Category: Meet The Team

  • Meet the Team: Brian Tant, VP of Engineering

    I’m Brian Tant, and I serve as Raxis’ VP of Engineering. This week, I’m the subject of our in-house infosec inquisition where I’ll be asked all manner of probing questions intended to give you, the reader, some insight into the machinations of a troubled mind. Normally, I avoid this type thing, but, after a series of increasingly dire threats from our COO, Bonnie Smyre, I relented.

    Jim: When did you first get into security?

    Brian: Do you want the professional answer or the seedy underground one?

    The professional version is that I started in IT at the ripe age of 17. I lied about my age to get on with a tech staffing company. They made me do a series of placement tests, although back in the day we used paper.

    Jim: [shudders]

    Brian: I know, right? Anyways, I had been doing computer stuff for a while and the tests were pretty basic. I did well enough that I bubbled up to the top of the roster for a big brand company looking for a tech. They brought me in and made me a field technician day one. It was the typical firehose-sippy-cup experience that comes with jumping up a level.

    Fast forward several cubes later.  At some point, I found I had a knack for Terminal Server and Citrix and did that for several years. My last deployment was one of the largest Citrix farms in the world at the time: 1000+ servers and 30k concurrent users across the globe.

    Jim: And then?

    Brian: I got bored. How many times a day can you hear the phrase, “I can’t print” before you start questioning some fundamental life choices. I loved the tech, but the users. Oi.

    Jim: So where does security come into the picture?

    Brian: Ah. For that we have to re-visit the the dark seedy part I mentioned earlier. Back in the 90s, the hacker scene was mostly to do with phones and usenet groups. Networks were mostly flat, and email was a cool idea that would never take off. My taste for mischief found a home in that community. Twenty-some- odd years later I decided to re-kindle that and found that there was a whole sector of talented folks that shared a passion for devious tinkering.

    Jim: And the rest of the story?

    Brian: As a Raxis Paul Harvey would say…

    Jim: Wow.

    Brian: Yep. I am that dork. Mark (our esteemed CEO) took a chance and brought me onboard Raxis early on. We were tiny, but eventually found our voice. Since then, we’ve grown, and I’ve been privileged to be a part of building something special. What we have here is a real sense of family. I can’t imagine being anywhere else.

    Brian doing literally what he’s often suspected of doing figuratively.

    Jim: Switching gears. If there is one thing I’ve learned working with Raxis it’s that you guys roll hammer down all day. The pace is frenzied, and things are always changing. How do you unplug?

    Brian: As my wife will tell you, I have a problem with hobbies.

    Jim: Oh?

    Brian: Most of them tend to connect with farming or agriculture in some way. We have a small homestead where we keep bees, goats, worms, chickens and an indeterminate number of dogs and cats at any given time. I sit on the board of directors for the local farm bureau and chair the bee keeping club.

    Jim: No shortage of fur-babies then.

    Brian: I also make wine, mead, soaps, preserves, and have been known to run a still now and again. For a while I even made a podcast that gained a modest following. I do a lot of backpacking and am a master diver.

    Brian spending quality time with his six-legged livestock.

    Jim: Back up; a still as in moon-

    Brian: As in alternative fuel for small engines.

    Jim: [cough] Moving on, if you had to pick a favorite thing about working at Raxis, what would it be?

    Brian: Easy. It’s the people. The people are the heart of this company. Raxis is an ego-free zone. We’re all passionate about what we do, but, unlike most shops, Raxis is built on empowerment. We’re only the best if our people are at their best, and that means we take care of each other. The same holds true with our customers. Our success comes from helping them succeed.

  • Meet the Team: Bonnie Smyre, Chief Operating Officer

    As Raxis’ chief operating officer, I’ve been busy prodding coworkers to do these meet-the-team interviews. (Looking at you, Brad, Brian, and Mark). Now, it’s my turn for a conversation with our marketing specialist, and the result is the interview below. I’m more accustomed to conducting interviews than giving them, so, if you’re a qualified penetration tester, check out our YouTube channel and our careers page. If Raxis is the type of company you’d like to work with, who knows – maybe I’ll get a chance to interview you.

    Jim: First of all, condolences for your Tarheels’ recent loss to my Seminoles in football.

