$ whoami
Ken Brigham — Security Engineer
$ focus --areas
Cloud Security · DevSecOps · Detection & Response · Automation
$ clearance --status
U.S. government — sponsored, in adjudication
$ contact --method=email
kenbrigham777@gmail.com
$ _
Selected Work
Grouped by capability so each piece of work speaks to a specific part of the security engineering stack.
SOC tooling, telemetry pipelines, host artifacts, and adversary tradecraft.
Offline desktop app for rapid system diagnostics — real-time monitoring, host artifact collection, and JSON export for handoff to IR teams.
A working personal SOC built on Azure Monitor, Log Analytics, and Sentinel — ingesting telemetry from a home lab and detecting simulated threats end-to-end.
Red-team PoC creating polyglot WAV+Python files that play audio but execute encrypted payloads when run as scripts.
Blue-team training notes and lab walkthroughs from the TryHackMe SOC Level 1 path — SIEM, threat intel, and IR fundamentals.
IaC, hardened workloads, and AWS-native automation patterns.
Production-style Node.js 3-tier app deployed to AWS Fargate with PostgreSQL and an ALB — fully provisioned via Terraform with Docker containerization.
A Go-based CLI tool that detects configuration drift between Terraform-managed infrastructure and live AWS resource state.
Backup management for EBS snapshots using EventBridge and Lambda — with audit logs and cleanup automation.
Serverless AWS pipeline that triggers processing on file upload with autoscaling — no idle compute.
Hardened pipelines, security gates, and platform-level automation.
GitHub Actions pipeline integrating Trivy, Checkov, Bandit, and OWASP Dependency-Check with SARIF reporting to GitHub Security.
Terraform deployments at scale using Azure DevOps, Service Principals, and secured CI/CD pipelines.
OpenAI Chatbot UI deployed with Jenkins, EKS, and Terraform — built with DevSecOps practices baked in.
Containerized Flask microservice deployed on EKS with a live Swagger UI for API interaction.
LLM tooling and adversarial AI tradecraft.
An LLM-powered app that translates technical jargon to plain English and back, built on Amazon PartyRock / Bedrock.
Joint HackTheBox & Google credential covering adversarial ML, prompt injection, model evasion, and AI system attack surfaces.
Verified Credentials
30+ industry certifications across security, cloud, and DevOps.
CompTIA — Aug 2024
CompTIA — Feb 2025
AWS — Mar 2025
Google — Apr 2025
HackTheBox + Google — May 2025
Microsoft — Mar 2025
AWS — Mar 2025
Google — Apr 2025
Google — Nov 2023
Fortinet — May 2025
Fortinet — May 2025
Fortinet — May 2025
Infosec — May 2025
Infosec — May 2025
IBM — May 2025
IBM — Apr 2025
NVIDIA — May 2025
Databricks — Apr 2025
Databricks — Apr 2025
SCRUMstudy — Apr 2025
SCRUMstudy — Apr 2025
Atlassian — May 2025
SkillFront — Apr 2025
Coursework & Programs
The Wharton School, UPenn — May 2025
University of Colorado, Colorado Springs — June 2025
Darden School of Business, UVA — May 2025
Duke University — May 2025
Whiting School of Engineering, JHU — June 2025
Whiting School of Engineering, JHU — May 2025
UC Davis — May 2025
University of Helsinki — May 2025
University of Helsinki — Apr 2025
Get in touch
Open to remote and hybrid security engineering roles — particularly where cloud, DevSecOps, and automation intersect.