R. FRAMIÑÁN

Back to home

RYAN P. FRAMIÑÁN

PROFESSIONAL OBJECTIVE

Dynamic cybersecurity professional with deep expertise in offensive and defensive security operations. Skilled in simulating adversarial tactics, leveraging system and network telemetry, and collaborating across teams to enhance organizational defenses. Passionate about bridging the gap between red and blue teams to develop innovative security strategies, mitigate threats, and mentor future security professionals.

JOB HISTORY

Security Engineer, Red Team

Standard Industries, New York, NY
January 2024 – Present

  • Designed and executed assumed breach and unannounced red team engagements, enhancing detection and response capabilities across Standard Industries and its subsidiaries
  • Partnered with Blue Team on MITRE ATT&CK-driven Purple Team assessments, focusing on adversary tactics, techniques, and procedures (TTPs)
  • Built and automated Command & Control (C2) infrastructure using React and Golang, including team servers and HTTPS redirectors
  • Conducted Active Directory attack path mapping, identifying vulnerabilities for lateral movement and privilege escalation
  • Authored internal documentation and training materials on red/purple team methodologies, enhancing team knowledge-sharing efforts
  • Acted as a subject matter expert in initial access vectors, evasion tactics, and Windows security mechanisms to support organizational security improvements

Senior Information Security Associate, Threat

Tevora, Irvine, CA
March 2021 – December 2023

  • Executed offensive security projects, including red team, purple team, and various penetration tests (external, internal, cloud infrastructure, web application, and social engineering)
  • Conducted adversarial threat simulations to provide actionable insights for improving security controls
  • Developed and presented comprehensive technical findings and executive reports, identifying strengths, gaps, and opportunities for stakeholders
  • Demonstrated expertise in tool development and scripting in Golang, C#, and Python for evasive malware testing
  • Designed client-specific phishing emails and pretexts for social engineering campaigns
  • Performed physical penetration tests for high-profile clients, assessing and improving office security practices

EDUCATION

Western Governors University, Salt Lake City, UT
Graduated 2020
Bachelor's of Science in Cybersecurity and Information Assurance

The Georgia Institute of Technology, Atlanta, GA Graduating 2027 Online Master of Science in Cybersecurity

CERTIFICATIONS & TRAININGS

  • SEC699: Advanced Purple Teaming - Adversary Emulation & Detection Engineering
  • GIAC Penetration Tester Certification (GPEN) - September 2023 - September 2027
  • Certified Red Team Operator (CRTO) - May 2023