Hunter Glass

Cybersecurity professional · control validation · cloud and enterprise security

Security controls, risk assessment, and continuous hardening across modern environments.

Cybersecurity professional with experience implementing, testing, and validating security controls across enterprise and cloud environments. Skilled in vulnerability management, configuration hardening, and risk assessment aligned with frameworks such as ISO 27001, SOC 2, and SCF. Passionate about threat detection, remediation, and continuous improvement of security posture.

LinkedIn GitHub

Experience

Experience in control assessment, remediation, and security engineering.

CBIZ Technology

Cybersecurity Consultant

June 2024 - Present

  • Assessed security controls across infrastructure and cloud environments against ISO 27001:2022 and SCF frameworks, translating audit findings into actionable steps and control implementations to strengthen clients’ security posture.
  • Collaborated with IT and DevOps teams to drive remediation efforts across all domains of the Secure Controls Framework, translating gaps into actionable security improvements.
  • Developed and enforced policies aligned with ISO 27001, improving clients’ risk posture and audit readiness.
  • Conducted internal audits and risk assessments supporting compliance with ISO 27001, SOC 2, and TISAX.

CBIZ Technology

Intern, IT and Internal Audit

Jan 1, 2024 - Jun 2024

  • Evaluated cybersecurity and ITGC controls to reduce compliance gaps and improve audit readiness across infrastructure and data protection.
  • Produced risk-based audit reports outlining control weaknesses, supporting stakeholder transparency and effective remediation planning.

University of Kansas

Master’s Research Project, MeshMapper

May 2023 - Dec 2023

  • Built a GIS tool using Google Cloud Platform and Google Maps API to auto-deploy encrypted Bluetooth Mesh nodes within a region for scalable IoT networks.
  • Implemented lightweight BLE encryption by modifying firmware on ESP32 development boards, mitigating sniffing and man-in-the-middle attacks within Bluetooth mesh networks.

Satcom Direct

Software Engineer Intern and Information Security Intern

May-Jul 2020, May-Aug 2021

  • Integrated an OWASP dependency tracking solution into the CI/CD workflow, strengthening software supply-chain security.
  • Delivered scalable full-stack code enhancements for a SaaS platform while collaborating in Agile sprints.

Education

Academic background

  • Master of Science in Computer Science, University of Kansas, Dec 2023
  • Bachelor of Science in Computer Science, University of Kansas, May 2022

Certifications

Certifications and membership

  • ISO/IEC 27001 Implementer, Jan 2025
  • CompTIA Security+, Oct 2025
  • Member, ISACA

Technical Skills

Core tools, domains, and frameworks

Core Security Domains

Penetration testing, vulnerability management, incident response, malware analysis, cloud security, and ethical hacking.

Programming

C++, C, Python, Perl, and SQL.

Security Tooling

Nmap, Metasploit, Burp Suite, Wireshark, Ghidra, Kali Linux, and Docker.

Security Focus

Threat detection, remediation, configuration hardening, and continuous security posture improvement.

Control Frameworks

ISO 27001, ISO 27701, ISO 27017, and TISAX.