EXPERIENCE

pentaROOT Information Security

Founder/Consultant, 2018 – Present

  • Founder, operator, and information security consultant
  • Provides services in vulnerability management, automation, security architecture, and penetration testing
  • Current clients include multiple Fortune 500 companies in technology, manufacturing, and healthcare
  • Recent work includes being tasked to lead teams of more than 10 employees, build vulnerability management programs from scratch, and implement governance and compliance programs
  • Additional services offered as needed such as a technical contact for post-testing remediation and training for internal employees

 

Banner Health

Information Security Consultant – Vulnerability Management/Penetration Tester, 2016 – 2018

  • Created and maintained all policies, procedures, and runbooks surrounding vulnerability management, asset identification, vulnerability remediation, vulnerability assessments, and penetration testing adhering to government regulations and HIPAA compliance
  • Conducted routine testing on more than 140 externally facing devices; ad-hoc testing internally and for 3rd party applications
  • Lead and coordinated with all 3rd party penetration testing efforts including contracting, scoping, rules of engagement, testing, and reporting
  • Lead nine teams in remediation projects following vulnerability identification from vulnerability management program, internal penetration testing, and 3rd party penetration testing
  • Created executive and technical reports on penetration testing, vulnerability findings, and recommendations presented to executive management throughout multiple stages of the lifecycle

 

SurgCenter at Pima Crossing

Network Administrator, 2014 – 2016

 

Valley Pain Consultants

IT Support Specialist, 2014 – 2015

 

Albion Psychological Associates

System Administrator, 2013 – 2014

 

Pinnacle Security

Tech Support Supervisor, 2009 – 2013

 

APX Security

Lead Technician, 2005 – 2007

 

TECHNICAL SKILLS

  • Programming: Bash, C, C++, Java, Javascript, .NET, Perl, PHP, PowerShell, Python, Ruby, Visual Basic
  • Software: Archer, Burp Suite, Core Impact, FireEye, GitHub, McAfee, Metasploit, NetBrain, Rapid7 Nexpose/InsightVM, Tenable Nessus, Qualys, RedSeal, SafeNet, ServiceNow, Splunk, Wireshark, ZAP
  • Systems: Unix, Linux, Windows, Macintosh OS

 

 

EDUCATION

Indiana University – Currently Enrolled

Master of Business Administration – MBA, Concentration in Business Analytics

University of West Georgia

Master of Science, Applied Computer Science

University of Utah

Bachelor of Science, Psychology

 

CERTIFICATIONS

Offensive Security Certified Professional – OSCP

Offensive Security

GIAC Penetration Tester – GPEN

Global Information Assurance Certification

Security+

CompTIA

Nexpose Certified Administrator, InsightVM Certified Administrator, Advanced Vulnerability Management Certified Administrator

Rapid7

Internet Security, HIPAA Security

Brainbench

 

Joshua Lemon Resume – Word

Joshua Lemon Resume – PDF