Resume
Mic Merritt
Strategic cybersecurity leadership experience, led teams up to 600 personnel and oversaw budgets to $5M.
Expertise in red team operations, penetration testing, cloud security, network security, incident response, digital forensics, and security engineering in diverse and global business environments.
Current Experience
Founder and CEO
Merritt Based (2019-Now)
Merritt Based (2019-Now)
Conducted risk assessments for clients in various industries and developed and implemented security policies and procedures.
Authored incident response plans and penetration testing schedules and directed vulnerability assessments to identify and mitigate potential threats.
Aided clients in incident triage and forensic analysis during security breaches.
Board of Directors
MyByte (2022-Now)
MyByte (2022-Now)
Contributed to the development and execution of the company's strategic plan, including the identification of new growth opportunities.
Set company goals and objectives and assisted with the development of budgets and financial forecasts.
Participated in the selection and evaluation of senior leadership as well as the development of talent within the organization.
Previous Experience
Senior Principal Security Engineer / Consulting Security Engineer, Oracle (2022-2023)
Managed risk assessments and conducted threat modeling to create incident response strategies.
Facilitated code reviews and penetration tests of cloud services and mitigated vulnerabilities.
Championed real-time insights on vulnerabilities and built risk registers for critical applications.
Developed modernized automation tooling, enhanced detection and prevention capabilities.
Managed supply chain risk through policies/assessments, built procedures for hardware reuse.
Executed enterprise security strategies conforming to NIST, ISO/IEC, and COBIT 5 frameworks.
Cybersecurity Risk Manager and Instructor, Applied Technology Academy (2020-2022)
Taught information technology and cybersecurity courses across a variety of industry vendors.
Developed custom learning materials and delivered 660+ hours of instruction to 300+ students.
Assessed student progress and provided feedback to ensure successful learning outcomes.
Built procedures to perform risk assessments and business impact analysis to improve security.
Created Security Assessment Plan (SAP) and assessed controls using NIST SP 800-53 framework.
Director of Offensive Security Operations, United States Air Force (2018-2021)
Directed a 42-person red team, simulated attacks to test blue team response capabilities.
Guided a $292M threat intelligence program to proactively assess and mitigate emerging threats.
Sourced a $106K grant for intrusion detection training, expanded capabilities to 24/7 operations.
Set team goals, provided training and guidance, and evaluated performance.
Partnered with external agencies to detect, deny, and manipulate adversarial access.
Senior Manager of Cyber Threat Hunting, United States Air Force (2014-2018)
Led a 39-person team to detect/defeat adversary threats, reduced attacks on DoD networks 45%.
Responded to specific nation-state threats of attack and exploitation as needed.
Executed a $3.1M incident response budget and built mobile response kits to support 30 teams.
Coordinated with cross-functional teams and piloted annual disaster recovery simulation plans.
Lead Network Security Engineer, United States Air Force (2012-2014)
Led 86 security engineers and provided guidance and training to secure 850K endpoints.
Researched and devised intrusion prevention models using anomaly-based approaches.
Restructured security solutions including data encryption and vulnerability management.
Optimized perimeter security infrastructure of 1K devices including Bluecoat proxies, Palo Alto firewalls, Cisco switches and routers, F5 load balancers, and Tanium endpoint security systems to reduce network ingress and increase visibility.
Education
Master of Science, Cybersecurity and Information Assurance
Western Governors University
Bachelor of Science, Forensics and Cybersecurity
University of Maryland Global Campus
Associate in Applied Science, Instructor of Technology
Community College of the Air Force
Associate in Applied Science, Cybersecurity
Community College of the Air Force
Associate in Applied Science, Info Systems Technology
Community College of the Air Force
Certification
ISC2: CISSP
SANS GIAC: GPEN, GCFA, GNFA, GCTI, GCIH, GICSP, GLEG, GSEC
CompTIA: CASP+, Cloud+, CySA+, Pentest+, and Security+
EC-Council: CEH, CHFI, CNDA
Cloud: Oracle 2021 Associate and AWS CCP
DoD 8570: IAM III, IAT III, IASAE II, and CSSP Analyst, CSSP Infrastructure Support, CSSP Incident Responder, and CSSP Auditor