I am a cybersecurity professional dedicated to continually expanding my defensive and offensive skillsets in order to provide as much value as possible to my team and the clients I serve.
My definition of professional success is consistently exceeding clients' expectations and being a valued member of my team. I strive to cultivate a same-team feeling and rapport with clients, listen for and promptly address client needs, and respond to security alerts to the fullest appropriate extent, leaving clients delighted with the level of service and support they are receiving. I want to personally be part of the reason why a client decides to renew their contract!
I also maintain a blog section to document my technical writing processes that help me better understand security concepts and solidify my understanding of new material.
Travis Conner
BA, CSAP
Director of Operations and Event Space for SecKC
US Army Combat Veteran
Job Experience
Security Alignment Engineer @ Onsite Logic
Security Analyst @ Foresite Cybersecurity
Data Center Technician @ DataBank
Federal Security Contractor
US Army Team Leader
Technical Skills
EDR/XDR platforms: Crowdstrike Falcon, SentinelOne, Cortex XDR, Carbon Black, Provision Open XDR, Microsoft Defender for Endpoint
Elasticsearch, Logstash, and Kibana (ELK)
Firewalls (basic familiarity): Palo Alto NGFW and Panorama, Fortigate, SonicWall
Configured and Implemented: Duo, Keeper password manager, Graphus email security solution, integrated firewalls with SIEM
Comfortable with: Linux, Active Directory, Azure
Basic Competence in: Python, Bash Scripting
Basic Competence with tools used for Active Directory exploitation, penetration testing, vulnerability assessment, and network security testing such as: LDAP Enumeration, Nessus, Burp Suite, Bloodhound, Nmap, Metasploit, and more
Learning: Malware Analysis, Digital Forensics and Incident Response (DFIR), and more - always more :)
Completed Projects
Built cloud-based SOC Home Lab. I spun up an Elasticsearch and Kibana instance, two servers–Linux SSH & Windows RDP, and installed Elastic agent on both servers to push data into Elasticsearch. I created alerts and dashboards for brute force activity towards SSH and RDP, along with identifying a common C2 framework called Mythic. I spun up my own ticketing system (osTicket) and integrated it into my tech stack, and integrated Elastic EDR to isolate my Windows host that I infected with malware.
Certifications
CompTIA CySA+
CompTIA Security+
CompTIA Network+
CompTIA A+
CompTIA IT Fundamentals+
Completed Trainings
30-Day SOC Analyst Challenge | MyDFIR
Cyber Threat Hunting Level 1 | Active Countermeasures
SOC Core Skills V2 | Antisyphon Training
Getting Started in Security with BHIS and MITRE ATT&CK V2 | Antisyphon Training
So you want to be a SOC Analyst? | Eric Capuano
Practical Junior Penetration Tester | TCM Security
AD hacking techniques to avoid EDR flagging | Eric Kuehn | Antisyphon Training
Events Attended
InsomniHACK @ H&R Block Headquarters 2024
BSides KC 2024
SANS Holiday Hack Challenge 2023
Favorite Industry Professionals
Gerald Auger, PhD | Simply Cyber | The most fun person in cybersecurity today. Gerry is super inclusive, puts a smile on all of our faces every morning, and has over 20 years of experience in the field of cybersecurity.
Tyler Ramsbey | @TylerRamsbey | Tyler is a penetration tester with a refreshingly buoyant attitude and ethos toward life I admire very much. He gives back to the community in several ways and is the type of person any organization would be lucky to have work for them.
John Strand | Black Hills Information Security and Antisyphon Training | John is incredibly smart and inclusive; and as a lover of the Humanities, I thoroughly enjoy how he sprinkles in lessons and perspectives from philosophy, psychology, history and other disciplines to add another level of richness to the material.
Heath Adams | TCM Security | Heath offers certifications and training that is 100% practical and doesn't include multiple choice questions on exams. The training is high quality and affordable, and I've taken several of his courses, and I'd recommend them to anyone looking to level up their knowledge of security operations, pen testing, digital forensics, GRC, malware analysis, and more.
Jack Rhysider | Darknet Diaries | IYKYK. This is the podcast when it comes to cybersecurity. Jack's stories cover the entire spectrum of the field, and each one could be a feature-length movie. Hands down some of the most interesting and fascinating stories I've ever heard, cybersecurity or otherwise.
Graham Helton | Red Team Specialist at Google | Graham gave an excellent talk at the Snake Oil Summit about creating your own learning plan and thinking beyond the notion that certifications are the only way to show competence in a subject. He also converted me to using Obsidian as a highly effective note-taking tool.
Leadership Experience
Current Director of Operations and Event Space for SecKC - a monthly cybersecurity meetup that hosts a "community of awesome hackers, makers, builders, and breakers."
Facilitated a career advancement and leadership group that met regularly where I helped others with networking strategies, public speaking, rewriting their professional story, resume analysis, pivoting into a new career field, branding, skill development strategies, interview preparation, defining professional goals, developing realistic action plans, and providing accountability and mentorship.
Former Toastmasters President of Olathe Sunrise Speakers club
Gun Team Leader, Kandahar, Afghanistan | US Army
Elected Student Senator and Neighborhood Committee member at Rockhurst University
Facilitated discussions between high school students regarding socioeconomic disparities in the Kansas City metro area for Rockhurst University
Education
Rockhurst University | Bachelor of Arts in Psychology | 3.97 GPA
Johnson County Community College | Associate of Science in General Sciences | 4.0 GPA