Tag: Careers

  • Meet the Team: Jaret Rader, Development Support Technician

    I’m Jaret Rader, a development support technician at Raxis. I’m excited that, while I’m still working on my education, I get the chance to work part-time at Raxis supporting the Raxis One and PTaaS development team.

    Bonnie: So you’re in your second semester at Southern Adventist University in Tennessee, and you’re already working at a tech company. That was fast work! What made you interested in working at Raxis?

    Jaret: I’ve always been interested in tech. At SAU I’m studying to be an Electrical Engineer with focuses on radio-frequency (RF) and embedded systems development. My dad has worked in cybersecurity for years and is good friends with Raxis CEO Mark Puckett. That got me thinking about the benefits of learning from a team of penetration testers now. By learning more about pentesting and methods used to attack systems, I can better design secure technology from the ground up as opposed to the afterthought it tends to be in today’s world.

    Bonnie: That’s great thinking, and it sounds like your work at Raxis fits in well with your schoolwork. I follow your parents on social media, so I happen to know you’ve been interested in tech since a young age. What was your first project that really made you feel this may be your passion?

    Jaret: Well, way back in the sixth grade, I started doing FIRST Lego League, which is a robotics competition designed for middle schoolers. There were two main parts, an actual robot that would be built using Lego technics and a project that would follow a yearly theme. I can still remember our project from that sixth-grade year. With a theme of animal conservation, my team came up with the “turtle tunnel.” Its purpose was to go over turtle nests and to protect baby turtles on their way to the ocean from things like light pollution as well as seagulls.

    Bonnie: Wow, that sounds like a fun project! And you did other tech work during middle school too, right?

    Jaret: Yes, I got to help the IT department at my middle school test the new web filtering services they used to prevent students from accessing shopping websites or other unapproved sites. I helped with IT work at some other local schools too. I still remember working around the clock to manually reset the BIOs passwords on all the schools’ computers.

    Bonnie: By high school you were getting into RF, right?

    Jaret: That’s right. I began working with an engineer at Lockheed Martin in Orlando on radio frequency (RF) projects. This is what inspired me to study Electrical Engineering and continue learning more about technology. Working with my mentor at Lockheed Martin, I was able to program my own SDR (Software Defined Radio) to receive transmissions, record them, and broadcast them to other radios. I did all of this using a software tool called GNU Radio. It has led to a great friendship with my mentor, even though I’m still not sure what all he works on due to NDAs. I did get the opportunity this past Christmas break to visit his work complex, and, even though I was not allowed inside any of the buildings, it was very cool to see how hidden their offices are in my area.

    Bonnie: You’ve gained a lot of great experience, and it sounds like you’ve made some great friends in the process. What do you do to relax & take a break from your busy student and work life?

    Jaret: Actually, one of my favorite hobbies is coding. When I’m programming, I typically use Python. I don’t tend to do anything too fancy with it other than some small pet projects or using a service such as repl.it to make short text-based games for my friends to play during downtime in class. While I was in robotics during my first two years of high school, we also experimented with a modified version of Java.

    Jaret in a high school robotics competition

    Bonnie: That’s great, but sometimes you do step away from the computer, right?

    Jaret: Haha. Yes, I actually do once in a while. I really enjoy spending time outdoors. One of my favorite things to do outdoors is scuba diving with my family. We have all had our open water certifications for a long time and just a couple years ago took our training to get our advanced certifications. One of our favorite places to dive are the Turks and Caicos Islands, and we have been going there to dive for years. Other outdoor activities I enjoy are participating in my university’s intramural sports. I also umpire for softball and referee for flag football when needed. Something I love about my university campus is all of the hiking trails that we have both on campus and nearby.

    Jaret scuba diving

    Bonnie: And I hear you have a bit of a loyalty in baseball, is that right?

    Jaret: Oh yes, I am always up for watching football or baseball and you can probably find me at an Atlanta Braves game whenever I have a long weekend off from school or if I am able to get out of class a little early. I grew up in Atlanta until age 11 and have been a Braves fan as long as I can remember.

    Jaret at an Atlanta Braves game

    Although not all of my sports teams reside in Atlanta. My family loves Alabama in college football… so much so that extended family members like my great uncle will drive seven hours to Florida just to watch the playoffs with us, or this year even FaceTime all the way from Vietnam.

  • Just Your Friendly Neighborhood Whitehat Hackers

    In the past few weeks lay-offs at several large pentesting companies have been in the news. At Raxis we understand the struggle to find and keep strong talent while balancing that with continuing sales to keep profitable, but it may be more than that.

    With the recent announcement of layoffs that we’ve seen in cybersecurity firms, I can’t help but wonder if these bigger companies are missing the target due to their corporate nature and overly broad service offerings.

    Raxis CEO, Mark Puckett

    We’ve often been tempted to add on to Raxis’ offerings to meet customer’s needs or to join growing markets, but we always come back to a focus on pentesting. From red teams to security reviews, network pentests to application tests, our pentesters are experts in their field and enjoy their work. That’s what keeps them learning (don’t remind them that counts as work and not just fun!) and it’s also what allows us to provide our customers with the highest quality actionable results.

    We’ve had many pentesters come to us stating that they no longer want to work for larger operations.

    And we get that. I feel the same way, but it feels good to know that the team at Raxis agrees and feels that we’ve built a company where each of us is a key part of the team and feels appreciated. There are no small roles at Raxis, and each of us knows that.

    Being small allows us to maintain our strong feeling of camaraderie, despite the limitations of being virtual. We make it a point to get to know each other, have ‘zoom happy-hours,’ and encourage chatting on things outside of work from time to time on Slack.

    Being 100% virtual makes for a very short commute and a pleasant work environment, but that’s not what makes Raxis special. Our team is very supportive, not just for work but also because we respect each other and feel a strong connection. If one of us collects Spam containers (you know who you are), the rest of us send photos of odd Spam we find (in the most surprising places). From kid’s birthday parties to cracking a difficult password, our team is there for each other.

    We are largely a group of whitehat hackers, making it much easier to attract top talent in our industry.

    That’s honestly what makes it so fun to work at Raxis. We’re a group of folks who care about helping companies stay secure. Our job is a lot of fun, but, in the end, we feel good about what we do.

