# Jonathan Wiggins > Adversarial Engineer Location: San Francisco Bay Area, United States Profile: https://flows.cv/jonathanwiggins Jonathan is a curious security enthusiast, penetration tester, tinkerer, with over 20 years of technical experience. He has spent the last 9 years managing, securing, and breaking into network infrastructure, web applications, servers, and workstations. In addition to leading internal Bug Bounty, Purple Team, and Pentesting programs, he has direct experience pentesting medium to large organizations in Network, Active Directory, Azure/AAD, Web Application/API, and social engineering engagements. In addition to participating in online CTF platforms like HackTheBox, he expands his knowledge through PentesterAcademy, BHIS, eLearnSecurity, PentesterLab, Offensive Security, Zero-Point Security and various Discord communities. * 2006 Time Magazine Person of the Year * Dedicated, Due Diligent, and Mission Orientated Team Member and Leader * GIAC Advisory Board & FBI InfraGard Member * Relentless Pursuit of knowledge/Leveling-Up * Anything worth doing, is worth over-doing ::: 15+ years on Blue team, started down/switched the Offensive Security path circa 2016 (OSCP=WIP) ::: ## Work Experience ### Adversarial Engineer @ LARES Jan 2023 – Present ### Security Consultant @ NCC Group Jan 2022 – Jan 2023 | Terra Firma Security Consultant at NCC ### Sr. Security Engineer @ Five9 Jan 2018 – Jan 2022 | California, United States • Performs internal network and red team assessments against Active Directory & Azure AD infrastructure • Performs external network assessments against public, internet facing infrastructure • Led & Established Purple Team program, using ATT&CK framework, and Atomic Red Team as guidance, and a variety of tooling to accomplish desired efforts • Spearheaded Enterprise Deception initiatives using 3rd party service as well as organically designed methods within Active Directory infrastructure • Trains others on the team to teach them pentesting strategies and methodologies • Launched Web Application product Bug Bounty & Vulnerability Disclosure Program from the ground up • Collaborate with researchers and internal departments to facilitate vulnerability remediation, as well as Threat Modeling risks to ascertain true impact ### Cyber Security Consultant @ private Jan 2018 – Jan 2018 | remote • Technical consulting lead on multiple client engagements, across various industry verticals (medical, manufacturing, semiconductors) • Full technical scoping for each client to ensure target environment's hosts and applications were properly aligned with client objectives • Led complete build-out of tiered email phishing platform to facilitate social engineering campaigns against the client's employees • Internal and External vulnerability assessments, as well as penetration testing on Internal and External systems • Co-managed internal wireless assessment to provide baseline security perspectives and harden wireless infrastructure. • Conducted post-mortem briefings to facilitate client's understanding of risks and threats, and how to being vulnerability remediation in a prioritized approach ### InfoSec Engineer @ Chevron Federal Credit Union Jan 2013 – Jan 2018 | Oakland • Introduced ATT&CK framework to assist in designing and implementing relevant Threat Detection content, aligned with TTP's, into SIEM configuration rules • Conducted network, system, and application vulnerability assessments using open source and commercial tools • Conducted quarterly phishing assessments to reduce "click rate", and drive Security Awareness efforts. • Participated in "Cyber Lunch & Learn" sessions at Chevron Corporate offices • Established, and assisted in maintaining visibility into security incident & alerting, network monitoring, capacity planning, and network security assessments using various commercial tooling • Led multi-datacenter firewall migration, followed by 6 month of security policy cleanup resulting in 65% overall reduction of rules • Introduced various Threat Prevention technologies: DNS Sinkhole, cloud-based malware sandboxing, Layer 7 Application/Content Inspection • Participated in ISC, FS-ISACA, & FBI-Infragard chapters ### Network Security Consultant @ Taos Jan 2013 – Jan 2013 | Redwood City, CA Working with client on project involving network re-design & architecture comprising of fully-redundant data centers utilizing a handful of solutions, mainly: Cisco Nexus 3/6K's with FEX, F5 Load-Balancing via GTM/LTM solution, and Checkpoint 4800's using ClusterXL/HA. Dual-homed ISP w/MPLS to each site. ### IT System & Network Engineer @ LesConcierges Jan 2010 – Jan 2013 Daily System & Network Operations in heterogeneous environment supporting 24/7 contact center operations. ### IT System Engineer/ Network Admin @ Salon Media Group Jan 2007 – Jan 2010 ### IT Systems Engineer @ Nielsen Mobile Jan 2002 – Jan 2007 | San Francisco Bay Area Member of 3-person System Engineering Operations team managing San Francisco based data center operations. ## Education ### Bachelor of Arts (B.A.) in History & Anthropology University of South Alabama ### John S. Shaw High ## Contact & Social - LinkedIn: https://linkedin.com/in/jdubbz - Portfolio: http://www.lifeandalens.com --- Source: https://flows.cv/jonathanwiggins JSON Resume: https://flows.cv/jonathanwiggins/resume.json Last updated: 2026-04-11