Ruben Valdez

I am a US Navy veteran and cybersecurity professional with over 20 years of combined and proven experience in customer support, technical support, and desktop support. I am looking to expand my growth in the cybersecurity domain. I have demonstrated the ability to identify, predict, and interpret systems, hardware, and network issues. Also, I possess extensive knowledge in administrative support, strategic planning, and strong verbal and written communication skills. I currently have multiple CompTIA certifications (CASP+, PenTest+, CySA+, and Security+).

CYBERSECURITY PROJECTS

Intrusion Detection & Hacker Exploits (CSEC 5350),                                        Jan. 2025 - May 2025
Texas A&M University - San Antonio

• Stack (Elasticsearch, Logstash, Kibana), rsyslog, Nmap, Exploit DB
• Designed and executed a full-scope Red, Blue, and Purple Team engagement within a cloud-based AWS EC2 environment simulating real-world cyberattack and detection workflows.
• Red Team: Launched targeted exploits from a Kali EC2 instance against a vulnerable Apache 2.4.58 server, manually crafting curl payloads to trigger CVEs CVE-2021-41773 and CVE-2021-42013 for path traversal and remote code execution (RCE).
• Utilized Exploit-DB and manual CVE research to identify relevant attack vectors and replicate known vulnerabilities using Metasploit modules and custom payloads.
• Conducted network enumeration and service fingerprinting with Nmap, identifying exposed HTTP services and crafting precise attack scripts for targeted exploitation.
• Blue Team: Deployed an Elastic Stack SIEM (ELK) on a dedicated EC2 instance and configured rsyslog on the Ubuntu server to forward Apache logs over port 5514 for real-time monitoring.
• Created Kibana dashboards and filters to detect Indicators of Compromise (IOCs) based on anomalous URL paths, suspicious user agents, and irregular HTTP status codes.
• Purple Team: Mapped attack techniques to the MITRE ATT&CK framework (e.g., T1190 – Exploit Public-Facing Application, T1059 – Command & Scripting Interpreter) to evaluate detection efficacy and improve security posture.
• Authored a comprehensive report detailing TTPs, log correlation, and defensive recommendations, including WAF integration, directory access controls, and enhanced logging.
• Tools & Platforms: AWS EC2, Kali Linux, Ubuntu Server, Apache HTTPD, Metasploit, curl, Elastic

Security Tools I (CSEC 1360),                                                                           Aug. 2022 - Dec. 2022
Texas A&M University - San Antonio

• Conducted a white-box penetration test on Docker-hosted Linux servers simulating real-world attacks against Apache Tomcat and Webmin targets.
• Executed reconnaissance, vulnerability enumeration, and exploitation using Metasploit Framework modules and manually crafted payloads.
• Created and deployed a reverse shell using msfvenom and established persistent access through a multi/handler listener.
• Integrated multiple Kali Linux terminal sessions for simultaneous exploit delivery and meterpreter session management.
• Authored a formal pentest report documenting attack vectors, vulnerabilities (RCE, backdoors), and post-exploitation techniques aligned with OWASP and MITRE frameworks.
• Simulated enterprise-style attacks in a custom Docker project_net lab network, demonstrating network scanning, shell access, and privilege escalation.
• Tools: Metasploit, Nmap, SearchSploit, Docker, Kali Linux, msfvenom, Tomcat, Webmin

Security Tools II (CSEC 2360),                                                                          Aug. 2022 - Dec. 2022
Texas A&M University - San Antonio

• Performed a multi-target penetration test across GCP-hosted web applications including WordPress, Apache2, October CMS, and SQL-backed services.
• Identified and exploited multiple vulnerabilities including:
• Authentication bypasses
• LFI attacks to read sensitive files (/etc/passwd)
• Remote Code Execution via misconfigured CGI scripts and Apache servers
• Conducted enumeration and brute-force password attacks using WPScan and WFuzz on known users.
• Demonstrated SQL injection (SQLi) techniques using SQLmap to attempt database access and data exfiltration.
• Authored a structured penetration test report including vulnerability chains, tool outputs, remediation suggestions, and testing outcomes.
• Demonstrated ethical hacking methodology through evidence-based testing and alignment with NIST and OWASP standards.
• Tools: Burp Suite, WPScan, SQLmap, WFuzz, Nikto, Dirb, WordPress, Apache2, October CMS