    Interesting in joining the team? We’re looking for part-time contractor pentesters now. US citizens residing in the United States can apply on our Careers page.

  • Meet the Team: Brice Jager, Lead Penetration Tester

    I’m Brice Jager, a lead penetration tester for Raxis — and the only one currently living in Iowa. My career path has taken me on a long journey from health care, to health care technology, and now to penetration testing. I’ve enjoyed all of it, but I now feel like I’m where I was meant to be.

    Jim: Brice, in our discussions, it seems you’ve had two loves in your career: health and technology. I have to ask, which was the first to catch your eye, so to speak?

    Brice: I guess I’d have to say technology because we were introduced to Apple computers in 3rd grade, and I was absolutely fascinated by them. I became serious about health at 12.

    Jim: Yep, Steve Jobs believed in hooking his customers early. Was it just the interaction with technology, or did you actually realize you had an affinity for computers and how they worked?

    Brice: Other kids were “interested.” I was obsessed with understanding them and learning what all they could do. If you had asked me back then, I would have probably said I was playing with the computers. In retrospect, I was really learning the fundamentals of programming. I even developed my own checkers game. At that point, we didn’t have widely available internet, so I had to learn from books — and a lot of trial and error.

    Jim: Did your interest fade after that or did you continue to “play” with computers?

    Brice: Ha! No, my interest only got more intense as I got older. By the ‘90s, I was into war-driving (riding around searching for vulnerable wireless networks) and basically looking for mischief wherever I could find it. Most people I knew were content with just using technology. I was still that kid who wanted the challenge of getting inside and finding out what made it all work.

    Jim: You were a hacker even then.

    Brice: I guess so. And remember, in those days, a lot of software and websites weren’t locked down as well as they are now. It was easier to see how everything was put together. I was able to give myself a terrific education.

    Jim: So, what changed your focus to health care?

    Brice: It didn’t change as much as it expanded. I always had a parallel interest in anatomy and physiology and overall health. In fact, it’s the same interest, only directed toward the body and not a computer. The fundamental questions I wanted to answer are the same as well: How does it work? What causes it not to work well? How can I make it work better?

    Jim: Out of high school, you went with health care. What led you to that decision?

    Brice: I found it easy because I had a pretty deep understanding of anatomy, and it was good to see people getting the results they always wanted. Over time, I became a neuromuscular specialist and helped people avoid surgery or avoid dependence on medications. In a nutshell, tricking the brain into healing itself.

    Jim: You were hacking human brains?

    Brice: Ha! Yeah, you hear that term a lot nowadays, but we were doing it literally and getting results. But there really wasn’t a career path beyond where I was without dancing on the line of burnout, and you quickly realize not all health care has the same goal in mind so it can become frustrating.

    Jim: You did go into sports medicine, though.

    Brice: Yes. In fact, I even became a kinesiology (body mechanics) teacher from 2004 until 2010. I enjoyed it and I still dabble in it some, but I was ready for a change. What I found was a job with a software company out of Finland. They needed someone who understood their product and who could teach it to others, and oddly it was still in the health-related arena. The jump to technology sparked interest and was refreshing.

    Jim: Right up your alley on both counts.

    “Spending time with my family is what I enjoy most. My wife is a professional photographer and we have a four-year-old son. We work and work out, but we manage to work in a lot of time for our family.” — Brice Jager

    Brice: Yeah, and the great part is that it gave me a way to move into IT. I was dealing with the company team that built the software at the same time I was interacting with the customer. That helped me understand the struggles on both sides and led to my next job at the helpdesk of a hospital. Eventually, I became a systems administrator, but I was really a jack of all trades. I was doing everything from installing software to repairing IoT devices. What I didn’t do was a lot of cybersecurity.

    Jim: There was a cybersecurity incident at that time, right?

    Brice: That’s right. My first experience in the wild from the perspective of a victim as it happened. It took a lot of work to recover but it was accomplished in 48 hours.

    Jim: That left an impression, I guess.

    Brice: It sure did. I started pentesting on my own and really got excited about ethical hacking as a profession. Within a year, I had my CISSP, OSCP, OSWP, PNPT and KLCP (professional cybersecurity certifications).

    Jim: Wow! I understand that each of those requires a lot of time and energy.

    Brice: You bet, but it helps if you’re passionate about the field. It’s a LOT of sacrificing to accomplish the certifications between work, family, and life.

    Jim: How did you find your way to Raxis?

    Brice: Oddly enough, I was doing some research on another company that I was considering. I reached out to Bonnie and she and Mark talked with me at length. Based on how easy they were to speak with, I knew it would be a great place to work. You just know good people when you talk to them.

    Jim: What’s your favorite part?

    Brice: My favorite part of this job is that pentesting is my job! And pentesting is, by far, the favorite job I’ve had so far. I love working with the best in the business here. It’s easy to ask questions, and it’s easy to weigh in when you’ve got an answer.

    Plus we get to break in to stuff . . . without getting in trouble.

  • Meet the Team: Jim McClellan, Marketing Director

    I’m Jim McClellan, Raxis’ marketing director and newest (full-time) member of the team. Working with the company as a consultant for two years was a great intro to the people and the culture. When the opportunity arose to join them, it was an easy decision. Now, after months of conducting these interviews, our COO Bonnie Smyre turned the tables, and it’s my turn on the other side.

    Bonnie: I would normally say, “Welcome aboard,” but I probably should say, “Welcome all the way aboard,” as you’ve been a Raxis consultant for two years now. What’s the biggest change you’ve noticed since joining us full-time?

    Jim: Focus. Even though I’ve worked as a cybersecurity marketer for more than a decade, there’s still a very steep learning curve with penetration testing specifically – the tactics involved, the technologies you use, and even the vocabulary. Early on, I thought a CVE was made by Honda and that a Metasploit Module required medical intervention. 

    Bonnie: We have a glossary now that might help.

    Jim: Haha! Yes, we do. Thank you for that, by the way!

    Bonnie: You’ve worked in cybersecurity for a while, but that’s almost a second career for you, right?

    Jim: At the very least, it’s an entirely different application of my skills from the first one.

    Bonnie: You were a speechwriter for one of Florida’s previous governors, weren’t you? How did you get into that line of work?

