BREAKPOINT LABS - Key Persons

Job Titles:

• Chief Technology Officer

Andrew McNicol has served as the Chief Technology Officer of BreakPoint Labs since helping co-found the company in 2015. He oversees the communication and implementation of the organization's technical strategy, including offensive security tools and services. He also manages the Cybersecurity Assessments line of business. Andrew has significantly contributed to ensuring mission success, including developing tactics, techniques, and procedures (TTP) for high-profile cyber red team engagements securing our nation's critical infrastructure. Andrew commits himself to helping clients design and execute large-scale network penetration testing efforts, ones that highly mirror actual adversarial behavior, to reduce risk to their mission effectively. With over 15 years of experience, Andrew has led numerous technical workforces on red team operations, vulnerability assessment, and penetration testing engagements to meet each client's unique goals. He is also a recognized expert in adversarial penetration testing - working closely with BreakPoint Labs Team Members to ‘adopt an attacker's mindset' and continuously develop and hone their technical skills. Before co-founding BreakPoint Labs, Andrew led a large-scale pen testing as a service team. He also worked on the cyber incident response team at Parsons Corporation - specializing in malware analysis and network forensics for the DoD, law enforcement, and commercial clients. Andrew frequently speaks at Government and industry forums where he covers topics like advanced penetration testing techniques that go beyond automated tools and how to start and grow a career in information security. Andrew has a Master's degree in Information Assurance from Capitol Technology University and a Bachelor's degree in Information Systems from Towson University. He also holds numerous professional certifications, including OSCE, OSCP, OSWP, GICSP, GCFA, GCIA, GCIH, GPEN, GREM, GSEC, GWAPT, GWEB, CISSP, and CEH.

Job Titles:

• Program Manager
• Program Manager / Program Manager ( Zero Trust )

Sonny Wink serves as a Program Manager responsible for the delivery of Zero Trust services and overall contract performance for a Federal client. In this capacity, Sonny manages technical assessments of high-value assets, provides a broad range of technology expertise, and supports the independent oversight of the Zero Trust requirements. Working closely with Federal clients and system stakeholders, Sonny provides prioritized recommendations to reduce cyber exposure and offers technical advice to advance the adoption and implementation of Zero Trust cybersecurity principles. Since he began at BreakPoint Labs in 2016, Sonny has led a technical workforce conducting enterprise-level vulnerability scanning and management, endpoint detection and response (EDR), and insider threat user activity monitoring (UAM) functions supporting a DoD cybersecurity service provider (CSSP). Sonny, in concert with a technically proficient workforce, manages large-scale, multi-tenant implementations of several commercial-off-the-shelf (COTS) tools, including DoD Assured Compliance Assessment Solution (ACAS - Tenable SecurityCenter and Nessus), Endpoint Security Solution (ESS - Trellix ePO), Automated Continuous Endpoint Monitoring (ACEM - Tanium), Comply-to-Connect (C2C - Forescout and Cisco ISE), in accordance with DoD cybersecurity requirements. Sonny is a recognized expert in DoD cybersecurity assessment methodologies and has successfully provided technical leadership to six DoD CSSP evaluations. Prior to joining BreakPoint Labs, Sonny provided cybersecurity services to cleared defense contractors (CDCs) in the areas of network-based vulnerability scanning, vulnerability management, and endpoint security. In this capacity, Sonny delivered remote inspection technical guidance for command cyber readiness inspections (CCRIs) and successfully assisted hundreds of defense contractors in completing their assessments. Sonny earned a Bachelor of Science in Cybersecurity Management and Policy from the University of Maryland Global Campus and holds various industry certifications, including CISSP, GCIH, GMON, GCTI, OSWP, CEH, Security+, Linux+, Network+, and A+.

Job Titles:

• Contracts Administrator
• Contracts Manager

Since joining BreakPoint Labs in 2020, Denise Cole has served as Contracts Manager - responsible for the review, negotiation, execution, and maintenance of contractual agreements, including prime contracts and task orders, teaming agreements, non-disclosure agreements, and many others. Denise is BreakPoint Labs' primary corporate representative for client contractual points of contact (KOs, CORs, etc.) and manages purchase orders with industry partners. She also orchestrates bid and proposal activities amongst the BreakPoint Labs Leadership Team and technical subject matter experts (SMEs) to formulate and deliver high-value proposals responsive to client mission and solution requirements. Denise has over 15 years of government contracting experience, including eight years focusing specifically on contract and proposal management. Before joining BreakPoint Labs, Denise was the Director of Contracts and Proposals at eVigilant, a Converged Security Solutions Company. There, she managed a team to handle all aspects of proposal management, contract administration, and subcontract administration. Denise has an innate attention to detail - enabling her to routinely produce error-free contractual documents and high-importance deliverables in accordance with client requirements. Denise earned an Associate's degree in Business Administration from Wiesbaden (Germany). She's also Six Sigma-certified and proficient in Shipley Associates processes for proposal management.