    Bonnie: That’s all right. I’m a baseball fan, so North Carolina will get its redemption in the spring – if not before.

    Jim: Really? I wouldn’t picture you as a baseball person. How did become a fan?

    Bonnie: That started while I was at UNC. I was working as a web and database developer for many years. Baseball just seemed to be an athletic extension of that same mindset. As a game, it fit in with the details, patience, and long-game required to code a complex application from start to finish… and end up with a result that faculty, staff, and students were all happy with.

    Bonnie cheering on her alma mater.

    Jim: I don’t think I’ve ever heard anyone make that connection before. Is that what attracted you to a career in IT in the first place?

    Bonnie: I was a shy bookworm when I was younger. IT was a field I thought would allow me to work independently and not require me to interact as much with other people. However, as I grew in my profession, I realized that I needed to get past that shyness if I wanted to really make a difference.

    Jim: Did that happen naturally, or did you have to work at it?

    Bonnie: Oh, I worked on it. I moved on to a development job at PBS North Carolina (UNCTV while I was there). During our pledge drives, I was usually backstage working on a computer, but occasionally I would be on the phones and on live television. There are people who still tell me they remember seeing me on air.

    Jim: Did that make you more comfortable being in front of people?

    Bonnie: That started me on the path, I think. But the real breakthrough was when I went completely outside my comfort zone and took improv classes for a few years. I was petrified at first, but I met some great people who gave me the courage to get over my fear.

    Jim: I think most people would find that terrifying – to be on stage, all eyes on you, and the pressure to be funny.

    Bonnie: Improv isn’t like stand-up comedy. The whole point is that you are not alone. The team has your back, and you have theirs. It gives you a confidence to just run with what pops into your head & see if it’s funny.

    Jim: Okay, so you’re a veteran IT pro and you’ve got all this improv experience. How did you find your way to Raxis and bring those skills together?

    Bonnie: Our CEO, Mark Puckett, & I were good friends in high school, and I met his wife when her mom and dad were “band parents” for the marching band. (I played the flute.) In 2014, I moved back to the Atlanta area to be closer to my family and began working as a penetration tester at Raxis. When my first PSE (physical security evaluation) job came up, I found that my improv experience helped me think on my feet.

    Jim: So, improv helped you convince people you were someone else and your IT background allowed you to capitalize on that?  

    Bonnie pretending to be an elderly woman on stage (l) and for a real-life PSE (r)

    Bonnie: Yep. It’s a bit scary how often people believed me, but the good news is, it was all for educational purposes. Once they see how easy it is for someone to slip past their security, it helps them better understand what they need to do to protect themselves and their companies.

    Jim: Unlike other companies, most of Raxis’ best work has to stay confidential for obvious reasons. In the absence of outside validation, what makes the work fulfilling to you?

    Bonnie: As I’ve grown in this job from pen tester, to project manager, to leading operations, I’ve found that I’m no longer in a shy IT position. Just like my improv team made me feel safe to try new things, the team here at Raxis makes things fun every day. It honestly doesn’t feel like a job. I get to work with great people and do what I love each day.

  • Meet the Team: Scottie Cole, Lead Penetration Tester

    I’m Scottie Cole, and this week, it’s my turn to be interviewed by our marketing specialist. Unlike my Raxis colleagues, I’ve been friends and worked with Jim for well over a decade (that is, if you consider what he does actual ‘work.’ ) What follows is our best attempt at an interview, but it highlights one of the things I like best about this team: For as hard as we work, we also have a lot of fun. If that sounds like an environment that would bring out your best, check out our careers page and learn more about our opportunities.

    Jim: I seem to remember you having much darker hair when we first met.

    Scottie: That’s right! And I seem to remember you actually having hair when we first met.

    Jim: True enough. You were responsible for our internal security at the cybersecurity company where we both worked for many years. Some of our readers might think that would be an easy job or maybe even redundant.

    Scottie: Thanks to you and your marketing people, I always had plenty of new risks to mitigate. 

    Jim: You’re welcome.

    Scottie: Seriously, security companies are frequent targets of hackers, so we have to pay extra attention to keeping our own house in order. We have customers counting on us, of course, but we also have our reputation to protect. That raises the stakes and adds a lot of pressure.

    Jim: Given your previous jobs, you were accustomed to working under pressure, right?

