TYLER KRIST
Alexandria
Summary
Military Veteran with a Top-Secret SCI Security Clearance and a CI Polygraph, bringing over nine (9) years of experience in operational and cybersecurity. Extensive experience spans the United States Military, government, Intelligence Community (IC), and corporate sector, offering a unique perspective on how cybersecurity measures support business continuity and strengthen security posture across various industries. Skilled in agile project management and risk mitigation, with proven expertise in communication, analytical thinking, and a diverse background in cloud, offensive, and defensive cybersecurity. A valuable asset for enhancing cybersecurity and cloud environments.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Azure Security Engineer (Contractor: Koniag GS)
United States Department of State (DoS)
02.2024 - Current
- Conduct comprehensive security reviews and lead in-depth security assessments of new Azure FedRAMP services to ensure compliance with federal security standards, aligning with FedRAMP guidelines
- Act as a primary responder to cybersecurity incidents, coordinating with customers to implement immediate mitigations, reducing potential exposure in a high-stakes Azure Commercial environment
- Perform detailed security impact analysis for platform changes and updates, ensuring all modifications aligned with NIST SP 800-53 rev 4 security controls and maintained platform integrity
- Successfully managed ATO (Authority to Operate) reassessment activities, updating security control implementations and providing required artifacts, ensuring continuous compliance with federal regulations
- Collaborate with ISSOs and cross-functional teams in an agile environment, using JIRA to streamline coordination and support for fast-paced, team-based projects, enhancing overall platform security
- Utilized Defender for Cloud for continuous security monitoring, detecting, and responding to potential threats in real-time, significantly reducing incident response times
- Maintain comprehensive security documentation and provide quarterly reports to stakeholders, ensuring transparency and continuous improvement in security practices
Senior Penetration Tester
KPMG
01.2022 - 01.2024
- Spearheaded more than seven penetration tests within a fast-paced, collaborative setting, catering to six (6) different clients
- Orchestrated and executed a strategic project for a financial services client, guiding the remediation efforts for over seventy (70) findings originating from CBEST and iCAST reports
- Collaborated closely with cross-functional teams to implement targeted solutions, ensuring compliance with industry-specific security standards and policies while bolstering the organization’s resilience against sophisticated cyber threats
- Proactively identified weaknesses and disparities within a newly formed team, contributing insights and recommendations to foster a more cohesive work environment
- Collaborated with internal teams to optimize operational efficiency
Penetration Tester (Contractor: Deloitte & Touche LLP)
National Geospatial Intelligence Agency (NGA)
03.2020 - 01.2022
- Prioritized penetration testing and cyber threat emulation, seamlessly integrating these proficiencies with contemporary and evolving threat intelligence to establish a comprehensive risk-intelligence-driven continuous monitoring system
- Established the Web Application Vulnerability Assessment (WAVA) initiative, proactively addressing high-risk vulnerabilities before their exposure through the Vulnerability Disclosure Program (VDP)
Incident Response Analyst / Cyber Protection Team Analyst
United States Coast Guard
04.2019 - 03.2020
- Tier 3 Analyst responsible for Coast Guard network consisting of 60,000 users
- Authored and developed procedural documentation on response processes and tools used to train the incident response team on how to respond to incidents effectively and quickly; led more than ten (10) cases including ransomware, suspected command and control, and phishing attempts
- Developed qualification requirements to qualify new members, including General Knowledge, Host-Based Forensics, Network-Based Forensics, and Malware Analysis
- Standardized procedures to escalate incidents and developed PowerShell Live-Response scripts for automated data collection on infected machines
- Identified phishing and extortion attempts targeting over 4.3% of 60,000 worldwide government users; led immediate response by deleting all unique emails with Exchange Shell; utilized Sandbox to verify attachments were not malicious
Digital Forensics Analyst
United States Coast Guard
11.2018 - 04.2019
- Conducted digital forensics and analysis alongside Coast Guard Special Agents to support criminal investigations
- Utilized Axiom, FTK, and PowerShell scripts to perform forensics on data
- Collaborated with team to corroborate evidence leading to successful prosecution of high-level criminal cases
- Adhered to Chain of Custody methodologies and requirements to ensure integrity of evidence collected
