EXPERIENCE
Justin has 12 years combined military experience serving in both the Marine Corps and Air Force. He has 25 years of experience within the Information Technology industry, with the last 15 years solely focused on security engineering. Justin has worked in various industries, including Internet Service Provider, eCommerce, Pharmaceutical, Automotive, and Aviation. He has held various roles throughout his career, but his technical strength is derived from his vast network engineering experience. His security knowledge is diverse, but his current focus is on Security Architecture and Design, Incident Response, Malware Reversing, Threat Hunting, Threat Intelligence, and Security Operations. He also does a significant amount of research around trending offensive techniques, tactics, and procedures in order to strengthen his defensive mindset.
EDUCATION & CERTIFICATIONS
- Bachelor of Arts: Computer Information Systems & Business Administration, Florida Institute of Technology
- Certified Information System Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- GIAC Certified Forensic Analyst (GCFA)
- Certified Reverse Engineering Analyst (CREA)
- Offensive Wireless Security Professional (OWSP)
PROFESSIONAL AFFILIATIONS
- ISC2 (Orange County, CA Chapter)
- ISACA (Orange County, CA Chapter)
- ISSA (Orange County, CA Chapter)
- LETHAL (Orange County Hacker Meetup Group)
INDUSTRY CONTRIBUTIONS
Justin has a patent issued for his specialized work around aircraft in-flight-entertainment data security monitoring methodologies and techniques: Methods and Systems for Monitoring Computing Devices on a Vehicle: US Patent No. US9813911B2
PASSION FOR SECURITY
Justin’s passion for security started early in his network engineering career with his exposure to wireless security. His overall passion for security is what consistently pushes him outside of his comfort zone, to keep learning, and to continually work on specializing in new areas within the security industry. His favorite part about being a security professional is the consistent and constant drive to face new challenges.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Continuous Threat Hunting: A Practical Webinar
Join Pargman and Vaicaro in this joint webinar to gain practical strategies that can be used to increase the detection capabilities of a security operations…
Threat Hunting Lessons You Won’t Learn From Guides and Whitepapers
Join TrustedSec Incident Responders Justin Vaicaro, Leo Bastidas, and Ashley Pearson as they share anecdotes and practical information about their experiences…
Elevate Your Threat Hunting Program: Actionable Advice from IR Experts
Join veteran Threat Hunters Justin Vaicaro and Ashley Pearson as they share their experience working with businesses to build and fine-tune their threat…
Incident Response Rapid Triage: A DFIR Warrior's Guide (Part 3 – Network Analysis and Tooling)
Within the first two installments of this series, we identified the key to successful incident preparation starts with making sure a solid incident triage…
Incident Response Rapid Triage: A DFIR Warrior's Guide (Part 2 – Incident Assessment and Windows Artifact Processing)
In Part 1 of this series, we identified that there are three (3) key parts to successful incident preparation: ensuring that a solid incident triage process is…
Incident Response Rapid Triage: A DFIR Warrior's Guide (Part 1 – Process Overview and Preparation)
In this series, I will be discussing how to handle an incident with the speed and precision of a DFIR warrior. With a rapid triage mindset, you'll be able to…
ESXiArgs: What you need to know and how to protect your data
Threat Overview Around February 03, 2023, a ransomware campaign called “ESXiArgs” emerged that targeted Internet-facing VMware ESXi servers running versions…
The Lost Underground
Join TrustedSec Principal Security Consultant Mike Felch for an eye-opening journey into the lost underground, where ingenuity, disobedience, and complexity…
BEC Basics: Your First Step to Thwarting Email Scams
Join Senior Security Consultant Steven Erwin and Security Consultant Caroline Fenstermacher as they cover the basics of BEC analysis, providing participants…
Discovering a Deserialization Vulnerability in LINQPad
Like most red teamers, I spend quite a lot of time looking for novel vulnerabilities that could be used for initial access or lateral movement. Recently, my…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