    Jim: This will sound like BS, but one night when I was 15, I heard a US Senator speak at a hometown fish fry, met a guy who said he was majoring in political science, and talked to an older man who told me about the importance of military service.  Fast forward 12 years and I was a speechwriter for that former Senator who was now Governor Lawton Chiles. I was also an officer in the Florida National Guard with a political science degree from FSU.

    Bonnie: Ha! That does sound like BS . . . or a very fortunate evening for you.

    Jim: It would have been more fortunate to meet Bill Gates or Steve Jobs back then, but it certainly set the tone for the weirdness of my adult life. For example, I’ve had formal dinners in the Governor’s Mansion, but I’ve also fried fish on a creek bank. I’ve ridden in the Vice President’s motorcade during the same time I drove a Bronco with a rusted-out floorboard. There were so many times I wondered, “Am I really supposed to be here?”

    Bonnie: Don’t worry, you’re in the right place. Do you miss working in politics?

    Jim: Not in the least. I miss the people and the politics as they were then, but there was much more civility, respect, and appreciation for the complexities of public policy. Now, there’s a lot of unbridled and sometimes uninformed passion. As Arthur Schlesinger said, there’s “too much pluribus and not enough unum.”

    Bonnie: You’ve obviously seen a lot of changes in your field. What do you consider most significant?

    Jim: Emojis. I never thought hieroglyphics would make a comeback after all these millennia, but here we are.

    Bonnie: You’re joking . . . I hope.

    Jim: Really, I think it has been the convergent evolution of PR, marketing, and advertising. Those were very siloed disciplines for decades. Now, they’re just different starting points for conversations that happen mostly over social media.

    Bonnie: Has that made it easier or harder to reach customers?

    Jim: It’s a lot easier to get a message in front of customers but much harder to get them to notice. There are no more captive audiences listening to monologues from companies. The customers are in control, so businesses have to be ready to provide useful, high-quality information when and where buyers need it. And, of course, trust is everything. Word of poor service or a faulty product can, quite literally, travel around the world in minutes.

    Marketing is still about authenticity and creativity, but the canvas is larger, and we have more colors and brushes to work with.

    Bonnie: And emojis.

    Jim: Yes!

    Bonnie: I know one of your favorite tactics in these meet-the-team interviews is to get people to tell you about their hobbies or unusual things they’ve done. So, I’m going to do that with you. 

    Jim: My hobbies include backpacking, fishing, hunting, and any other reason I can dream up to be outdoors. I also like woodworking and volunteering with Habitat for Humanity. As for unusual? Let’s see: I wrote a book about growing up on the Apalachicola River and the adventures we had in my small hometown. After it was published, my brother (a judge) pointed out that I had confessed in writing to two felonies and multiple misdemeanors.

    Life Along the Apalachicola River book

    Bonnie: You’re not in jail, so it must have worked out okay.

    Jim: I’m not in jail, and mine is Amazon’s 537th bestselling book . . .  in the hunting and fishing humor category. Win, win.

    Bonnie: Yes, just a short hop away from the New York Times Bestseller List. Speaking of the Apalachicola River, isn’t that where that delicious tupelo honey comes from? We all look forward to getting that from you during the holidays. Also, don’t feel the need to stop just because you work for us now.

    Jim: Noted. And, yes, I even named my company Tupelo Media. The Apalachicola River is one of two places where there are enough tupelo trees to produce the honey commercially. One of the jobs I had growing up was helping a beekeeper during tupelo season. Giving away jars of it is a great way to start conversations about the river — and it reminds me that I never want to be a beekeeper again.

    Tupelo Honey

    Bonnie: That’s good because you still have work to do here. What’s your favorite part about working with Raxis?

    Jim: I’ve worked with lots of different companies as a consultant and employee, so I’ve learned it’s easy to look at the bottom line and know how a business is performing in the short term. But it’s the team, the leadership, and the culture that will tell you whether the company will be successful for the long haul. My favorite part of working for Raxis is the certainty of being on a winning team made up of people I really like.

    And the dancing penguin emoji. I love that guy.

    Bonnie:  Noted.

  • So, You Want to Earn Your OSCP?

    I’m Andrew Trexler, senior penetration tester at Raxis. As the Raxis team member to earn the Offensive Security Certified Professional (OSCP) designation most recently, I’m sharing my thoughts about the experience. My goals are to provide you with information I found helpful as well as to share some things I wish I had known in advance.

    Why take the OSCP?

    If you’re serious about being a penetration tester, the OSCP is, for all intents and purposes, the industry standard. As I considered pentesting as a career, I spoke with lots of people who were working in the field already. Consistently, they recommended getting the certificate, which requires taking the Penetration Testing with Kali Linux (PWK) course. I also watched a great YouTube video by John Hammond in which he recommended it.

    In truth, the course is useful for any career in cybersecurity, not just pentesting. If you’re working on a blue team, for example, the experience of hacking into a network provides a lot of valuable insights for developing a cyber defense strategy.

    Where to Start

    As I mentioned, you start officially with the PWK course. Going through it is helpful, and you really do learn a lot. The course includes a manual along with a lab environment. It is self-paced, so you go through it on your own time and schedule the test when you’re ready to take it.

    However, there are some things I recommend doing beforehand. If you are new to the pentesting/cybersecurity field I would start with some capture-the-flag (CTF) exercises like those found here. After getting comfortable with CTFs, you might find it helpful to move on to  sites like Hack the Box  or TryHackMe. Doing these first will help you hit the ground and get running a little faster in the lab environment.

    How to Make the Most of Your Coursework

    Take lots of notes. While going through the lab, you’ll do many different things – and you’ll do the same things multiple times. Keeping notes on how you got access to each machine during the lab work (yes, with copy/paste commands and explanations) will help during the test. Your notes can give you ideas and help you remember difficult syntax. Also, notes that act as cheat sheets with common commands are especially helpful. (I use Obsidian to take notes in Markdown.)

    Further, I recommend spending as much time in the lab as possible. While there is a forum for users, it may sound like the people there are speaking in code. If you struggle, just keep working the problem and learning. If you do get stuck, ask questions in the forum. From my experience everyone is helpful, but they know it’s more important to guide you to an answer than give it to you. Those who answer usually do it in a way that makes you learn the solution on your own, and you’ll thank them for that when you are taking the OSCP exam.

