Josiah Ledbetter

Austin, TX, 78752

(512) 554-8976

me@jowj.net


Qualifications

  • Security engineer and programmer with a focus on automation, documentation, and vulnerability management.
  • Comfortable in cloud, on-prem, and hybrid environments.
  • Proven history of building consensus to tackle organization-wide issues.

    Skills

    • Python
    • Powershell
    • Ansible
    • Docker
    • GCP, AWS, cloud usage at large
    • insightVM/Tenable/Qualys, vulnerability scanning at large
    • Wiz, Orca, CSPM at large
    • Linux, Windows administration

    Professional Experience

    Five9, Inc, May 2024 - Current

    Staff Infrastructure Security Engineer

    • Led Infosec's internal DevOps function:
      • Surfaced and retired abandoned resources, migrating necessary components to Ansible/TF for proper management.
      • Identified missing capabilities and deployed new containerized services to address gaps (logging, secrets detection, internal tooling).
      • Migrated Wiz configs from clickops to Terraform (ignore rules, automations, tagging, others).
    • Service owner for Infrastructure Vulnerability Management function:
      • Responsible for technical direction, prioritization, and delivery.
      • Wrote a ruleset for automatic detection of EOL operating systems across scanner sources.
      • Wrote exec level reports for risk posture, directly influenced infrastructure policy and project planning.
      • Mentored a junior through implementation of ticket-automation pipeline.
    • Designed and shipped a cross-platform resource labelling tool in Python for AWS/GCP, targeting workloads not managed by TF. Modular framework allowed for rapid onboarding of new asset types. Used by multiple departments during company-wide labelling initiative.
    • Supported PCI, FedRAMP compliance requirements.

    Unity3d, February 2021 - April 2024

    Sr. Information Security Engineer, June 2022 - May 2024

    Information Security Engineer, February 2021 - June 2022

    • Brought structure to existing ad-hoc processes for vulnerability response.
      • Wrote Python scripts to automate ticket creation from scanner events.
      • Automated regular reporting tasks in Python and Pandas.
      • Built Ownership Automation service to populate and store ownership info for cloud projects.
    • Automated data collection through account-wide IAM + granular JIT access provisioning integrations.
    • Reduced ticket assignment toil from over 30 hours / week to ~1.
    • Researched newly announced vulnerabilities to determine company exposure and proportional response.
      • On multiple occasions reduced false positive noise from scan engines from thousands of alerts to zero based on faulty CPEs.

    Planview, May 2019 - February 2021

    Information Security Engineer

    • Created Slack-based application to manage incident response alerts from Rapid7 IDR.
      • This was later used as a system of record for SOCII compliance.
    • Created a scanning and remediation process for all products under the Planview umbrella.

    Volusion, October 2011 - May 2019

    Information Security Engineer, 2017 - 2019

    Systems Engineer, 2015 - 2017

    Sr. Network Operations Specialist, 2012 - 2015

    Tech Support, 2011 - 2012

  • Built out Rapid7 Nexpose infra to decrease scan times from > 24 hours to < 8.
  • Spearheaded compliance efforts with PCI and internal security policy.

    Misc

    Opensource projects
    • pynit: an automatable way to sync reddit saved-posts to pinboard.
    • archive.jowj.net: an experiment in running a blog using orgmode and elisp.
    Other
    • Experience with PCI, SOCII, FedRAMP compliance frameworks
    • Intermediate trapeze skills
    • Avid bicyclist
    • CompTIA Sec+ (expired)