Job Titles:

• Business Development Manager
• Board Member for the Women 's Society of Cyberjutsu

Since joining BreakPoint Labs in 2021, Dr. Diana Orozco has served as Business Development Manager - leading all aspects of capture management and new business pursuits. In close coordination with leadership and technical subject matter experts (SMEs), Diana manages opportunity identification, qualification, and planning while reviewing ways to best support current and prospective clients. She works daily with clients and industry partners to maintain a strategically focused, opportunity-aware pipeline of contract opportunities. Before joining BreakPoint Labs, Diana managed business development operations as an SBA-certified 8(a) program participant. She developed business development processes to increase efficiencies and effectiveness throughout the capture process. Diana cultivates relationships with government and industry partners to deliver resilient cybersecurity solutions that help clients keep their mission safe. Diana earned a Ph.D. in Organizational Leadership from the University of the Incarnate Word, an MBA, and a Bachelor's degree from Texas A&M University-San Antonio. She also holds a Project Management Professional (PMP) certification. In addition to her credentials, Diana currently serves as a Board member for the Women's Society of Cyberjutsu (Alamo Chapter), a Volunteer Director for CyberTexas Foundation, and is on the Advisory Board of Latinitas. Diana is also a participating member in various professional associations and organizations, including AFCEA (Membership, Women's and Wounded Warrior Committees Alamo Chapter), International Information System Security Certification Consortium ((ISC)2 Alamo Chapter), National Security Collaboration Center at UTSA, San Antonio Chamber of Commerce Cybersecurity Council, National Contract Management Association (NCMA), Women in CyberSecurity (WiCyS Alamo Chapter), and Women in Defense (WID Lone Star Chapter).

Job Titles:

• Program Manager
• Labs' Alternate Facility Security Officer
• Program Manager / Program Manager ( Risk & Security Control Assessments )

Elizabeth Noll serves as a Program Manager responsible for cyber risk and security control assessments, helping clients navigate the Risk Management Framework (RMF) and ultimately attain the Authority to Operate (ATO). Elizabeth manages Assessment & Authorization (A&A) activities for a DoD client in supporting the creation and maintenance of high-quality authorization packages demonstrating compliance with technical, management, and operational security controls. Elizabeth has led large-scale assessment teams performing 120+ on-site security assessments annually, including outside the continental U.S. (OCONUS) locations. In addition to her Program Manager responsibilities, Elizabeth serves as BreakPoint Labs' Alternate Facility Security Officer (AFSO) ensuring corporate compliance with the National Industrial Security Program Operating Manual (NISPOM), and administering daily activities in the Defense Information System for Security (DISS). Elizabeth is also the Chair of BreakPoint Labs' Engineering Process Group (EPG) driving, implementing, and evaluating processes for corporate-wide implementation. Prior to joining BeakPoint Labs, Ms. Noll was a Deputy Program Manager at Parsons Corporation where she performed monitoring and control activities for 15+ projects and a workforce of 50+ cybersecurity professionals. Previously, Elizabeth was a civilian at the Space and Naval Warfare Systems Command (SPAWAR) (now Naval Information Warfare Center) where she provided budgetary planning and sustainment activities for on-site security assessments of DoD RDT&E networks. Elizabeth is a Certified Information Security Manager (CISM) and CMMI Associate and Appraisal Team Member (ATM).