    About the Lab

    The lab houses more than 70 different computers. Most of these computers contain vulnerable software that can be exploited – and some don’t. The idea is to exploit a vulnerable machine, grab any information it’s storing, and then use it to access a machine that does not have a vulnerability.

    Among the vulnerabilities you’ll see in the lab are ones that are well-known and that have been around for years. EternalBlue is one example. Then, there are smaller applications that still have known vulnerabilities, but require a little searching to find the right exploit.

    The real challenges are the custom applications that either can be used to gain access or have their own vulnerabilities that require custom exploitation, using anything from XSS to SQLi to LFI/RFI. There are also remote and local exploits to gain access and then escalate privileges.

    See a term you don’t recognize? Visit our glossary.

    To me, the most interesting part of the lab is the subnet structure. There are different subnets that require access to an initial computer, at which point you can pivot and pass traffic through that computer. This proxying traffic can be the only way to hit and exploit the other machines on the subnet.

    Andrew Trexler, Lead Penetration Tester
    How the Test Works

    There are five different machines on the test. On each are text files that can be submitted to prove your access. Depending on the difficulty of the machine, these files are worth varying numbers of points. Of 100 available points, you’ll need 70 to pass the exam.

    However, to get credit for those points, you have 24 hours to write a report that includes the steps you took to exploit the machine. These must be replicable by a technically competent reader and must contain either the link to the exploit code used or the exploit code if changes were made to it.

    During the exam, you are not allowed to use automated exploit tools. Metasploit can only be used once during the test, whether it works or not. Other exploits must be created manually by inputting the correct data or scripts, which may require some trial and error.

    What to do Before the Exam

    It sounds counterintuitive, but I don’t recommend studying or practicing right up until test time. Instead, try to take the day before the exam to prepare for how you’re going to take it. The exam must be completed in 24 hours, but you can pick an early or late start time. If you’re an early riser, start early. If you like to sleep in, start later. The point is to make sure that you play to your own strengths.

    Use your prep to do other helpful things as well. Maybe make sandwiches for the next day or set up the computer you are going to use to take the test. Figuring out things that you can do the day before can and will make things easier come test day.

    What to do on Exam Day

    The hardest part of the exam is the time management. The attacks to gain access are straightforward once you find them. However, you might have to change things up to get the exploit to work.

    Be sure to watch out for rabbit holes. There aren’t many, but being able to recognize them and get out of them quickly is a critical skill. Part of what they are testing is how quickly you figure out when you’re on the wrong path . . . or if you just haven’t gone far enough down the right one.

    Also keeping things fresh and not getting frustrated is key. That’s why it’s important to take your time, despite the deadline. I felt pressured by the 24-hour time limit, but it helped a lot to take a five-minute break about once each hour. Walking away from the computer and just re-setting a little bit can bring the burst of inspiration that helps you get to the next step.

    Incidentally, time management is a skill that’s even more essential in your career as a pentester. There’s only a certain amount of time allotted for testing, so you can’t get sidetracked chasing dead ends.

    Final Thoughts

    Remember that this is a professional certification, and many people don’t pass it on their first try. Let that take some of the pressure off. If you don’t pass this time, you always have next time.

    And, yes, it’s very hard. But that’s a good thing. If it were easy, everyone could do it and that would rob you of the satisfaction and respect that comes with earning your OSCP.

  • Meet the Team: Cole Stafford, Sales Development Representative

    I’m Cole Stafford, the newest Raxis team member, working with Brad Herring, our Vice President of Business Development. Though I’ve only been with the company a short time, I’ve learned quickly that my coworkers are a special group of people with a fantastic reputation in the penetration-testing space. You can learn more about Raxis by watching some of our YouTube videos. If you like what you see, check out our careers page.

    Cole with a lingcod, caught on a fishing trip to Alaska with his dad.

    Jim: Cole, tell me what you’ve learned in the time you’ve been here at Raxis?

    Cole: A lot! The first challenge has been getting to know everyone and understanding their roles. Then, of course, was learning how the process works – from our initial conversations with customers to scoping jobs correctly. To do it right, I’ve had to learn what the job really entails and what kinds of information the engineers need.

    Jim: How did you find your way to Raxis?

    Cole: Brad Herring (VP of Business Development) is a friend of a friend who told me about the job. The company had been interviewing candidates from all over the country and hadn’t found anyone that quite fit the role. When I heard what they were looking for, it sounded like a great fit.

    Jim: Like Brad, you took an unconventional journey into the sales field, correct?

    Cole: That’s right. I’m ultimately interested in a career in cybersecurity – hopefully as a pentester. Right now, I’m in college at Kennesaw State, studying computer science with a focus on cyber.

    Jim: Is this job giving you some good experience you can apply in the future?

    Cole: Yes. This has been a great chance to see how the things I’m learning in class are applied in the real world by a real cybersecurity company. I feel like I’m getting to look over the shoulders of the pros here at Raxis.

    Jim: How did you get interested in the technology field?

    Cole: It started with building computers for friends and family members. They would order the parts and pay me to assemble them. From there, I got interested in coding and started taking some online classes.

    Jim: Now that you’re in college, I guess you’re not doing the online classes as much.

    Cole on the links.

    Cole: Actually, I am still taking come cybersecurity courses through https://tryhackme.com.

    Jim: Raxis is a remote work company. Does that make the job easier or harder for you?

    Cole: Raxis is remote, but a lot of our team members are in the Atlanta area where I am. That’s the best of both worlds because I don’t have a daily commute, but I can meet in person with Brad or others when I need to.

    Jim: You live in Georgia, but where are you from originally?

    Cole: I grew up in South Carolina, but I consider myself an Ohio native.

    Jim: Were you born in Ohio?

    Cole: No, I just have a lot of family there, and I spent summers with my grandparents, aunts, uncles, and cousins. It just seems more like ‘home’ to me than South Carolina. I still enjoy visiting there, catching up with family, fishing, and playing golf with my uncle. It’s very important to me to spend time with my family and friends.

    Jim: Speaking of family, I understand that you and your dad enjoy restoring old cars and trucks.

    Cole with his award-winning 1972 Chevy K-5 Blazer, restored during his freshman year of high school.

