical proficiency in Python and C programming. Derek excels in developing covert communication networks and has a deep understanding of threat intelligence analysis. His skills extend to sophisticated systems exploitation, automated data processing, and strategic asset procurement. His comprehensive approach to operations security management underlines his ability to handle complex, sensitive security challenges, making him a valued leader and innovator in the field.

Skill Domains

Technical Skills
# Python and C Programming
# Covert Communications and Secure Network Systems Architecting
# Systems Exploitation Techniques
# Automated Data Processing and Management

Strategic and Operational Skills
# Project Management and Coordination
# Strategic Cyber Operations and Engagement Advisory
# Threat Intelligence and Analysis
# Asset Procurement
# Operations Security and Threat Surface Management

Professional Experience

2023 - Current
Technical Lead, Maritime Systems Research
Kudu Dynamics LLC.
# Researched and suggested remediations for novel attack vectors.
# Created targeted Supervisory Control and Data Acquisition (SCADA) Threat Representative Network (TRN) for attack vector remediation testing.
# Developed C-based Windows stage 0 implant/loader and Python based API/C2 server for attack vector remediation testing.
# Generated various proof-of-concept demonstrations for CVE-2021-40444, MS10-046, and CVE-2020-1299.
# Architected various batch and powershell scripts to enumerate forensic artifacts and system configuration to assist in programmatic vulnerability analysis.
# Performed board-level chip removal and data retreival.
# Briefed executive-level customers during quarterly program reviews (QPRs).
# Integrated other program performer’s capabilities into our own CI/CD pipeline.

2020-Current
Cyber Operations and Intelligence Consultant
Self-Employed
# Advised end-users on operational strategy and capabilities.
# Collected high-equity capabilities for customers.
# Processed and verified high-priority data for rapid, real-time consumption.
# Maintained world-wide points of presence for secure data access.
# Provided no-cost access to various credential leak databases to allow end-users to credential compromise.
# Architected various secure cloud networks.

2022 - 2023
Technical Lead, Data Acquisition and Analytics Division
Kudu Dynamics LLC.
# Architected and engineered global data analytics system.
# Stood up multi-faceted logistics and purchasing team.
# Created Standard Operating Procedures (SOPs) for logistics, development, acquisition, and analysis.
# Provided rapid reaction penetration testing and remote administration capabilities.
# Orchestrated and facilitated multi-state and multi-organization Operational Readiness Exercises (ORE’s).
# Developed WireGuard-based system administration overlay mesh orchestration system.
# Extended current network scanning capabilities (nmap, zgrab2, zmap) to function within operational constraints.

2020 - 2022
Principal Investigator (Program Lead), Hardware Division
Kudu Dynamics LLC.
# Led vulnerability assessment of United States Space Force’s Space Domain Awareness System utilizing System Theoretic Process Analysis for Security (STPA-Sec).
# Developed novel method to passively identify and fingerprint IoT devices in close access operations.
# Performed vulnerability research and analysis against embedded devices and software.
# Integrated with customer organizations to provide capability and development support.
# Created embedded device emulation automation framework that currently emulates 200+ IoT devices.
# Weaponized proof of concept scripts and facilitated integration into exploitation frameworks.
# Performed business development and engagement with local and remote customers.
# Provided executive and technical demos as well as capability on-boarding assistance for DoD customers.

2018 - 2020
Technical Lead, Special Applications and Rapid Capability Development Team
United States Air Force
# Developed various Threat Representative Networks (TRNs) to support various offensive operations teams in mission planning and rehearsal.
# Created and taught The Advanced Cyber Threat Emulation Course to Air Force Enterprise Red Team.
# Acted as malware re-utilization SME for Air Force Enterprise Red Team.
# Lead researcher for counter-information warfare development group, created exploits against nation-state malware server systems.
# Coordinated hardware analysis and exploitation against routers, switches, VOIP phones, and vehicle computer systems.
# Managed development of quick-turn access/manipulation against various Industrial Control Systems (ICS) devices.
# Directed development of critical infrastructure cyber-physical industrial control system model and provided training and operational rehearsal for national cyber protection and attack teams.
# Developed novel attacks against an Industrial Control Systems mock up to enable National Cyber Protection Teams to gain experience defending against non-traditional network attacks.
# Led RF engineering research and development in support of various live-virtual-constructive environments utilized by cyber protection and attack teams.
# Developed industrial control system attack platform to facilitate scripted training of customers, reducing red team operations enablement time by 50%.

2017 - 2018
Cyber Warfare Operator
United States Air Force
# Hand selected for NSA Remote Interactive Operations Training (RIOT) Program.
# Spearheaded three-person industrial control system operations purple team to provide realistic training and familiarization DoD Cyber Protection Teams, saving $100K in training costs annually.
# Reverse-engineered bleeding-edge nation-state advanced persistent threat malware to be used in training exercises, providing teams with realistic scenarios.

2014 - 2017
Electronic Warfare Technician/I.T. Systems Manager, E-3 Sentry
United States Air Force
# Administered and maintained various electronic attack, support, and protection systems.
# Programmed and operated Link-11 and Link-16 TDLs.
# Administered and maintained the E-3 Sentry’s (AWACS) primary mission computing system.

Education

# 2017: Associate of Science: Avionics Technology, Community College of The Air Force, Montgomery, AL
# 2018: Associate of Science: Cyber Security, Community College of The Air Force, Montgomery, AL

Certifications

# Title 10/50 Cyber Capabilities Developer (CCD)
# USAF Cyber Warfare Operator
# GIAC Certified Forensic Analyst
# Comptia Pentest +
# Comptia Security +
# Comptia Network +
# Comptia A +
# E-3B/C/G System Administrator

Courses

# Linux Kernel Internals and Development (LFD420) - Linux Foundation
# Wireless Penetration Testing and Ethical Hacking (SEC617) - SANS
# Advanced Penetration Testing, Exploit Writing, and Ethical Hacking (SEC660) - SANS
# Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) - SANS
# Certified Kubernetes Administrator - A Cloud Guru
# AI Programming with Python - Udacity
# Advanced Cyber Operations TrainingB - Root9B
# Cyber Protection Team Initial Qualification Training - USAF
# Undergraduate Cyber Training/Cyber Warfare Operations Training - USAF
# Behavioral Malware Analysis - Focal Point Academy
# Embedded Device Exploitation - Raytheon
# U.S. CYBERCOM Capabilities Developer - USCC
# Industrial IOT Exploitation - Blackhat

Keywords

Enterprise Network Penetration Testing, Assessments, Alternate Tradecraft, APT/Threat Emulation, OSINT Aggregation, Phishing and Deception Campaigns, Operations Planning, Rapid Capability Development, Remote Workstation Administration, Network Device Configuration, Operation Deconfliction, Systems and Program Reverse Engineering, Malware Co-option, Source Code Analysis, Supply Chain Exploitation, Software Analysis, Web Application Exploitation, APT Cyber Operations, Systems Exploitation, IoT Analysis and Exploitation, CWE Analysis, Networking (TCP/UDP/Raw Socket), Programming, C2/Client Protocol Creation, Turnkey Close Access Solutions, Automated Network Generation, VPN Mesh Creation, Managed Attribution, Airflow Task Creation, Prefect Task Creation, Hashicorp Stack Integration, Database Management, Secrets Management.