Daniel Hückmann daniel.huckmann@gmail.com linkedin.com/in/dhuckmann @sanitybit | Summary Portland based independent security researcher with 8 years of experience in the field of information security. I’m currently seeking roles that will allow me to further develop my skills in penetration testing or security operations. Experience Security Researcher, Intel CorporationHillsboro OR — March 2011 - September 2012Developed threat models, performed vulnerability assessments, and wrote test cases for "high risk" features of Intel CPUs (Haswell & Broadwell). Workflow involved heavy use of RTL (VHDL-like) and µASM (micro-architecture instructions), some ASM, and various scripting languages. Worked with other product groups within Intel to help them define security requirements and best practices for their products. Attended security conferences on behalf of Intel's emerging threats group for the purpose of information gathering, professional networking, and recruiting. Organized a weekly lunch to bring together various members of the Intel security community and provide a forum for informal discussion of security topics. Security Researcher, Sophsec Intrusion LabsPortland, OR — February 2007 - March 2011Provided supporting research and QA for various member projects (chronologically sorted): libomg - A Proof-of-Concept (PoC) project demonstrating the potential use of social networks for covert communication, specifically for botnet command & control. seedsofcontempt - Contempt is a framework for designing visual representations of data obtained in a penetration test. Ronin - a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits, Payloads, Scanners, etc, via Repositories. Systems Administrator, LanMark Inc.Portland, OR — March 2006 - December 2008Designed, implemented, & managed all aspects of a 60 host mixed environment network for a medium sized business. Wrote custom kiosk software to lock down & maintain the integrity of public access terminals. Managed a Windows 2003 Active Directory server. Deployed a BSD router/firewall with dual WAN load balancing & QoS. Organizations Editor-in-chief, reddit.com/r/netsecMarch 2011 - September 2012/r/netsec is the oldest and largest information security community on Reddit, and in recent years has grown to be the largest aggregator of quality security news and technical content. In November 2010 I assumed full editorial control over the community and enacted stringent content guidelines that prioritized quality over quantity. Since then /r/netsec has grown to roughly 90k registered subscribers (a ~500% increase per year) & now receives over half a million page views per month. In addition to news and technical writeups, /r/netsec also hosts regular employment threads for job seekers and employers, town hall style Q&A sessions with industry experts (AMA), and recently started an informational thread for academic institutions with strong information security programs. Publications WiMAX Hacking ReduxIntel Security Conference — November 2010Invited to present WiMAX research at Intel’s internal security conference. WiMAX Hacking 2010DEF CON 18 — August 2010The culmination of 2 years worth of research; discussed the security vulnerabilities discovered in the first US 4G mobile network (Clear/Sprint WiMAX.) Video Recording: https://vimeo.com/14951004 Education Portland Community CollegeAssociate of Science — 2009 - 2010Pursued an associates degree with a focus on psychology. Made the Dean’s list with a 3.8 culmative GPA. Left to pursue a career opportunity. References Available upon request. |
