Mick Resume FAQ

Primarily for recruiters looking to break down my resume details. Here is the cheat sheet

Resume Frequently Asked Questions (FAQ)

What are Mick Cecil's primary areas of expertise in information security?

Mick Cecil possesses over 15 years of experience in information security, with a strong emphasis on offensive security, including penetration testing, vulnerability research, and exploit development. He also has significant expertise in building and leading resilient security programs, threat hunting, incident response, security automation, and insider threat detection. His technical skills extend to web and application security, reverse engineering, hardware security, cloud security (especially AWS), and threat intelligence.

What kind of leadership experience does Mick Cecil have in the security field?

Mick has extensive leadership experience, particularly at Amazon, where he built and led multiple high-impact security teams, including:

• Amazon's first Insider Threat Prevention Team within Retail Security.
• Global Customer Service Security's CSIRT, strengthening Amazon’s incident response capabilities.
• Proactive Security Operations (PSO), a purple team specializing in threat hunting, adversarial emulation, and intelligence analysis.
• Threat Operations for Amazon Global Customer Service Security, overseeing 50+ engineers and analysts.

He has a proven track record of developing security team talent and fostering inclusive work environments.

What are some of Mick Cecil's key accomplishments at Amazon?

During his tenure at Amazon, Mick:

• Conceived and built Amazon Retail Security's Insider Threat Program from the ground up.
• Established and led the Global Customer Service Security’s CSIRT.
• Reduced incident response triage times by 96%, improving security response efficiency.
• Founded and led the Proactive Security Operations (PSO) team, focused on adversarial emulation and threat hunting.
• Designed and implemented a security career growth roadmap, enabling Amazon Customer Service Associates to transition into security roles.

Can you describe Mick Cecil's patent?

Mick Cecil holds a patent titled "Anomalous Computer Activity Detection and Prevention."
This invention focuses on detecting and preventing security threats such as denial-of-service attacks, unauthorized access, and network intrusions.
The system:

• Uses gradient-based data to identify anomalous activity compared to historical trends.
• Incorporates linear detection, sequence-based detection, adversarial network detection, and peer-based anomalous network rights detection.
• Leverages machine learning-enhanced monitoring to proactively identify compromised systems.

What kind of security testing and offensive security experience does Mick Cecil have?

Mick has extensive experience in penetration testing across multiple domains:

• Web, mobile, network, cloud, and infrastructure security testing.
• Red team operations and purple team operations (as demonstrated by his leadership of the PSO team).
• Threat intelligence analysis and attack simulation using real-world attacker TTPs.
• Exploit development, reverse engineering, and adversary simulation.
• Recognized as a SANS Holiday Hack Challenge winner, showcasing advanced offensive security expertise.

How does Mick Cecil emphasize a proactive approach to security?

Mick advocates for a proactive security posture by integrating threat intelligence, red teaming, and security automation.
His key initiatives include:

• Developing and deploying custom security tooling in Python for forensic evidence collection and automated security response.
• Leading the Insider Threat Prevention program, ensuring proactive detection and mitigation of insider threats.
• Running the Proactive Security Operations (PSO) team, focusing on adversarial emulation and early threat identification.

What was Mick Cecil's security experience before joining Amazon?

Before Amazon, Mick held key security roles in the healthcare and hospitality sectors:

• TMC Healthcare:
  • Established and led the first formal information security program.
  • Conducted penetration tests and developed HIPAA-compliant security policies.
  • Led incident response and security operations.
• Sunquest Information Systems:
  • Managed secure network infrastructure for a global healthcare software company.
  • Ensured HIPAA compliance and conducted vulnerability assessments.

How does Mick Cecil engage with the broader security community?

Mick actively shares projects, research, and insights on his website. He also:

• Encourages collaboration and discussions on offensive security, hardware hacking, and security leadership.
• Won the SANS Holiday Hack Challenge, demonstrating expertise in exploit development and adversary simulation.
• Contributed to Counter Hack Challenges, further engaging in security competitions and CTFs.