Andrew
Martin
Information Security Engineer with a passion for learning and securing systems. I excel in vulnerability and risk analysis, threat intelligence, and utilizing SIEM and EDR/XDR solutions, effectively securing diverse environments.
Education
Michigan Technological University
M.S. Cybersecurity, Network Security Management
Overall GPA: 3.93
Michigan Technological University
B.S. Cybersecurity, System and Network Security
Overall GPA: 3.77 Departmental GPA: 3.90
Professional Experience
American Systems
Remote
Associate Information Security Engineer
July 2024– Present
Michigan Technological University
On-site
Research Assistant, Cybersecurity
Jan 2024– May 2024
Utilized Node.js, Javascript, CSS, and HTML to develop and implement a secure training platform for cybersecurity students
Developed training modules by analyzing prior real-world cybercrime incidents
Utilized Docker, MySQL, and Google’s OAuth Identity Authentication API to create a secure user management solution for the platform
Universal Music Group
Remote
Intern, Identity Access Management
May – Aug 2023
Worked with Microsoft Azure SSO utilizing SAML and OAUTH
Worked with various departments/applications of Universal Music Group to implement and enforce SSO for security
Collected information and risk criteria from application teams to prioritize SSO implementations
Worked on a project to redesign the intranet website based on internal feedback
Shadowed Identity Access Management Engineers through daily activities
Level Data
Remote
Intern, IT Technician
May – Aug 2020/21/22
Worked directly with customers on urgent, time-sensitive tickets and issues
Utilized Microsoft’s Active Directory, Bitbucket repositories, DBeaver SQL database administration tool, and the IntelliJ IDE
Worked with production code to make changes to connectors and plugins written in Groovy, SQL, YAML, & XML that managed Customers' Student Information Systems* and associated software
Entrusted with unmonitored access to work on Customers’ servers with access to their SIS* containing production software and confidential student and customer information
Certifications
FEMA -National Incident Management System (NIMS) Incident Command System (ICS)
Issued: March 2024
Additional Relevant Experience
Home Lab
Operates a dynamic, resilient home lab environment that integrates virtualization, containerization, network security, and automation to support secure infrastructure management, cybersecurity operations, and service deployment. Utilizes an 8-node Raspberry Pi cluster running a high-availability Docker Swarm with GlusterFS for distributed storage and Keepalived for automatic failover, ensuring both redundancy and load balancing. This platform hosts a range of internal services including monitoring, automation, and network management tools.
At its core, Proxmox manages multiple physical servers with clustering for seamless failover and ZFS-backed storage that guarantees data integrity and high-speed performance. The environment supports diverse virtualized systems, from Linux and Windows VMs to lightweight LXC containers.
A comprehensive network security architecture is in place, featuring a zone-based firewall with VLAN segmentation, a dedicated DMZ for external services, and an IDS/IPS system that leverages deep packet inspection, anomaly detection, and Threat Intelligence ingestion to automatically block malicious IPs. Reverse proxy architecture is handled by Traefik for internal traffic—integrated with Authelia for Single Sign-On (SSO)—and NGINX Proxy Manager (NPM) for external-facing services, providing TLS termination, security filtering, and controlled access.
Security monitoring is enhanced with a SIEM setup using Wazuh; logs are collected via agents and ingested into a centralized Syslog server for advanced correlation, anomaly detection, and forensic analysis. Custom scripts written in Python, BASH, and PowerShell automate log analysis, system health monitoring, backup management, and routine administrative tasks.
External security is further strengthened through Cloudflare, which offers DNS protection, DDoS mitigation, and web traffic filtering. This includes automatic bot blocking, geo-fencing to restrict non-US traffic, rate limiting, and Web Application Firewall (WAF) rules that mitigate known attack patterns. A UPS system ensures power redundancy and continuous monitoring of uptime and downtime, establishing a secure, scalable, and fault-tolerant environment ideal for cybersecurity operations, penetration testing, and infrastructure management.
Capture The Flag Cybersecurity Competitions
Regularly participates in Capture The Flag-styled competitions such as the National Cyber League and JerseyCTF as a part of Michigan Technological University's RedTeam and individually.
Utilizes offensive security tools such as Kali Linux and actively practices a wide variety of penetration testing and vulnerability analysis techniques.