Security Operations Center Analyst (SOC Analyst)
United States Coast Guard
02.2018 - 11.2018
- Identified and responded to data spills, negligent disclosures, PII, external scans, malware, and phishing; implemented IP and URL blocks; escalated necessary incidents to Tier 3 analysts
- Acknowledged orders and tippers from internal and external stakeholders and took action to ensure risk mitigation
- Conducted open-source research on events; collaborated with the intelligence department for information from intelligence reports
- Conducted continuous monitoring of Coast Guard data, networks, and systems
- Responsible for detection, analysis, preliminary incident response, and incident escalation
Systems Administrator and Networks Analyst
United States Coast Guard
08.2016 - 02.2018
- Domain administrator responsible for initial troubleshooting of enterprise helpdesk-related issues, triage, and monitoring of Coast Guard networks for 60,000 users
- Monitored and managed 2,100 network devices on a military domain including routers, pair-gains, blue ridge routers, taclanes, KIV-7s, and military platforms
- Detected network outages and coordinated with service providers, external agencies, and field technicians to remedy connectivity issues
- Responded to the WannaCry Incident by automating processes to restart hundreds of hosts to allow for patches to be pushed
Seaman Apprentice
United States Coast Guard
04.2014 - 08.2016
- Conducted in-port security watch duties, safeguarding a 378ft cutter and its crew in compliance with operational security protocols, resulting in a 100% incident-free record
- Monitored and secured sensitive areas onboard the vessel, ensuring adherence to maritime security standards during 24/7 operations
- Operated as helmsman and lookout during high-stakes maritime missions, maintaining navigational accuracy and enhancing situational awareness
- Qualified as a rescue swimmer, responding to emergency scenarios and safeguarding lives during search and rescue (SAR) operations
- Directed deck operations as Boatswain Mate of the Watch, supporting mission readiness during underway and in-port activities
- Assisted in high-risk boarding and interdiction operations, contributing to law enforcement and counter-narcotics missions
- Trained and mentored junior personnel in lookout, helmsman, and deckhand responsibilities, enhancing team operational efficiency
- Selected as Class Leader in Information Technology (IT) “A” School, leading peers in marching drills and fostering a disciplined learning environment
- Supported crew health and morale by fulfilling mess cook duties during extended deployments
Education
Bachelors Degree in Applied Cybersecurity (BACS) -
SANS Technology Institute
12.2026
Skills
- Microsoft Azure
- Client Engagement
- Root Cause Identification
- Project Management (Agile)
- Cloud Security
- Threat Intelligence
- Penetration Testing
- Regulatory Compliance
- Continuous Learning
- Operating system hardening
- Vulnerability assessment
Securityclearance
TS/SCI CI Polygraph
Certification
- Microsoft Azure Fundamentals
- CompTIA Security+ (501)
- Certified Ethical Hacker (CEH)
- GIAC Certified Enterprise Defender (GCED)
- GIAC Web Application Penetration Tester (GWAPT)
- GIAC Penetration Tester (GPEN)
- GIAC Certified Incident Handler (GCIH)
- GIAC Cloud Penetration Tester (GCPN)
Training
- Information Systems Technician School
- Joint Cyber Analysis Course (JCAC)
- Cyber Threat Emulation (CTE)
- Industrial Control Systems Computer Emergency Readiness Team 301 (DHS-ICS CERT 301)
- Intermediate Cyber Core (ICC)
- Cyber Protection Team – Core (CPT-C)
- Joint Regional Security Stack (JRSS) – Cyber Network Defense
- Public Key Infrastructure – Registration Authority (RA)
Timeline
Azure Security Engineer (Contractor: Koniag GS)
United States Department of State (DoS)
02.2024 - Current
Senior Penetration Tester
KPMG
01.2022 - 01.2024
Penetration Tester (Contractor: Deloitte & Touche LLP)
National Geospatial Intelligence Agency (NGA)
03.2020 - 01.2022
Incident Response Analyst / Cyber Protection Team Analyst
United States Coast Guard
04.2019 - 03.2020
Digital Forensics Analyst
United States Coast Guard
11.2018 - 04.2019
Security Operations Center Analyst (SOC Analyst)
United States Coast Guard
02.2018 - 11.2018
Systems Administrator and Networks Analyst
United States Coast Guard
08.2016 - 02.2018
Seaman Apprentice
United States Coast Guard
04.2014 - 08.2016
Bachelors Degree in Applied Cybersecurity (BACS) -
SANS Technology Institute
Similar Profiles
Frederick C. Jefferson IIIFrederick C. Jefferson III
Senior Advisor for Inclusive Leadership at United States Department Of StateSenior Advisor for Inclusive Leadership at United States Department Of State
Nadia AkbariNadia Akbari
INTERN (EAP/ANP) at UNITED STATES DEPARTMENT OF STATEINTERN (EAP/ANP) at UNITED STATES DEPARTMENT OF STATE
Ryan StoughRyan Stough
Armed Diplomatic Protection Officer. at United States Department Of StateArmed Diplomatic Protection Officer. at United States Department Of State