# Scarlett T. > Software Quality Assurance Engineer Location: San Francisco Bay Area, United States Profile: https://flows.cv/scarlettt Exhibits a strong background in cyber security, including areas such as digital forensics, threat hunting, malware analysis, and threat intelligence. I conduct thorough investigations, gather evidence, and provide actionable recommendations to improve an organization's security. Additionally, I excel at effectively communicating complex technical concepts to both technical and non-technical stakeholders, enabling informed decision-making. Utilizing various EDR platforms for configuration/deployment, query-based threat hunting, and real-time response activities, I perform threat assessments to identify evidence of compromise, assess vulnerabilities, analyze attack vectors, and provide actionable recommendations based on findings and best practices. Lastly, harnessing advanced tools and techniques, I perform deep-dive investigations into security incidents, identifying root causes, compromised systems, and assisting in remediation. ## Work Experience ### Software QA Engineer - Android Security @ Samsung Research America (SRA) Jan 2024 – Present | San Francisco Bay Area Samsung QA Team ### Security Consultant - X-Force Incident Response @ IBM Jan 2022 – Jan 2024 | Canada - Conduct proactive threat hunting assessments by analyzing raw forensic artifacts, endpoint detection events and alerts, and historical enterprise data. - Leverage query-based techniques through advanced EDR technologies to proactively identify and mitigate potential cybersecurity threats. - Analyze digital forensic artifacts such as registry hives, event logs, file system data, internet history, memory data, etc. - Conduct thorough and detailed digital forensic investigations aiming to uncover valuable insights and discern patterns that would help determine the threat actors' timeline of events. - Employ industry best practices to gather and analyze evidence, ensuring the integrity of investigations. - Develop and deliver customized tabletop training exercises tailored for individual clients. ### Security Consultant - Security Strategy, Risk, and Compliance @ IBM Jan 2021 – Jan 2022 | Canada - Successfully contributed to various aspects of security strategy and risk management. This includes creating comprehensive 2-year and 3-year security strategy roadmaps, ensuring long-term alignment with organizational objectives. - Demonstrated proficiency in generating Return on Investment (ROI) graphs, effectively illustrating the security posture improvements of projects or investments based on client goals to increase their security posture in alignment with NIST CSF. - Utilized my analytical skills to develop cost vs. effort graphs, providing valuable insights into resource allocation and optimization. - Honed my executive-level presentation skills, developing and delivering impactful presentations to senior management, ensuring clear understanding and support for security initiatives and effectively communicating potential risks and mitigation strategies to stakeholders. - Managed and executed multiple phishing campaigns for global clients with upwards of 20,000 employees, overseeing the entire process from user group creation to campaign configuration, launch, monitoring, and analysis of results for comprehensive reporting. ### Malware Analysis Student @ Royal Military College of Canada/Collège militaire royal du Canada Jan 2020 – Jan 2020 Coursework required extensive hands on lab work covering a wide variety of malware analysis tasks and techniques: • Thorough analysis of various types of malware using basic static and dynamic analysis techniques followed by advanced static and dynamic analysis techniques. • Analysis tools used included terminal window programs, network activity monitoring, and assembly code analysis and debugging. • Anti-disassembly and anti-debugging techniques were introduced and briefly studied. ### Digital Forensics @ Royal Military College of Canada/Collège militaire royal du Canada Jan 2019 – Jan 2019 • Coursework required bi-weekly labs covering various topics of digital forensics and a final mock investigation to test our skills and knowledge. • Collaborative effort with another student to analyze memory images of Windows and Linux machines. • Identifying evidence and combining findings to determine different types of breaches and attacks that occurred on the machines. • Using knowledge from the course to give a reasonable sequence of events for the attacks discovered. ## Education ### Master of Science - MS in Computer Science Queen's University ### Bachelor of Engineering - BE in Mechanical Engineering & Biomedical Engineering University of New Brunswick ## Contact & Social - LinkedIn: https://linkedin.com/in/scarlett-taviss --- Source: https://flows.cv/scarlettt JSON Resume: https://flows.cv/scarlettt/resume.json Last updated: 2026-03-29