    Scottie: I spent several years as a dispatcher, a firefighter, and a law enforcement officer. Those jobs gave me plenty of experience working in high-stress situations. In cybersecurity, the ‘bad guys’ are different, and the fire drills aren’t literal, but the consequences can still be very severe. That’s especially true when you consider how many devices are being connected to the internet now.

    Jim: You’d know that better than most. Your house is like Area 51, except with more electronics.

    Scottie: Well, maybe more radios.

    Jim: That’s right. You’re a HAM radio operator. How’d you get into that? More importantly, why?

    Some of Scottie’s HAM radio gear

    Scottie: As a dispatcher, I became fascinated with radios. When cell service and other forms of communication go down, the HAM operators can continue to broadcast, and that’s an important civil defense benefit. During the terrible hurricane in Puerto Rico, for example, it was the HAM operators providing updates to people in the US. Think about how relieved people were to hear that their loved ones were okay. Or how important it was to know what relief supplies were needed where.

    Jim: Is that how you found your way into the IT security world?

    Scottie: That was actually more by chance than by design. As you remember, our former company was growing fast, especially in the early days. They needed help, so a friend of mine offered me an opportunity to join the team and learn about infosec. Being a first responder was a great job, but cybersecurity offered better pay and more predictable hours . . . in theory.

    Jim: I’ve asked other team members how they found Raxis, but as I understand it, Raxis found you.

    Scottie: That’s right. In my previous job, I didn’t like to take phone calls for security reasons.

    Jim: I thought it was only my calls you didn’t take.

    Scottie: There were a lot of reasons I didn’t take your calls. But I was always wary, and the folks at the front desk knew to screen everyone. But (Raxis’ COO) Bonnie Smyre actually got me on the phone to talk about doing a penetration test for us. My first thought was, “She must be really good if she got through that easily.”

    Scottie Cole, drone operator and wannabe surfer

    Jim: Did you hire Raxis for the pentest?

    Scottie: Yep. But I also got to know Bonnie, (VP of business development) Brad Herring, and (CEO) Mark Puckett and realized this is the type work I want to do, and they are the people I want to work with. As I met other team members, I knew it was a great culture and a great team, so I jumped at the opportunity to join them.

    Jim: What’s your favorite part of the job?

    Scottie: What’s not to like? I get paid to hack into other people’s networks. I get to learn from the best in the business and share what I know with them. It’s an outstanding company in a space that’s becoming a lot more important. When business owners say that a network breach would be more damaging than a fire, you understand just how critical cybersecurity is in our daily lives.

  • Meet the Team: Adam Fernandez, Lead Developer

    Hi, everyone! I’m Adam Fernandez, and it’s my turn to introduce myself as part of the Raxis Meet the Team series. So, I spoke to our marketing specialist, and we talked about my how I came to be a security professional. (As it turns out, I started down that path early in life). I certainly enjoy working with this team and, if you think you might also, read on and then check out our careers page or subscribe to our YouTube channel.

    Jim:  Adam, you’ve done a lot penetration tests, but your title is Lead Developer. What’s going on there?

    Adam: I started out at Raxis as a penetration tester when I joined the company in 2017, but I also enjoy developing software, testing devices, and taking apart and building new ones. One of the great things about working for Raxis is that our leaders understand how those skills complement each other, and I have a lot of flexibility to work on new and advanced projects in addition to helping with pentesting engagements.

    Jim: As I understand it, you came to Raxis from an entirely different career field, right?

    Adam: That’s right. I actually studied stage management and lighting design at Kennesaw State University. In fact, theater was the focus of much of my time at Woodstock High School in Woodstock, GA as well as in college.

    I started out as a stagehand, moving a ladder on and off stage. But I really wanted to work with sound and lighting, so I started learning as much as I could about that through YouTube videos, the Internet, and books my mom bought for me. I also sought out internships in Seattle, where I lived in the summers, and worked on the production of Sweeney Todd at SecondStory Reparatory Theater.

    Jim: Did that help spur your interest in development?

    Adam: In a way. As I transitioned into stage management, I knew that the sound and lighting people needed a better system for taking their cues, and my high school couldn’t afford an expensive solution. I really believed that was something I could figure out. So, I built a device to let them know what they were supposed to be doing when. Then I sold it to the school for $350.