    Cole: Yep. We’ve restored old Chevy Blazers from 1970 and ’72, and a 1931 Model A Ford that we just sold recently. It’s like building computers in that there’s a lot of satisfaction in working with your hands and seeing your work come to life.

    Jim: I realize you haven’t been at Raxis for very long, but what’s your favorite part so far?

    Cole: Being a part of this team is really special. It’s obvious when we’re talking with customers that Raxis has a reputation for excellent work. Ones we’re working with tell us how much they enjoy working with our team, and a lot of our new customers are referrals.

    Even though I’m fairly new, hearing about the great work our engineers do makes me proud to work for Raxis.

  • Meet the Team: Ashlyn Puckett, Social Media Specialist

    I’m Ashlyn Puckett, social media specialist for Raxis. Though I’m a new employee, I’ve been an “associate” since the beginning. I also might be a little biased, but I really think you should follow Raxis on Facebook, LinkedIn, Twitter, and Instagram. Also, be sure to check out our careers page and subscribe to our YouTube channel.

    Jim: Of all the team members we’ve featured, you’re one of the two who can say you were there at the start.

    Ashlyn: Ha! That’s right. Because my dad founded the company, I’ve gotten to watch Raxis grow since its launch in 2011. I was in elementary school back then, so being a part of the team now is a great full-circle moment for me, even though I just do part-time social media marketing.

    Jim: Let’s talk about that. How did you decide that was something you wanted to do?

    Ashlyn: I remember we were sitting at dinner one night with Bonnie (Smyre, COO) and my family, and someone made a comment about Raxis’ social media. Having seen the pages, I knew there were some changes I thought the brand could benefit from, so I made some recommendations. At that point, my dad suggested I work with our social media team to implement my ideas.

    Jim: Is that something you’re considering as a career?

    Ashlyn: It’s more of an interest than a career option. Currently, I am majoring in marketing with a concentration in digital marketing and a minor in English. However, I plan to graduate a year early to attend law school, which is my real passion. I do enjoy marketing, but it’s the legal field that piques my interest.  In addition to my work with Raxis, I’m also working for a professor at LSU to gain some experience before I go to work with a law firm as a clerk or intern.

    Jim: What sparked your interest in becoming a lawyer?

    Ashlyn: As much as anything, I think it was my involvement with the Model United Nations organization during high school. I started when I was a sophomore, was vice president my junior year, and served as president when I was a senior. It started as a really small club with maybe 10 people, but I helped to grow the membership to about 20-30 people.

    Ashlyn with her outstanding delegation award from the University of Georgia’s Model UN conference.

    Jim: It sounds like you really put a lot of yourself into that organization. I understand you earned a lot of recognition for it as well.

    Ashlyn: Well, I did win multiple awards at the conferences I went to (they tend to vary on titles but generally they’re called “distinguished delegate,” or “honorable delegation”). I put a lot of effort into creating speeches, lessons, and coordinating for the club, but I had an amazing team helping me through it all. Their dedication – working before, during, and after school – was really the reason we were so successful.

    Jim: You’re at Louisiana State University (LSU) now. College life must be incredibly busy, especially with two part-time jobs.

    LSU mascot “Mike the Tiger.”

    Ashlyn: Three, actually! I’m also working with the Office of Business Student Success (OBSS). And, yes, it’s crazy busy, but it’s also fun.

    Jim: I’ve heard LSU has a football team. Any truth to that rumor?

    Ashlyn: Now that you mention it, I’m way more into football than I thought I would ever be, but I guess that’s what I get for going to an SEC school. I also just love the culture here in Louisiana. There’s something to be said about the overwhelming pride people have for their school and state. They’re just so upfront and in your face about everything, which I love because that’s how I’ve always been.

    Ashlyn with her parents, Mark (l) and Alison (far right), Raxis COO Bonnie Smyre (middle), and friend Acey (back)

    Jim: I don’t see how you would find the time, but are you involved in any extracurricular activities?

    Ashlyn: As a matter of fact, I am. Recently I became the president of Pi Sigma Epsilon – Beta Xi chapter, which is a national business organization focusing on marketing, management, and sales. Just like Model UN, it’s a smaller club – about 30 members, at present. My goal is to help transform it into something awesome!

    Jim: Do you have any time to just relax? Hobbies?

    Ashlyn: My schedule is hectic, but I play the cello and read (for pleasure) when I have time. Other than that, I like to consider myself something of a food tourist. I love going to good restaurants and trying new and strange things, particularly if they’re spicy. It’s quite a fitting hobby for living in Louisiana. I can honestly say I haven’t had bad food here yet.

    Jim: Keeping in mind that your dad is going to read this, how do you like working for Raxis?

    Ashlyn: I can say very honestly that I have really enjoyed working with Teresa (Zwierzchowski, social media director), Bonnie, and the rest of the Raxis team. Everyone is genuinely kind and helpful, and you can tell they are all excited about the work they are doing.  

  • Meet the Team: Mark Fabian, Senior Penetration Tester

    My name is Mark Fabian – but to my friends and colleagues, it’s just Fabian. Today, I’m in the spotlight, discussing what really is my dream job — lead penetration tester here at Raxis. After just a few short months, I can highly recommend that you check our careers page and our YouTube channel to see if this is the career path and company for you.

    Jim: Mark, I think it’s important to let folks know that you represent “Raxis West” as the only Californian on the team.

    Fabian: That’s right. I’ve spent all but four years of my life in Northern California, here in the Sacramento area. Even the time away was just down south in San Diego.

    Jim: You must like it out there.

    Fabian: This is a perfect spot for folks who like to spend more time outdoors than indoors. Personally, I enjoy all kinds of activities like hiking, wakeboarding, dirt biking, riding jet skis, going out on houseboats, and just hanging out at the lake with my friends.

    Jim: Sounds like you’re definitely in the right place.

    Fabian: Yeah, the weather out here is great, though the water levels at the lakes have been down this year. There’s also an amazing number of activities within just a short drive, such as snowboarding or surfing.

    Jim:  Speaking of activities, I understand you’re a musician.

    Fabian: I play guitar and some other instruments . . .

    Jim: You should get together with Tim Semchenko. He can sing while you play.

    Fabian: I was actually in a band for a few years that played metal and punk. I love all things music. I even used to run the soundboard for my church.

    Jim: You have that in common with (VP of Business Development) Brad Herring.

