Julian Johnson

InComm Payments • Atlanta, Georgia

InComm Payments provides a broad range of financial services and payment solutions. Our Vulnerability Management team handles scanning and reporting for multiple merchants and compliance frameworks.

• • Expand our vulnerability orchestration framework using third-party tools such as Dazz, Nucleus, and custom Python scripts.
• • Communicate emerging threats and zero-day vulnerabilities to stakeholders for immediate response.
• • Enable penetration test engagements by preparing attack systems, collaborating with testers, and translating results into clear remediation recommendations for clients.
• • Perform PCI-compliant network segmentation testing to validate that cardholder-data environments (CDE) remain fully isolated from non-trusted networks.
• • Assess and document PCI “significant changes,” ensuring that architectural updates, segmentation adjustments, and new systems are revalidated for compliance and security impact.

Cincinnati Bell Technology Solutions • Cincinnati, Ohio

• • Built and configured McAfee ePolicy Orchestrator architecture for disaster recovery and testing environments.
• • Analyzed logs during exploitation testing. Created HIPS and DLP signatures to protect against failed attack vectors.

United States Air Force • Honolulu, Hawaii

• • In charge of planning and execution of all security operations assigned to the unit.
• • Distributed all-source intelligence and modeled threats.
• • Trained in the Air Force's PBED (Plan, Brief, Execute, Debrief) process, used for continuous improvement and mission planning.
• • Launched Cyber Defender Playbooks within PACAF, later used across broader Air Force cyber units. Documented adversarial and defensive TTPs and trained defenders in their application. Efforts were formally recognized by 24th Air Force.

United States Air Force • Honolulu, Hawaii

• • McAfee (Trellix) ePolicy Orchestrator technician. Set up server architecture and managed all software products.
• • Created HIPS signatures, DLP rules, rogue system detection, whitelisted software.

United States Air Force • Yigo, Guam

• • Protected critical infrastrucure during Category 5 typhoon. Redirected subfloor flooding back outside, and fixed failing HVAC systems. Prevented datacenter outage, electrical disasters, and kept bombing operations online with zero downtime.
• • Maintained cool server temps and kept them online for 48 hours during total HVAC/UPS outage while awaiting replacement parts. Gathered every fan from across the base, and configured them for max airflow and positive pressure. Created security checkpoint with defensive posture to protect critical infrastructure.
• • Automated client health using PowerShell scripts at logon.
• • Enhanced scanning, patching, and Active Directory administration using scripts. Passing cyber readiness inspection (DISA CCRI) with 95% compliance rating.
• • Maintained offsite backup storage of classified data in accordance with our data retention and disaster recovery plans.