John's Headshot

John's InfoSec Ramblings

The thoughts of a man working his way through a career in Information Security.

John's Headshot

Hi. I’m John.

I’ve been in the “IT Field” for over 20 years. I started my career as a programmer/developer and held all sorts of roles, including architect and manager. I worked for some large organizations and start-ups, and pretty much everything in between.

More recently I’ve dedicated my career to Information Security (or Cyber Security if you’re in the government). I’ve spent the last 7+ years as a security professional. I tend not to do anything half-baked, so I really dove into my new role. Most of my career has been on the defensive side, but I do dabble in offensive security as well. My goal is to be as well rounded as possible, and to ultimately help whatever organization I’m working for. From internal penetration testing to endpoint protection, I do it all. I also teach computer security at my local college, teaching the fundamentals of security as well as the penetration testing lifecycle.

I host a semi-weekly podcast called Purple Squad Security where I’m fortunate enough to interview some very smart people in the industry, learn some new things, and share that with my audience. Come on over and have a listen! I’m sure you won’t be disappointed.

For those who care, I hold the following certifications:

  • CISM
  • CEH
  • OSCP

I do plan on getting my OSCE as well, but timelines are a bit fuzzy on that one. I am currently working on my eCPPTv2 certification now, but I have my eyes set on some wireless and web certifications afterwards. I don’t honestly care about what others think about certifications - for me they are just a way to test my own abilities and prove to myself that I can do this. It’s that impostor syndrome is all, I’m sure you understand.

I personally consider myself a generalist. I do not specialize in any one security technology, but I do work with a range of them. There are those that excel in one field or another, and I applaud them! I am on a journey to help raise the defenses of any group that’s willing to listen, and once they are ready to move on to a more specialized need, then there will be others to help them along the way. I struggled with this for a long time, but not any more. I look forward to seeing where this journey is going to take me.

As you can see, the point of this blog is for the rambles of my mind. Basically thoughts and ideas that don’t fit with the show, or views on what is going on in the industry that likewise don’t fit with the schedule of the show. I hope you find it interesting, but I can’t promise you any specific frequency. I’ll do what I can though, so do stay tuned.

Recent posts

See more



Hi. I'm John, and I'm an Information Security Generalist.