    The device Adam created as a senior in high school.

    Jim: That’s pretty amazing for a student, but you didn’t stop there, right?

    Adam: No, I also wanted the theater department to have its own website to manage membership dues and ticket sales, so I created the whole thing from scratch. It was the ugliest site ever, but the school paid me $500 per year to manage it.

    Jim: Sounds like you were a bit of an entrepreneur as well.

    Adam: Well, I did create my first company at KSU. I developed software that would automate the audition process with searchable applications and headshots. The school paid me to manage events, but there was a rule that prevented them from paying students directly, so I had to create a company to make it all legit.

    Jim: So, how did you move from doing events at KSU to penetration testing?

    Adam: Well, I was also a student assistant at KSU for the Facilities Manager, Brad Herring, who ended up leaving KSU to go to work with Raxis and is now VP of Business Development. After he’d been here a while, he told me, “I think you’d be really good at pentesting, and I want you to talk to our CEO.” Brad’s always been a mentor to me and one of my best friends, so I took his advice and had lunch with him and (Raxis CEO) Mark Puckett. Before I knew it, I was working in a fascinating new field that I loved.

    Jim: What is it about cybersecurity that’s interesting to you? How did you make that leap?

    Adam: Looking back on it, security really wasn’t a leap at all. I remember as a small child, having an intense interest in padlocks and how they worked. I asked for a safe for Christmas one year. Then, it was spy gadgets, alarms, and games. My stepdad was a software developer, and, at a very young age, he helped me make a program that required you to enter a certain color sequence to unlock the app.

    Now, I’m intrigued by using software to control things in the real world, which is why I love the IoT and figuring out how various devices work. In fact, I have an electronic access keycard system at my house. It’s antiquated, but I bought it in part so that I could reverse engineer it and learn how it works.

    Adam’s favorite device is his Tesla

    Jim: Do you get to work with devices at Raxis?

    Adam: Yes, we have our Transporter that we use to do remote pentesting, and we recently bought the Boscloner company. That’s a very advanced badge-cloning device. Of course, with more and more devices online, IoT security is becoming a lot more important every day.

    Jim: What’s your favorite part about working with Raxis?

    Adam: I love having the ability to introduce new ideas and not only have them heard but also make them a reality. And Raxis just feels like family. Theatre was like that too, but this feels way more genuine.

  • Meet the Team: Tim Semchenko, Senior Manager, Operations and Customer Delivery

    I’m Tim Semchenko, senior manager of operations and customer delivery for Raxis. As part of our Meet the Team series, I agreed to do an interview with our marketing team. Below, you’ll see how I found my way to Raxis and why I like it so much here. If you’re interested in working with an outstanding group of folks, go visit our careers page or check out our YouTube channel to get an idea of what it’s like to work with us.

    Tim on the beach

    Jim: Tim, tell us about your role at Raxis.

    Tim: My title is senior manager of operations and customer delivery. That means my job really starts once a sale is made and the scope of work is established. My role is to make sure the customer has a great experience from the beginning of the engagement to the end.

    Jim: That sounds like a tall order. What all do you have to do in order to make sure the engagement is successful?

    Tim: So, my role is “soup to nuts” – making sure we have the right resources available, that we stay on schedule, that we deliver everything we said we would, and that the customers get what they’re expecting. I’m Raxis’ liaison, so, when issues come up, it’s my job to figure out how to adapt and adjust to make sure they get what they need.

    Jim: What’s your favorite part of the job?

    Tim: Honestly, I enjoy the challenges that come with managing a heavy workload. No two jobs are exactly the same, so there are sometimes complications that we can’t foresee going in. When that happens, it’s like triage – solving ‘unsolvable’ problems. Scheduling around the birth of a baby, for example. There are always fires to put out, but I love the fast pace, the people, and the conversations.

    Jim: How do you measure success? How do you know that your customer has had a great experience?

    Tim: I know because they tell us. My work doesn’t end when the penetration test is over. We go back and ask them how we did and what we can do better. As I said, I like the conversations and it’s incredibly rewarding to hear what they say about our team and the quality of our work.

    Jim: Is it fair to say you came into this role in an “indirect” fashion? You didn’t start out in tech, right?