Job Titles:

• Program Manager
• Program Manager / Program Manager ( Defensive Cyber Operations )

As a Program Manager and Senior Security Engineer, Eric Peterson manages the development and operation of a large-scale security incident and event management (SIEM) platform ingesting billions of cyber events daily. Eric is responsible for the delivery of security automation and orchestration functions to DoD clients, to optimize the performance and effectiveness of security operations centers (SOC) to meet emerging defensive cyber operations (DCO) requirements. In addition to designing and developing DCO platforms, Eric has been on the frontlines leading high-impact, high-visibility cyber investigations providing DoD Senior leaders with reporting based on deep technical analysis. Additionally, Eric has designed and implemented workforce development programs to assist clients in training DCO analysts on technical disciplines in digital forensic and incident response (DFIR). Eric regularly participates in technical interchanges with Service Cyber Components, Cybersecurity Service Providers (CSSPs), and JFHQ-DODIN, and is a recognized expert in conducting network security forensics on DoD networks. Prior to joining BreakPoint Labs, Eric led a Network Defense Team conducting 24x7x365 security operations to detect anomalous and/or malicious activity on DoD unclassified and classified networks. Eric and his Team implemented high-fidelity signature and anomaly-based detection mechanisms, resulting in the detection, analysis, and reporting of hundreds of incidents annually. Eric has a Bachelor's degree in Computer Science from the University of Alaska Fairbanks, and holds several professional certifications, including CISSP, GCIA, CEH, MCSA, and Security+.

Job Titles:

• Business Development Specialist

As a Business Development Specialist, Jessica Sorrentino spearheads marketing communications and is a key contributor to business development operations. Jessica also provides program support across the company. In close coordination with leadership and technical subject matter experts (SMEs), Jessica leads corporate communications to effectively convey BreakPoint Labs' cybersecurity service offerings to prospective clients and teaming partners. Additionally, Jessica supports Proposal Managers throughout bid and proposal activities to produce responsive, high-quality proposals. Prior to joining BreakPoint Labs in 2023, Jessica was a Business Development Specialist at Parsons Corporation, where she managed various business development activities, including sales pipeline management, reporting, and analysis enhancement. Since entering the government contracting industry in 2010, Jessica has worked closely with corporate executives on strategic, board-level activities contributing to the success of high-profile business activities. Jessica earned a B.A. in Interdisciplinary Studies from Hofstra University and holds professional certifications in the areas of Power BI (Data Modeling, Dashboards), Data Analytics, and Excel BI.

Job Titles:

• Senior Offensive Security Engineer

As a Senior Offensive Security Engineer, Luke Hudson applies deep technical expertise and understanding of adversarial tactics, techniques, and procedures (TTPs) to effectively assess client networks and systems of National Security importance. Luke leads the full lifecycle of Red Team engagements from establishing rules of engagement (ROE), conducting preparation and tooling activities, accurately emulating adversary threats, and producing high-quality post-assessment reporting, including technical reports, leadership out-briefs, and after-action reporting. Luke is an expert in techniques to bypass anti-virus (AV) / endpoint detection and response (EDR), as well as payload development.

Job Titles:

• Additive Manufacturing Engineer

As an Additive Manufacturing Engineer, Nicole Santos leads several key applied research projects to create cybersecurity solutions for the additive manufacturing workflow. Nicole has spearheaded the development and continuous improvement of an AM security monitoring capability, called BISON, to drastically increase visibility and cyber situational awareness into AM processes. Nicole works closely with clients to advance sensing techniques in non-traditional environments, such as 3D printing, to improve confidence and trust that leads to an enduring advantage. Nicole was a member and administrator of a NATO Community of Interest Additive Manufacturing Group focused on interoperability in AM technologies and processes between NATO nations. Nicole is also the co-author of the award-winning, "Additive Manufacturing in the DoD, employing a BCA," which examined how to perform a business case using AM. Nicole is regularly a speaker at various industry conferences and other forums, including RAPID+tct and TIPE Woman in 3D Printing. Nicole Santos holds a Bachelor's degree in Mechanical Engineering from the University of Bath, UK, and is the first woman to graduate with a Master of Engineering in Additive Manufacturing (MEng AM) from the University of Maryland in College Park.

Job Titles:

• Deputy Program Manager / Deputy Program Manager ( Defensive Cyber Operations )

As a Deputy Program Manager and Senior Software Developer, Paul Ewing provides technical leadership in the design, development, and maintenance of multiple enterprise-level capabilities used by a DoD Cybersecurity Service Provider (CSSP) to protect unclassified and classified networks. Paul focuses on optimizing agile development environments for continuous integration / continuous delivery (CI/CD) to meet mission priorities at the speed of relevance. Paul contributes expertise in the development and maintenance of infrastructure as code (IaC) to rapidly deliver capabilities to DoD clients. Paul applies modern software engineering principles within development security operations (DevSecOps) Teams to break down silos, maximize transparency, and embrace automation. Prior to joining BreakPoint Labs, Paul led a Software Engineering Team in the design, development, and testing of host security scanners with a focus on evaluating security controls in Unix/Linux systems. Paul also served as the lead developer for an Information Security Continuous Monitoring (ISCM) capability, which correlated and analyzed various cybersecurity data sets to accurately monitor the security state of thousands of endpoints. Paul earned a Bachelor of Science degree in Physics from the University of Minnesota and holds a CISSP certification.

