Jacson
Ott.

Senior DFIR Consultant

Technical lead for complex digital forensics and incident response engagements across ransomware, extortion, insider threat, and business email compromise. Set technical direction on active investigations and mentor associate and consultant-level responders.

• Drive end-to-end investigative strategy on high-impact engagements
• Mentor junior responders on investigative methodology and client communication
• Gemini agent and tool development to scale response capabilities

DFIR Consultant

Consultant on ransomware, extortion, insider threat, and business email compromise engagements. Direct client interface across the lifecycle of an investigation — from initial scoping through eradication and reporting.

• Specialized in automating recurring response functions through Cortex XSOAR
• Drove technical investigation across endpoint, identity, cloud, and email vectors
• Prepared and delivered findings to audiences of various technical knowledge

Associate DFIR Consultant

Promoted from intern into a full consultant role. Carried active engagements end-to-end while building automation that reduced manual artifact processing across the practice.

• Authored Cortex XSIAM automations for repeatable investigative workflows
• Interfaced directly with client stakeholders during active incidents

IT Consultant

Modernized the information technology and security posture of a manufacturing business — moving legacy systems to current cloud and security platforms.

• Migrated from on-premise Exchange to Exchange Online (Microsoft 365)
• Replaced legacy phone system with Teams Voice
• Deployed Unifi Access, Network, and Protect to production
• Migrated endpoint security to Microsoft Defender for Business
• Acted as Incident Commander for incident impacting business operations

Incident Response Intern

Performed the responsibilities of a consultant on ransomware, extortion, and BEC engagements while contributing tooling that the team continued to use after the internship.

• Used Axiom, Cortex XDR, Eric Zimmerman's tools, and X-Ways for artifact analysis
• Built GitLab CI/CD E2E tests with Selenium for the in-house case management platform
• Co-authored a Python library for programmatic access to that platform — used in live forensic automation

Digital Technology Intern

Researched, tested, and demonstrated emerging datacenter technologies in a team-focused environment.

• Refreshed documentation for backup and recovery systems
• Converted email-based reporting into Splunk dashboards for environment visibility
• Contributed to an automation POC using Ansible, Terraform, and vRealize Automation

CISO Governance & Compliance Intern

Worked across IT systems and platforms to ensure security solutions adequately mitigated identified risk against business objectives.

• Mapped CTPAT 2020 criteria to internal cybersecurity policies; streamlined the border crossing process
• Reviewed and revised 45% of NAFTA FCA cybersecurity policies (~80,000 users in scope)
• Standardized the external application security approval workflow

IT Technician

General IT and a series of infrastructure-improvement projects in a manufacturing environment.

• Researched and deployed Puppet across 30 production devices to reduce manual management
• Configured a local Linux repository to reduce production network bandwidth
• Wrote 100+ support articles for a production management SaaS to improve customer usability
• Strengthened long-term infrastructure with asset management and network diagramming

Tier 0 IT Technician

Imaged, deployed, and troubleshot university workstations; supported end users through resolution.