Tom Ervin, Offensive Security Lead, Hacker, Security Evangelist

Professional Summary

A veteran security professional with a proven track record of transforming organizational security landscapes across financial services, cryptocurrency, and manufacturing sectors. Over 15 years of progressive experience, I have consistently pioneered and led cutting-edge Red Team initiatives, evolving from a systems administrator to a strategic security director. My career has been defined by building world-class security teams from the ground up, implementing robust offensive security programs, and bridging the critical gap between technical capabilities and business objectives.

Key contributions include founding Red Teams at multiple Fortune 500 companies, developing sophisticated threat simulation strategies, and implementing comprehensive cybersecurity frameworks that significantly enhance organizational resilience. By combining deep technical expertise with strategic leadership, I have consistently driven security innovation, challenged existing practices, and developed security programs that proactively defend against sophisticated cyber threats.

Experience

Red Team Lead

[CONFIDENTIAL] (*F500 Manufacturing Company*)

March 2024 - Present

Lead offensive security efforts to identify weaknesses in monitoring and alerting systems
Implement ongoing, repetitive regression testing of security controls
Develop and deploy canary token strategies
Improve Active Directory Certificate Services (ADCS) configurations
Support zero trust initiative testing and validation
Collaborate with internal blue team to enhance playbooks and DFIR capabilities
Provide regular security training for internal security analysts

Director of Cyber Security

Skolem

December 2021 - March 2024

Led comprehensive cybersecurity program for a DeFi trading and accounting platform
Implemented robust security measures including EDR, application allowlisting, and log monitoring
Developed and conducted security awareness training programs
Managed Digital Forensics and Incident Response (DFIR) initiatives
Orchestrated offensive security testing through internal Red Teaming and third-party assessments
Designed and implemented data loss prevention (DLP) strategies

Red Team Founding Member and Technical Lead

Principal Financial Group

January 2019 - June 2022

Pioneered the development of Principal Financial's internal Red Team
Established team documentation, reporting, and operational procedures
Designed and managed Command and Control (C2) and payload delivery infrastructure
Coordinated tabletop exercises and purple team events
Managed team resources and tracking of improvement opportunities
Facilitated communication between Red Team and business units

Red Team Founding Member

Northern Trust Corporation

July 2015 - December 2018

Established and operated the internal threat simulation team
Integrated threat intelligence to conduct realistic, targeted attack simulations
Specialized in Command and Control (C2) and payload delivery infrastructure
Architected and maintained Red Team server and endpoint images
Designed and supervised password cracking processes
Led multiple Red Team Operations to evaluate cybersecurity capabilities

Sr. Penetration Tester and Manager

Plante Moran, PLLC

October 2010 - July 2015

Conducted penetration testing for over 100 Banks and Credit Unions
Developed comprehensive testing and reporting methodologies
Improved client network security programs through detailed assessments
Revamped internal penetration testing procedures and equipment
Promoted to Manager for significant contributions to testing practices

Systems Administrator

Plante & Moran, PLLC

2006 - February 2010

Performed Systems Administration and LDAP Administration
Led virtualization and system deployment initiatives
Designed and implemented Disaster Recovery systems
Developed an encrypted, portable file server with advanced routing capabilities
Contributed to the creation of Linbit's DRBD-Proxy product

Education

Bachelor of Science: Network Administration & Database Administration

University of Cincinnati

Professional Development

Advanced Evilginx Mastery training and certification (2024)
Completed Abilities Driven Red Teaming workshop (2022)
Attended SpecterOps Red Team Tactics intensive course (2018)
SpecterOps Red Team Tactics CTF Winner, awarded Challenge Coin
Completed SANS SEC564 advanced security training (2017)
Attended "Password Cracking Like a Pro" workshop by Jeremi Gosney (2017)
Participated in Red vs Blue conference at Derbycon (2016)
Obtained Certified Ethical Hacker (CEH) v8 certification (2013)

Community Involvement

Passionate contributor to the information security community. Frequent volunteer for Midwest information security conferences, with the goal of helping to teach, share, and support fellow infosec practitioners.

Volunteered across notable security conferences and projects demonstrating a long-standing commitment to the industry:

Cobalt Strike Beta Tester (Feb. 2012+)
BSides Chicago (2012-2016)
BurbSec Core Staff (2013-2024)
Hak4Kidz (2015-2019)
CircleCityCon NOC (2014-2019)
CircleCityCon CTF (2018-2019)
Blue Team Con CTF (2022+)

Presented at academic forums, hacker conferences, and financial industry leadership conferences on topics including:

Red Team business integration (ISSA)
Communication effectiveness and strategies (BSides Chicago)
Technical benchmarks and metrics for Red Teams (ISSA/BSides Iowa)

Key Skills

Established history of effective team leadership, and constructive critique of standing practices. Well developed communication and interpersonal skills; including extensive cybersecurity strategy, team professional development, and security concern reporting processes for technical and executive presentations.

Past Red Team technical contributions include Attack Infrastructure Design and Management, Threat Intel informed Threat Simulation, Penetration Testing, professional presentation and reporting, Legal Team coordination, Blue Team relationship building, and internal process development.