    Fabian: That’s interesting because church is also how I got started building websites. I made a remark about how outdated the church’s site was and they invited me to do better. The short version of the story is that I did and that became my duty.

    Jim: Is that how you first got into tech?

    Fabian: My interest in technology started a lot earlier. When I first started using the internet, we had an old, slow dial-up connection. But my neighbor had a much faster connection and Wi-Fi. As a joke, he said if I cracked the password, then I could use his Wi-Fi. I don’t think he ever expected me to crack it, but I did. Faster internet, here I come!

    Jim: Are you really telling me that hacking was one of your first tech achievements?

    Fabian: Ha! I guess so.

    Jim: Geez. Where do you go from there?

    Fabian: For me, it transformed into an interest in the mechanical side. I started repairing smart phones and tablets, adding memory to computers . . . that kind of stuff, mostly for friends and relatives.

    Jim: That mechanical interest went beyond computers, though, right?

    Fabian: Right. I grew up rebuilding cars and taking them to the track.

    Fabian changing fluids in his 2010 Mazda Miata

    Jim: (Raxis CEO) Mark Puckett must have enjoyed your interview.

    Fabian: Apparently, since I got the job. When I talked about my interest in cars, (COO) Bonnie Smyre joked, “Well, that’s it. We probably don’t need to know any more.” But I should add that I work on older, slower cars. No Porsches or Lamborghinis. And our track is more for drifting than racing.

    Jim: Did you find you had a knack for mechanic work, a greasy thumb or something?

    Fabian: Yes, as I kid, I used to rebuild gas powered scooters. Also thought it would be a blast to take a weed-whacker motor and attach it to my bike. It did not disappoint. As I grew, the projects just got bigger. So, I started rebuilding car engines, changing out the suspension, doing custom fab work, and so forth.

    Jim: Did you consider making that a career?

    Fabian: In a way, yes. When I really focused on what I wanted to do for a living, three possibilities were at the top of the list: helicopter pilot, master mechanic, or a job in the tech field. But helicopter instruction is very expensive, and it would have taken as long to be a master mechanic as it did to develop the same level of skills in the tech field. Plus, technology seemed more versatile.

    Jim: Once you decided on technology, how did you decide that penetration testing was going to be your area of focus?

    Fabian: That was always my biggest interest. I just didn’t know how to get there at the time. So, I started with building websites, affiliate marketing, landing pages, that kind of stuff.

    Jim: College?

    Fabian: I did get my A.A. degree in computer science, but then I decided to start working on certifications instead of continuing in college. I got a helpdesk job because I thought that would be a good first step.

    Jim: Seems like it was.

    Fabian: It was, but there were a lot more steps in between. I went from doing helpdesk work to becoming an IT admin. I moved from there into a security operations center (SOC) analyst role to doing blue and purple team assignments. Finally, I landed at Raxis.

    Jim: Is it as good as you thought it would be?

    Fabian: Absolutely. This was the dream job, and working with the Raxis team has been an incredible experience.  I love offensive security, finding and exploiting new vulnerabilities, and learning more every day. I also appreciate that we get to work independently, but we can reach out when we need help and offer help when it’s needed.

    “As others have said, the people are terrific and have a wealth of knowledge. They have high expectations for performance, but they give the team members a lot of flexibility and they encourage creativity.”

    Mark Fabian

     

  • Meet the Team: Andrew Trexler, Senior Penetration Tester

    I’m Andrew Trexler, senior penetration tester and one of the newest members of the Raxis team. Recently, I spoke with our marketing specialist about how I got interested in penetration testing and what led me to Raxis. Take a look at our careers page — Raxis is always interested in speaking with qualified pentesters who may fit well with our team. So, visit the page and subscribe to our YouTube channel.

    Jim: Andrew, you started at Raxis recently, but you’ve been involved in information security for a while now, right?

    Andrew: Yes, I graduated from Pitt in three-and-a-half years. After I finished, I really wanted to focus my attention on cybersecurity, and I became obsessed with pen testing.

    Jim: From what I’ve heard, you earned a couple of high-end certifications as well.

    Andrew: I had my bachelor’s degree in Information Science, but, in the penetration testing field, certifications are just as important, if not more so. While I was looking for a job, I earned the Offensive Security Certified Professional (OSCP) and the eLearning Junior Penetration Tester (eJPT) certifications.

    Jim: Other Raxis team members have told me the OSCP is a very difficult cert to get. Was that your experience?

    Andrew: It took a lot of work over a long period of time. I only had a month of lab time, but I began studying for it five months before that. For the final exam, I had 24 hours to hack into five computers.

    Jim: That sounds painful.

    Andrew: The test was hard, but I really enjoyed the labs. My favorite was hacking into one computer, finding nothing on it, then figuring out how to use that computer to hack into others that did house the data I was after.

    Jim: What spurred your interest in technology initially?

    Andrew: I’ve always enjoyed computers. They’ve always just made sense to me, and so, in high school, I took all the computer classes that were available. Majoring in information science at Pitt was a natural next step. That’s where I got interested in network security and figured out that hacking and breaking into things is just plain fun.

    Jim: How did you find out about Raxis?

    Andrew: I was just looking around on the internet and came across the website. I interviewed with several companies, but Raxis really stood out.

    Andrew preparing to electronically detonate fireworks.

    Jim: How so?

    Andrew: For one thing, (chief operating officer) Bonnie Smyre really went out of her way on multiple occasions to make sure my questions were answered and to encourage me to take the job. The people I spoke with all seemed to enjoy what they do. It really felt like a happy family and it still does.

    Jim: You’ve said that hacking and breaking into things is fun, but I understand you’re also an expert at blowing things up.

    Andrew: I guess you could say that. On occasion, I get to be a pyrotechnics artist, putting on fireworks shows.

    Jim: I’m tempted to say, “That must be a blast,” but I’m sure you’ve heard that one before.

    Andrew: Ah, yeah, a few times.

    Jim: In all seriousness, it seems like that would be very exciting or terrifying, depending on your perspective. How did you get into that?

    Andrew: It started out as a one-time thing, helping my cousin put on a show. Next thing I know, I’m a trained technician.

    Jim: Where do you put on your shows?

    Another successful show.