Job Titles:

• Human Resources Manager

Phet Thong has served as BreakPoint Labs' Human Resources Manager since joining the company in 2018 and is the company's principal representative for its benefits program. Phet also directly supports Program Managers in delivering cybersecurity services, including monthly status reporting, travel administration, financial reporting, and more. As a ‘chief people officer,' Phet works across the company, interacting with what is considered her clientele - the employees of BreakPoint Labs. She ensures they're fully supported and have everything they need to deliver high-quality services to the company's clients that enable mission success. Phet was instrumental in all aspects of plan design for BreakPoint Labs' benefits plan and always seeks the most cost-effective ways to provide health and welfare advantages for the BreakPoint Labs Team. She has over 15 years of government contracting experience, most of which has focused on various aspects of human resource management and corporate services. Before joining BreakPoint Labs, Phet was an Executive Assistant to the President and CEO of STG, a provider of IT services to Defense and Federal clients. There, she worked with teams across the large company, managing employee engagements, travel administration, timesheet processing, expense reporting, and other reporting requirements of the Executive and Operations Management Team. Phet has an ABA from Washington Business School and is certified in Capability Maturity Model Integration (CMMI) version 2.0. Her expertise allows her to be a consummate human resource professional with a sincere passion for supporting the most crucial asset of BreakPoint Labs - its Team Members.

Job Titles:

• Technical Director / Red Team Operator / Technical Director / Red Team Operator ( Cyber Red Team & Threat Emulation )

As a Technical Director and Red Team Operator, Ray Blasko leads assessment engagements - red teaming, penetration testing, and vulnerability assessments - across commercial enterprise networks and provides direct support to a DoD Cyber Red Team. In conducting in-depth assessments, Ray provides clients with unique insights into their cyber risk posture from various perspectives, including external, internal, web, wireless, physical, and social engineering. Ray is always current with the latest cybersecurity threats and emerging vulnerabilities, and their applicability to the technologies within client networks. Ray is a recognized expert in evading endpoint detection and response tools and developing realistic attack scenarios based on the ‘real-world' cyber threats facing an organization. Prior to BreakPoint Labs, Ray worked as a freelance developer creating specialized applications to simulate and analyze NBA and NFL games for sports prediction industries. In doing so, Ray applied a wide variety of technical skills with programming languages and tools, including machine learning, cloud technologies, front-end and back-end development, database management, and more. Ray has a Bachelor of Science in Business Management and is working on a Master of Science degree in Management of Technology from New York University. Ray also holds numerous professional certifications, including OSCP, OSWP, GICSP, GAWN, CEH, Security+, Dragos Assessing Hunting & Monitoring Industrial Control System Networks, Red Team Alliance Covert Methods of Entry, Pentester Academy Certified Red Team Professional, and k>fivefour Red Team Journeyman.

Job Titles:

• Chief Executive Officer

Thomas George has served as the Chief Executive Officer of BreakPoint Labs since founding the company in 2015. He is responsible for formulating the company's vision, developing its corporate strategy, and managing operations as a cybersecurity service provider, including the high-quality performance of government and commercial contracts.

Job Titles:

• President

William Glodek has served as the President of BreakPoint Labs since co-founding the company in 2015. Bill takes the helm in communicating and implementing the company's strategy and oversees the Defensive Cyber Operations (DCO) and Cyber Research and Development (R&D) lines of business.

Job Titles:

• Program Manager
• Program Manager / Program Manager ( Cyber Red Team & Threat Emulation )

Since joining BreakPoint Labs in 2015, Zack Meyers has led Cyber Red Team operations in emulating threat actor tactics, techniques, and procedures (TTPs) to demonstrate security risks in high-value assets. As a Program Manager providing direct support to a certified and accredited DoD Cyber Red Team, Zack spearheaded the attainment of a unique certification from the National Security Agency (NSA) for a DoD client to conduct red team activities, including external (remote), internal (local), web application, wireless, physical, and social engineering engagements. Zack is instrumental in managing and executing key red team processes, including mission planning, rules of engagement (ROE) development, mission execution, and activity logging standards, as well as providing high-value deliverables, such as senior leader presentations and detailed technical reports.