John Headley

SKILLS

SECURITY ARCHITECTURE & ENGINEERING

SECURITY ASSESSMENT & COMPLIANCE

NETWORK SECURITY & ENGINEERING

SECURITY OPERATIONS (BLUE TEAM)

CLOUD SECURITY & ENGINEERING

IDENTITY & ACCESS MANAGEMENT

EXPERIENCE

VPLS

Sr. Security Engineer | July 2020 – Present

Solutions Engineer | Nov 2018 – July 2020

FORTINET

Technical Account Manager | Sep 2018 – Nov 2018

Technical Support Engineer III | Feb 2018 – Sep 2018

Technical Support Engineer II | Mar 2017 – Feb 2018

Technical Support Engineer I | Sep 2015 – Mar 2017

GENERAL MOTORS

Data Center Network Engineer | June 2014 – Aug 2015

Network Operations (NOC) Engineer II | June 2013 – May 2014

SEMINOLE ELECTRIC

System Operations Intern | May 2012 – May 2013

TECHNICAL WRITING

CERTIFICATIONS

ISC2

FORTINET

CISCO

AWS

COMPTIA

Let's collaborate

If you’d like to discuss an idea or project you are working on, have a question related to cybersecurity, or just want to connect over common interests, please reach out to me and get the conversation started.

PROJECTS

OPEN SOURCE DEVELOPMENT (2019)

Contributed to the open source firewall project OPNsense, which started as a fork of pfSense
Used Git and GitHub to code collaboratively using modern software development methodologies
Contributions were mainly in PHP:

VULNERABILITY DISCOVERY (2019)

Discovered and responsibly disclosed Fortinet FortiGate firewall medium severity bypass vulnerability
This vulnerability allows an attacker to bypass FortiGate’s DNS filter by using DNS over HTTPS (DoH)
Credit for the disclosure received in Fortinet KB article FD45370

PATCHBOX (2016)

PatchBox, endorsed by the National Psoriasis Foundation, was a subscription box service my co-founder and I created to provide monthly non-prescription relief for psoriasis
My co-founder and I bootstrapped PatchBox and were responsible for all aspects of the business until ultimately selling it via online auction
Although the website is now gone, our archived interview with the National Psoriasis Foundation can be read here

ITT TECH INSTRUCTOR (2015)

Hired by the now-defunct ITT Technical Institute as an Adjunct Instructor, I taught a software development course on social networking
I gave lectures, facilitated labs, conducted discussions, and assigned and graded assignments
Students’ final project was building and hosting a blog using the WordPress platform that was required to interact with various social network APIs

John Headley

SKILLS

SECURITY ARCHITECTURE & ENGINEERING

SECURITY ASSESSMENT & COMPLIANCE

NETWORK SECURITY & ENGINEERING

SECURITY OPERATIONS (BLUE TEAM)

CLOUD SECURITY & ENGINEERING

IDENTITY & ACCESS MANAGEMENT

EXPERIENCE

VPLS

FORTINET

GENERAL MOTORS

SEMINOLE ELECTRIC

TECHNICAL WRITING

Do We Need Our Own SOC?

An Engineer’s Perspective on Managed Firewalls

How to Prevent Ransomware – A Technical Checklist

CERTIFICATIONS

ISC2

FORTINET

CISCO

AWS

COMPTIA

Let's collaborate

PROJECTS

OPEN SOURCE DEVELOPMENT (2019)

VULNERABILITY DISCOVERY (2019)

PATCHBOX (2016)

ITT TECH INSTRUCTOR (2015)

CONTACT

LinkedIn

johnaheadley@gmail.com

GitHub

Orange County, CA