Hi, I'm Matt Hagan.-image

Hi, I'm Matt Hagan.

I'm a Austin Texas based Cyber Security Engineer, currently working at Rapid7 helping clients become secure through penetration testing security audits.

In my free time time, you can catch DJing and producing music as NGHTHWK, mountaineering in Colorado or the Pacific Northwest, or working on cool new projects (like this website).

about-me-image

About me

I'm Matt Hagan, a Software Security Engineer and Penetration Tester from Colorado. I studied at Worcester Polytechnic Institute, where I got my Bachelor of Science in electrical engineering, computer engineering, and computer science with a concentration in cyber security. As a security consultant, I conduct internal network, external network, web application, wireless, phishing, and vishing based penetration testing for top Fortune 500 companies.

  • Location:Austin, Texas
  • Age:25
  • Nationality:Irish / German / Czech
  • Interests:Music Production/DJing, Mountaineering, Skiiing
  • Study:Worcester Polytechnic Institute
  • Employment:Rapid7

Education

Bachelor of Science

Worcester Polytechnic InstituteMay 2020
  • Grade Point Average: 3.86/4.00
  • Activities and societies:
  • • Member, Tau Beta Pi (Engineering Honor Society)
  • • President, Eta Kappa Nu (IEEE Honor Society) President
  • • President, Beta Theta Pi (Eta Tau Chapter)
  • • Team Manager & Rower, Men’s Varsity Crew
  • • Upsilon Pi Epsilon (ACM Honor Society)
  • • Member, Omicron Delta Kappa (National Leadership Honor Society) President

Work

Penetration Tester

Rapid7January 2022 - Present
  • • Consulted for top Fortune 500 companies to conduct web application, API, internal, external, wireless network, phishing, vishing based penetration testing.
  • • Performed voluntary security research on multiple undisclosed Fortune 500 entities. This research led to highly impactful zero-day findings that were responsibly disclosed to said entities.
  • • Interacted directly with client senior leadership to scope engagements, document vulnerability findings and present those findings directly to over 80 client executive teams.
  • • Improved processes by developing internal-team tooling and comprehensive playbooks/documentation.

Software Security Engineer

Rapid7August 2020 - December 2021
  • • Pioneered a weekly penetration testing lab series aimed at increasing security knowledge for developers. This resulted in 11 different teams gaining first hand knowledge of an attacker’s mindset over 15 months.
  • • Re-engineered company-wide Jenkins CI/CD pipeline utilizing VCenter and Chef configuration-as-code. This resulted in saving over 400 man hours per month across hundreds of developers.
  • • Migrated Metasploit Pro from Ruby on Rails 4 to 5 while adhering to test-driven development standards. This resulted in the removal of 27 distinct customer-facing bugs.
  • • Utilized Java, Spring and Terraform to implement a new feature into Insight Vulnerability Management platform that allows end-users to have custom scoped policies tailored to their network needs.

Full Stack Security Developer

Fidelity InvestmentsMay 2019 - August 2019
  • • Discovered a critical vulnerability within the baseboard management controllers upon penetration testing new Intel and AMD enterprise infrastructure servers.
  • • Upon discovery, an extensive security report was designed and delivered on the vulnerability where I directly presented the findings to the Senior Vice President of Fidelity Investments.
  • • Utilized DevOps development practices in Docker, Go, Python, Bash, and AngularJS to increase performance of cloud-based compute platforms.

Applications/Core IoT Developer

Silicon LabsAugust 2020 - December 2021
  • • Designed and implemented a system-on-chip over-the-air update server in C for ZigBee IoT devices resulting in a headless deployment option for EFR32 Chipsets over UART Xmodem.
  • • Reported findings in published app note titled, “AN728: Over-the-Air Bootload Server and Client Setup”

Skills

Penetration Testing
Internal Networks
External Networks
Web Application
Wireless Networks
Electronic Social Engineering
Systems Engineering
Terraform
Kubernetes
Jenkins CI/CD
AWS
Backend Development
Python
Spring
Golang
Rust
Frontend Development
React
TypeScript
GraphQL

Matt's natural inclination to set goals and achieve them meshes well with Rapid7's focus on posative customer outcomes. He as helped to make an impact, constintly fixing bugs and adding value to Metasploit Pro and Metasploit Framework.

-- Pearce Berry (Ex-Rapid7 Manager, Metasploit Team)

Matt has a strong drive for accomplishing work and a bold personality when it comes to being forthcoming and asking questions. Matt has been a strong voice in the realm of improving processes, and is fearless when grabbing new tickets. These are only a couple of the many great qualities that Matt possesses that will grow his impact and knowledge as his career progresses.

-- Chris Doughty (Rapid7 Manager, Dev Ops Security / FEDRAMP)

Matt has a strong drive not only to deliver work consistently, but is also an ace in the hole when it comes to learning quickly and developing out of the box solutions for our customers. As a systems technician, he was able help me and my team come up with custom solutions that helped remedy our customer problems and retain them as happy returning customers.

-- Evan Blair (Owner and CEO, E. Blair & Associates)

Get in touch.

Here are some other places you can find me if you ant to reach out!

Instagram
@themrhagan
"Security by Certainty" - Matt Hagan 2024