By day, this mild-mannered blue hat researcher works at Idaho National Laboratory and specializes in defensive, security engineering research and threat response. She bounces back and forth between security research (telecommunications, IT, and ICS/OT) and security operations (incident response, threat management, risk analysis & remediation, vulnerability management, secure code development, cloud security, and security architecture) to prevent boredom from setting in. She has trained a number of IACS/OT incident response teams including the DHS and DOE CERTs, contributed to IACS/OT security standards, worked on hundreds of incidents, worked in all 16 critical infrastructure sectors, and has a patent for efficient attack path selection and risk analysis.
At night—well, late afternoon–the socially bereft side REALLY comes out. She follows the dark path of threat research in her free time—reviewing new trends in attack techniques, developing threat detection plans for her favorite malware, examining the halo effects in exploit development, and analyzing the 2nd-payloads in IACS/OT attacks. She may occasionally support the odd red team effort by speculating on those factors necessary for effective target development and forcing the introverts to communicate.