    Andrew: My hometown is here in Monroeville, Pennsylvania, just outside Pittsburgh. We do shows here and as far away as Altoona. Mostly for the minor league baseball games.

    Jim: Isn’t that a dangerous occupation?

    Andrew: We take a lot of precautions, so we keep our operations very safe. It takes us anywhere from an hour to three hours to set up for what, sometimes, is a 15-minute show. Also, our mistakes tend to be blown up or burned up.

    Jim:  You don’t make many, I’m guessing.

    Andrew: Ha! None that you know about.

    Jim: It seems like fireworks would be computer-controlled nowadays? Is there a high-tech component to that work?

    Andrew: Some of the bigger shows use electronic controls, but, for the most part, ours are just old-fashioned fuse-lit fireworks.

    “Even the most senior people at Raxis will stop what they’re doing and help you out when you need it. On top of that, these are fun people to work with who are really, really smart.”

    Andrew Trexler

    Jim: It’s hard to compare with the excitement of a fireworks show, but you obviously enjoy your work with Raxis. What’s your favorite part so far?

    Andrew: What I’ve enjoyed most so far is being able to ask questions of my teammates and answer theirs when I can. The culture is one in which everyone is here for everyone else. Even the most senior people at Raxis will stop what they’re doing and help you out when you need it. On top of that, these are fun people to work with who are really, really smart.

  • Meet the Team: Brad Herring, VP of Business Development

    I’m Brad Herring, VP of business development for Raxis. In that role, I work very closely with our marketing specialist on a near-daily basis. So, our interview was more like an extension of our normal conversations. And that’s one of the great things about working with Raxis – we’re a tight-knit team. We’re professionals who are also friends and family-of-choice. If that sounds like a work environment you’d enjoy, please subscribe to our YouTube channel and check our careers page to learn more.

    Jim: Brad, in many cases, you’re the first Raxis team member customers interact with. That seems like it would be incredibly hard.

    Brad: Actually, it’s one of my favorite parts of the job.

    Jim: I meant for the customers.

    Brad: Ha! Yes, for them I’m sure it’s very hard. But once they’re done with me, they get to deal with Tim (Semchenko) and our engineers. So, there’s light at the end of that tunnel.

    Jim: Raxis has a lot of new and repeat business, so I’m obviously joking. Tell us more about why you enjoy working with customers and potential customers.

    Brad: It’s because I know that we’re genuinely helping them become more secure and, by extension, making the world a little bit better place. I know that sounds hokey, but it really is true.

    Jim: You’re doing sales, but that’s not really your background. How did you land in this role?

    Brad: I really enjoy telling the story about how our CEO, Mark Puckett, has been a friend since childhood. We’ve always shared a love for computers and cars. After he founded Raxis, he asked for my take on a different business venture he was considering. He decided against that opportunity, but Mark told me that he thought I would be a good fit for Raxis. I said, “Anything but sales.”

    Brad Herring (l) and Raxis CEO Mark Puckett ®

    Jim: Yet, here you are!

    Brad: That goes to show how good Mark is at selling.

    Jim: But you are a storyteller at heart and you have a strong technical background as well.

    Brad: Yes, my background is in theater. My actual major at Kennesaw State was in Acting and Directing.  (I also minored in business law, just to keep people guessing.) And, believe it or not, storytelling is a lot of what I do when I’m speaking with customers. I never know how much technical knowledge someone is bringing to the table, so I have to be sure I understand the technical parts of our job well enough to explain it to people who have little or no expertise on the subject.

    Jim: But you also have to work with CIOs and CISOs who live and breathe this stuff.

    Brad: Yes, I do. And that’s where I’m fortunate that much of my theater career was spent in the more technical realms of sound and lighting. I owned two companies and did a lot of work for theaters, both indoor and outdoor, as well as houses of worship. A lot of that work is computer-driven, and the technology is based on network protocols.

    Jim: I’m sensing that your early love of computers helped pull you in the technical direction, at least in part.

    Brad: Absolutely! My first computer was an old Commodore VIC-20 with no storage media. So, if you wanted to play a game, for example, you had to type in pages of commands from books, debug them, hope the power didn’t go out, and then watch all that work disappear when you switched it off. I remember digital cassette recorders as life-changing technology. Then modems came along and gave guys like Mark and me an opportunity to share our passion and connect with others. And, really, those computer-to-computer connections were the origin of the Internet and the main reason why penetration testing is so necessary now.

    Jim: What does a typical day at work look like for you.

    Brad: You know me. Nothing about me or my work is ever ‘typical’ — and I wouldn’t have it any other way. I do spend a lot of time negotiating with customers — again, making sure that we’re selling them what they need. I’m also involved, as you know, in marketing our services. I still enjoy production work, creating videos that showcase our talented team members, and checking in with other company leadership to make sure we’re on the same page.

    Jim: You also have a lot of projects around the house to keep you busy, right?

    Brad: My home and property are projects. In fact, sometimes it seems like my life is a project. We have chickens and a garden to tend. I just got done rebuilding an antique tractor that our CTO, Brian Tant, gave me. There are boats to tinker with, a jeep to keep alive, and a lot of carpentry and metal work that keeps me busy.

    Brad on the 1946 Ford 2N tractor he rebuilt. (Not pictured: An ocean of hydraulic fluid spilled on his garage floor during the process.)

    Jim: And you still have time for your faith and your family.

    Brad: Yes. Those are the most significant treasures in my life, and I’m very fortunate that Raxis gives me the flexibility and time I need to nurture them. I’m also privileged to work for the ‘good guys’ in this world and help my children understand the importance of standing up for what’s right. Ultimately, I think that’s what determines whether or not a job is fulfilling and worthwhile — I know that the world is a better place because Raxis is here.

  • Meet the Team: Bonnie Smyre, Chief Operating Officer

    As Raxis’ chief operating officer, I’ve been busy prodding coworkers to do these meet-the-team interviews. (Looking at you, Brad, Brian, and Mark). Now, it’s my turn for a conversation with our marketing specialist, and the result is the interview below. I’m more accustomed to conducting interviews than giving them, so, if you’re a qualified penetration tester, check out our YouTube channel and our careers page. If Raxis is the type of company you’d like to work with, who knows – maybe I’ll get a chance to interview you.

    Jim: First of all, condolences for your Tarheels’ recent loss to my Seminoles in football.