    Tim: You could say it was very indirectly. I grew up south of Boston, in Quincy, MA, and was actually a religion major with minors in music and philosophy in college. Afterwards, I was a high school music teacher and football coach for a while, and even went back to school to get a master’s degree in special ed. I was taking classes during the day and tending bar at night, but a softball injury ended my bartending, so I started driving a cab.

    Tim belts out a song on stage with friends.

    Jim: So, you went from driving a cab to working in cybersecurity?

    Tim: Not quite. While I was driving the vice president of a large investment management firm one day, we started chatting and he told me his division was hiring. So, I took a job working in foreign exchange and from there got into project management with a different penetration testing company that does a lot of work with Raxis. I really liked the company and the people, so when the opportunity opened up last March, I joined the Raxis team.

    Jim: You’ve had very diverse working career. What do you do for fun?

    Tim: I enjoy all sorts of outdoor activities with my wife and two kids. Going to the beach, kayaking, playing sports.

    Jim: You clearly have a lot of musical talent as well. Do you still perform?

    Tim: Yep. I’m not in a band, but I have several friends who are. So, they let me join in for sets on occasion. And, of course, I like karaoke as well.

    When you’re on stage, everyone’s eyes are on you and there’s a lot of pressure to perform well. To me that’s what makes it exciting. That same dynamic is one of the things I enjoy most about my job at Raxis.

  • Meet the Team: Matt Mathur, Lead Penetration Tester

    Hi, I’m Matt Mathur. A few days ago, I did an interview with Jim, our marketing guru. The idea is to introduce you to Raxis through the eyes of our team, how we found our way to this profession, and to help you understand what drives our passion for penetration testing. Read on to learn more about my personal story, and if you’re interested in joining our team, check out our careers page and see if you might be a good fit.

    Jim: Tell me a little about your background. How long have you been with Raxis?

    Matt: I grew up on Long Island in New York and got my B.S. in Computer Science from Northeastern University in Boston. I now live in Philadelphia with my fiancée Natasha, who’s finishing up medical school. I joined the Raxis team last November after working on building some automated attack tools to assist in cybersecurity testing and training.

    Jim: How did you come to focus on cybersecurity?

    Matt: Well, I had some experience as a software engineer, in malware research and other security research before turning towards offensive security. I liked all those things, but the idea of offensive security – of using our hacking ability to help companies become more secure is really what excites me.

    Jim: Helping people seems to be a theme in your career and in your personal life. Is that right?

    Matt: Yeah, I think that’s really what led me to cybersecurity in the first place, helping people protect their users and important data. Outside of that, I try to volunteer at organizations such as Black Girls Hack and Women’s Society of Cyberjutsu to help empower people to succeed in cybersecurity. I’m also just inspired by Natasha, who is helping people every day.

    Jim: How does working on the Raxis team fit into that mix?

    Matt’s homemade macarons

    Matt: When we help companies remediate vulnerabilities, we’re helping them secure their users, data, and company. The team is passionate about this, and about helping other security researchers by sharing knowledge with the community.

    Jim: Help our readers and me understand what you mean by that.

    Matt: The Raxis team is fully remote, and we’re constantly updating each other on the newest attacks, tools, and vulnerabilities. On top of that, we’re encouraged to publish our findings, tools, and techniques to help others in the community remediate them too.

    Jim: Do you have an example?

    Matt: Sure, I recently published a Metasploit Module based on a new vulnerability I discovered in Microsoft’s Remote Desktop Web Access application. This module helps people detect the vulnerability, and Raxis not only gave me the time to work on this, but also actively encouraged it. The team celebrates these things, and the same is true for team members who earn new certifications, find creative ways to breach a customer’s network, or develop other tools.

    Jim: You’ve talked about a lot of advantages to being part of the Raxis team. What’s your favorite part of the job?

    Matt: Outside of being able to use offensive security to help people, I like being challenged while learning new things. Outside Raxis, I like to play strategic games like MtG, go hiking and biking, and improve my cooking and baking. These are varied, but it’s nice to get outside my cybersecurity headspace.

    With that said, my favorite part about the job is that it’s an ongoing challenge. We work with clients in various industries with vastly different networks, applications, and security postures. Even very similar companies can have entirely different tech stacks, so there’s constantly room to learn.