Extracurriculars
Michigan Technological University
Security Team, Networking and Computing Student Association (NCSA)
Michigan Technological University
Member, RedTeam@MTU
Teaching / Lab Assistant Experience:
Michigan Technological University
Cybersecurity, Teaching / Lab Assistant
Information Governance and Risk Management, Teaching / Lab Assistant
CyberHusky, Teaching / Lab Assistant
Server Cluster for Michigan Technological University's College of Computing
As a Graduate Project, led the design, configuration, and implementation of a high-performance, highly available server cluster to support the Cybersecurity and CNSA programs
Utilizing the Proxmox Hypervisor and TrueNAS Scale, successfully clustered and configured 21x servers, using management tools like TrueCommand, NetBox, Ansible, and Cloud-Init to automate tasks and optimize cluster performance
Created comprehensive documentation for cluster maintenance, ensuring long-term reliability
Significantly improved the Cybersecurity and CNSA program's capabilities through the development of a robust and scalable server infrastructure, resource optimization, and high availability
Technical Skills
Security Operations & Threat Management:
SIEM (Wazuh, Sentinel) • EDR/XDR • SOAR • IDS/IPS • Firewall Management • Threat & Vulnerability Management • Vulnerability Analysis & Scanning • Penetration Testing & Exploitation • Patch & Vulnerability Management (Tenable Nessus) • Incident Response & Digital Forensics • User Security & Insider Risk Management
Network & Infrastructure Security:
Network Security & Configuration (TCP/IP, Routing) • DNS Management & Proxies • Single Sign-On (SSO) & Identity Management (OAuth, SAML 2.0) • Reverse Proxy Security (Traefik with Authelia for SSO, NGINX Proxy Manager) • DDoS Mitigation & Web Application Firewall (WAF) • Cloudflare Security (DNS protection, bot blocking, geo-fencing, rate limiting)
Cloud, Compliance & Operating Systems:
Microsoft Azure & Active Directory Security • Windows/Linux Security • Azure Security (Sentinel, Purview, DLP, Logic Apps, KQL) • Cloud Security & Concepts (Azure, GCP) • Compliance & Governance (GRC, Communication Compliance, NIST) • MITRE ATT&CK & NIST CSF/RMF • OWASP & TTPs
Virtualization & Containerization:
Proxmox Virtualization • Docker Swarm • LXC Containers • High Availability (HA) & Network-Attached Storage (NAS) • Hypervisors & Server Security
Automation & Scripting:
BASH, PowerShell, Python
Offensive Security & Analysis:
Nmap • Burp Suite (PortSwigger) • Wireshark & PCAP Analysis • Active Directory Exploitation & Enumeration • Capture The Flag (CTF) Competitions & Red Teaming • Open Source Intelligence (OSINT) • Steganography & Cryptography
Monitoring, Logging & Documentation:
Log & Data Analysis • Security Information & Event Management (SIEM) Tools • Syslog Server Integration (Wazuh Agent Log Correlation) • Uptime & Downtime Monitoring • Technical Documentation
References
Yu Cai, Ph.D.
Michigan Technological University, Associate Chair - Department of Applied Computing
2024
Andrew-Martin-2024-Yu-Cai-Reccomendation.pdfRonghua (Sam) Xu, Ph.D.
Michigan Technological University
2024
"I had the pleasure of teaching and mentoring Andrew Martin in my course: Blockchain Fundamentals and Applications. In my course, Andrew demonstrated exceptional analytical skills and a keen understanding of complex cryptographic algorithms and security protocols. I also had the opportunity to witness Andrew’s problem-solving abilities during practical project assignments. His innovative thinking and creative approach are invaluable in finding unique solutions and applying theoretical knowledge to real-world challenges. I have been consistently impressed by Andrew’s academic prowess, dedication, and passion for the computing and cybersecurity industry, and I would highly recommend him to potential employers."
Alex Taube
Universal Music Group, Senior Manager - Identity & Access Management
2023
"Andrew worked for me during his summer internship in 2023. He was a consummate professional, always looking for more ways to contribute to the team. He delivered requests quickly and took on tasks that were sometimes challenging and/or tedious without hesitation or complaint. I truly enjoyed working with Andrew over the last several months and would recommend him for virtually any entry-level position in Cybersecurity."
Matt Betts
Level Data Inc., President
2022
"Andrew worked for us at Level Data. He is very bright, talented, curious, and eager to learn. He was always willing to take on new projects. He is a perfectionist who loves new challenges. Andrew’s fantastic communication and interpersonal skills make him exceptional and allow him to stand out from his peers. Andrew has an incredibly bright future and will be a great asset to any organization lucky enough to have him as an employee."