    Bonnie: That’s all right. I’m a baseball fan, so North Carolina will get its redemption in the spring – if not before.

    Jim: Really? I wouldn’t picture you as a baseball person. How did become a fan?

    Bonnie: That started while I was at UNC. I was working as a web and database developer for many years. Baseball just seemed to be an athletic extension of that same mindset. As a game, it fit in with the details, patience, and long-game required to code a complex application from start to finish… and end up with a result that faculty, staff, and students were all happy with.

    Bonnie cheering on her alma mater.

    Jim: I don’t think I’ve ever heard anyone make that connection before. Is that what attracted you to a career in IT in the first place?

    Bonnie: I was a shy bookworm when I was younger. IT was a field I thought would allow me to work independently and not require me to interact as much with other people. However, as I grew in my profession, I realized that I needed to get past that shyness if I wanted to really make a difference.

    Jim: Did that happen naturally, or did you have to work at it?

    Bonnie: Oh, I worked on it. I moved on to a development job at PBS North Carolina (UNCTV while I was there). During our pledge drives, I was usually backstage working on a computer, but occasionally I would be on the phones and on live television. There are people who still tell me they remember seeing me on air.

    Jim: Did that make you more comfortable being in front of people?

    Bonnie: That started me on the path, I think. But the real breakthrough was when I went completely outside my comfort zone and took improv classes for a few years. I was petrified at first, but I met some great people who gave me the courage to get over my fear.

    Jim: I think most people would find that terrifying – to be on stage, all eyes on you, and the pressure to be funny.

    Bonnie: Improv isn’t like stand-up comedy. The whole point is that you are not alone. The team has your back, and you have theirs. It gives you a confidence to just run with what pops into your head & see if it’s funny.

    Jim: Okay, so you’re a veteran IT pro and you’ve got all this improv experience. How did you find your way to Raxis and bring those skills together?

    Bonnie: Our CEO, Mark Puckett, & I were good friends in high school, and I met his wife when her mom and dad were “band parents” for the marching band. (I played the flute.) In 2014, I moved back to the Atlanta area to be closer to my family and began working as a penetration tester at Raxis. When my first PSE (physical security evaluation) job came up, I found that my improv experience helped me think on my feet.

    Jim: So, improv helped you convince people you were someone else and your IT background allowed you to capitalize on that?  

    Bonnie pretending to be an elderly woman on stage (l) and for a real-life PSE (r)

    Bonnie: Yep. It’s a bit scary how often people believed me, but the good news is, it was all for educational purposes. Once they see how easy it is for someone to slip past their security, it helps them better understand what they need to do to protect themselves and their companies.

    Jim: Unlike other companies, most of Raxis’ best work has to stay confidential for obvious reasons. In the absence of outside validation, what makes the work fulfilling to you?

    Bonnie: As I’ve grown in this job from pen tester, to project manager, to leading operations, I’ve found that I’m no longer in a shy IT position. Just like my improv team made me feel safe to try new things, the team here at Raxis makes things fun every day. It honestly doesn’t feel like a job. I get to work with great people and do what I love each day.

  • Meet the Team: Tim Semchenko, Senior Manager, Operations and Customer Delivery

    I’m Tim Semchenko, senior manager of operations and customer delivery for Raxis. As part of our Meet the Team series, I agreed to do an interview with our marketing team. Below, you’ll see how I found my way to Raxis and why I like it so much here. If you’re interested in working with an outstanding group of folks, go visit our careers page or check out our YouTube channel to get an idea of what it’s like to work with us.

    Tim on the beach

    Jim: Tim, tell us about your role at Raxis.

    Tim: My title is senior manager of operations and customer delivery. That means my job really starts once a sale is made and the scope of work is established. My role is to make sure the customer has a great experience from the beginning of the engagement to the end.

    Jim: That sounds like a tall order. What all do you have to do in order to make sure the engagement is successful?

    Tim: So, my role is “soup to nuts” – making sure we have the right resources available, that we stay on schedule, that we deliver everything we said we would, and that the customers get what they’re expecting. I’m Raxis’ liaison, so, when issues come up, it’s my job to figure out how to adapt and adjust to make sure they get what they need.

    Jim: What’s your favorite part of the job?

    Tim: Honestly, I enjoy the challenges that come with managing a heavy workload. No two jobs are exactly the same, so there are sometimes complications that we can’t foresee going in. When that happens, it’s like triage – solving ‘unsolvable’ problems. Scheduling around the birth of a baby, for example. There are always fires to put out, but I love the fast pace, the people, and the conversations.

    Jim: How do you measure success? How do you know that your customer has had a great experience?

    Tim: I know because they tell us. My work doesn’t end when the penetration test is over. We go back and ask them how we did and what we can do better. As I said, I like the conversations and it’s incredibly rewarding to hear what they say about our team and the quality of our work.

    Jim: Is it fair to say you came into this role in an “indirect” fashion? You didn’t start out in tech, right?

    Tim: You could say it was very indirectly. I grew up south of Boston, in Quincy, MA, and was actually a religion major with minors in music and philosophy in college. Afterwards, I was a high school music teacher and football coach for a while, and even went back to school to get a master’s degree in special ed. I was taking classes during the day and tending bar at night, but a softball injury ended my bartending, so I started driving a cab.

    Tim belts out a song on stage with friends.

    Jim: So, you went from driving a cab to working in cybersecurity?

    Tim: Not quite. While I was driving the vice president of a large investment management firm one day, we started chatting and he told me his division was hiring. So, I took a job working in foreign exchange and from there got into project management with a different penetration testing company that does a lot of work with Raxis. I really liked the company and the people, so when the opportunity opened up last March, I joined the Raxis team.

    Jim: You’ve had very diverse working career. What do you do for fun?

    Tim: I enjoy all sorts of outdoor activities with my wife and two kids. Going to the beach, kayaking, playing sports.

    Jim: You clearly have a lot of musical talent as well. Do you still perform?

    Tim: Yep. I’m not in a band, but I have several friends who are. So, they let me join in for sets on occasion. And, of course, I like karaoke as well.

    When you’re on stage, everyone’s eyes are on you and there’s a lot of pressure to perform well. To me that’s what makes it exciting. That same dynamic is one of the things I enjoy most about my job at Raxis.