EMPLOYMENT EXPERIENCE

Cyber Engineer, BEAT LLC,                                                  San Antonio, TX,                     Apr. 2021 - Current

• Delivered Ports Protocols Services Management (PPSM) support for the DHA contract, demonstrating a strong passion for Security Operation.
• Spearheaded PPSM requests for the Defense Health Agency (DHA) integrating Veteran Affairs (VA) connections and components, ensuring 100% compliance with DISA standards aligning with policies.
• Orchestrated guidance to over 50 clients on PPSM processes using DISA's CLSA system, reflecting my vision and ability to inspire teams towards common goals.
• Validated system authorization and compliance for 100+ systems using eMASS, facilitating the growth of security practices.
• Engineered and disseminated 25+ PPS documents for DHA, collaborating with network engineers to enhance security protocols, illustrating my role as a researcher in the improvement of security policies.
• Conducted remote training sessions on PPSM processes and tools for DHA and other DoD Components, showcasing strong interpersonal skills through effective briefing and relationship building.
• Key Tools and Skills: DISA’s CLSA system, EMASS, DHA systems, customer service, technical documentation and process improvement, critical thinking, network ports protocols and services (PPS), MS Office, ServiceNow, Remedy, supervising, focused training planning, team member development, and effective method development.

Help Desk Analyst 2, CDO Technologies,                           San Antonio, TX,                  Dec. 2020 - Apr. 2021

• Delivered helpdesk support for the A1 Service Desk, assisting 100+ end-users daily with Air Force and DoD web applications.
• Achieved a 98% first-call resolution rate for password resets and account unlocks across multiple systems, demonstrating employee engagement and dedication to entry-level support.
• Reduced average call handling time by 25% through efficient troubleshooting and knowledge base utilization, showcasing my ability to tackle challenges effectively.
• Guided end-users to successfully troubleshoot web-based technical issues with Air Force and DoD web applications, fulfilling my responsibility to enhance customer satisfaction.
• Key Tools and Skills: Troubleshooting, problem-solving, critical thinking, ServiceNow, Remedy, and customer service.

Desktop Support Analyst, Perspecta,                                San Antonio, TX,                  Oct. 2018 - Dec. 2020

• Administered technical support for network, hardware, software, and peripherals to the entire Defense Health Agency (DHA), and Military Training Facilities (MTF) enterprise of 500+ components.
• Managed 1000+ user accounts using Active Directory, implementing access controls for MS Teams and DHA applications.
• Resolved 95% of complex technical issues remotely, maintaining an above-average customer satisfaction rating, indicative of strong compensation practices for service quality.
• Deployed and configured 200+ computer workstations, laptops, printers, and mobile devices, showcasing strong planning and prioritization skills.
• Key Tools and Skills: DHA systems and applications, Bomgar, MS Remote Desktop, Network and Hardware troubleshooting, Remedy, troubleshooting, problem-solving, customer service.

Application Technical Support, Pearson,                           San Antonio, TX,                  Jun. 2014 - Aug. 2017

• Provided technical support to 500+ customers of Pearson's education and clinical programs.
• Debugged web browsers across operating systems (Windows, OSX) to ensure Pearson software functionality.
• Assisted 500+ customers with completing and uploading Pearson's Excel templates for bulk data entry, demonstrating a commitment to enrollment and customer engagement.
• Diagnosed and resolved complex software issues.
• Key Tools and Skills: Software Troubleshooting, Web Browser Debugging (Windows, macOS), Technical Support for Educational & Clinical Software (500+ Users), Remedy, MS Office, troubleshooting OS web browsers, Operating System Familiarity (Windows & macOS).

M.S. Cyber Security
Expected Graduation Dec. 2025

B.A.A.S. Information Technology
May 2018