IT Security Manager

Started in IT support, moved to infrastructure security as an IT Manager. Now I'm switching sides: learning to attack what I spent years defending. Multiple lab machines exploited, professional penetration test reports written, and building the offensive skills companies need.

View Projects Get in Touch

About Me

Angel Ramirez

Most penetration testers come from pure offense. I come from defense—specifically, two years managing enterprise security infrastructure, incident response, and hardening at scale across multinational organizations. That means I understand patch management struggles, why certain configurations exist, what business constraints affect security decisions, and how breaches actually impact operations.

I've responded to active security incidents, managed EDR/MDR platforms, and implemented enterprise-grade security controls. When I find a vulnerability, I can articulate its real impact because I've seen how these things actually play out.

My lab work directly supports this: testing exploitation techniques, documenting attack chains, writing client-ready reports that translate technical findings into business risk. This is the work I want to do professionally.

What Sets Me Apart

🎯

Offensive Security

Hands-on experience with Kerberoasting, AS-REP roasting, Active Directory exploitation, web application assessment, and privilege escalation. Multiple machines exploited with documented attack chains and remediation strategies.

🛡️

Professional Defense Background

Unlike purely offensive-focused candidates, I've managed and integrated EDR/MDR solutions, deployed next-gen firewalls, and investigated active breaches. That background means I understand organizational constraints, defensive mindsets, and how to conduct realistic assessments that actually matter.

📊

Professional Reporting

Experience with vulnerability assessments, incident investigations, and executive communication. Capable of documenting findings, CVSS scoring, and providing remediation guidance.

Professional Experience

IT Manager

Verduyn Tarps Inc.

Hamilton, Ontario, Canada

July 2024 – Present

  • Direct IT operations across 4 multinational locations, managing network security, infrastructure, and 100+ endpoints
  • Designed and deployed SentinelOne EDR/MDR platform across the organization for real-time threat detection and automated incident response
  • Architected enterprise firewall modernization, implementing next-generation threat protection and IPS capabilities
  • Configured threat hunting workflows and behavioral threat detection for rapid containment of advanced threats
  • Successfully investigated and contained 5+ active security breaches using EDR analytics and forensic analysis
  • Architected legacy server infrastructure with new hardware, & NAS solutions for improved disaster recovery

System Administrator

Verduyn Tarps Inc.

Hamilton, Ontario, Canada

September 2023 – July 2024

  • Monitored and maintained system health for servers, workstations, and network infrastructure across multiple locations
  • Resolved 30+ support tickets weekly, providing troubleshooting and end-user support for hardware, software, and security issues
  • Implemented enterprise patch management strategy ensuring all systems maintained current security updates
  • Managed network infrastructure including UniFi access points, switches, and site-to-site VPN connectivity
  • Participated in security audits and vulnerability assessments, implementing remediation measures
  • Maintained comprehensive IT documentation and security procedures

Geek Squad Agent

Best Buy Canada – Geek Squad

Hamilton, Ontario, Canada

April 2019 – August 2023

  • Provided IT support for 1000+ users across Canada, diagnosing and resolving technical issues
  • Trained and mentored team members on troubleshooting techniques and company procedures
  • Managed technical operations across multiple service stations, ensuring coverage and service goals
  • Developed expertise in malware removal, data recovery, and system optimization across Windows, macOS, and mobile platforms

Technical Skills

Offensive Security & Penetration Testing

Burp Suite Metasploit Nmap Gobuster Nikto SQLmap Hydra John the Ripper Hashcat Mimikatz BloodHound Responder CrackMapExec Impacket Wireshark tcpdump OWASP Top 10 MITRE ATT&CK Network Recon Vulnerability Assessment Web App Testing AD Exploitation Privilege Escalation Lateral Movement Python Bash SQL

Network & Infrastructure Security

Fortinet FortiGate FortiManager FortiAnalyzer SonicWall Cisco ASA VPN Configuration VLAN Segmentation DNS/DHCP TCP/IP SMB LDAP Kerberos Hyper-V VMware NAS Architecture Windows Server Linux Server Cisco/HP Switching UniFi Wireless PowerShell Patch Management Endpoint Management

Security Operations & Identity Management

SentinelOne EDR/MDR Threat Hunting Breach Remediation Azure Defender Webroot SIEM Log Analysis Threat Detection Incident Investigation Microsoft Entra ID Azure AD Active Directory Group Policy MFA Conditional Access RBAC Certificate Authority Security Automation Custom Tool Development API Integration

Certifications & Education

OSCP+ (OffSec Certified Professional) - PEN-200

In Progress

Provider: OffSec

Status: 40% Complete

Expected Completion: Late 2025

Advanced offensive security certification. Current progress includes modules on Information Gathering, Vulnerability Scanning, Web Application Attacks, and Report Writing. Active exploitation practice on 70+ vulnerable machines in OffSec labs.

CDSA (Certified Defensive Security Analyst)

In Progress

Provider: HackTheBox

Defensive security fundamentals and threat analysis certification

Computer Science 50

Completed

Provider: Harvard University (via edX)

Foundational computer science principles and programming

Key Achievements

Enterprise EDR Deployment

Deployed SentinelOne EDR/MDR platform across 100+ endpoints, enabling real-time threat detection and automated incident response

Firewall Modernization

Upgraded to Fortinet FortiGate next-gen firewalls across 4 locations with advanced threat protection and IPS

Breach Investigation & Response

Successfully investigated and contained 5+ active security breaches using EDR analytics and forensic analysis

Risk Reduction

Decrease in security incidents through user awareness training and technical security controls

Access Control Security

Reduction in unauthorized access attempts through MFA and conditional access implementation

Infrastructure Availability

Achieved 99.9% uptime through Azure security implementation and enterprise monitoring

Recent Security Projects

View detailed technical write-ups from my penetration testing lab environment

AS-REP Roasting Attack

Unauthenticated domain access via AS-REP Roasting. Demonstrates Kerberos authentication bypass, hash extraction without credentials, and offline password cracking leading to domain compromise.

View Full Write-Up

WordPress Web Exploitation

External penetration test of WordPress application demonstrating authentication bypass, code execution, and privilege escalation from unauthenticated access to root shell.

View Full Write-Up

Let's Connect

Open to penetration testing opportunities and security roles

aar_security@protonmail.com
(905) 906-3031
linkedin.com/in/aar-security
Caledonia, ON, Canada
Download Resume