Rich Knowles

Independent Security Researcher — Bug Bounty @ Bugcrowd

2025-01 – Present, Remote

Active vulnerability research across public bug bounty programs.

• Accepted vulnerability finding (sensitive-data-exposure class) on a production messaging API — demonstrated a full HTTPS-to-cleartext credential-exposure chain with a working proof-of-concept
• Active across public bug bounty programs: web application testing with Burp Suite, recon automation, and structured vulnerability reporting
• PortSwigger Web Security Academy BSCP certification track in progress

Lead Infrastructure Architect & SaaS Platform Engineer @ iTWerks

2013-04 – 2026-05, Elgin, IL

Designed, deployed, and secured compliance-driven SaaS and infrastructure environments for ~50 mid-market clients across healthcare, financial, and legal sectors; 99.9% uptime over 13 years with zero client data loss or compromise — every intrusion detected, contained, and remediated.

• Operated multi-tenant Wazuh SIEM and SentinelONE EDR across distributed client workloads; led SOC 2 and GxP audit readiness with rigorous control documentation and evidence collection
• Led incident response on a live 34-hour Mirai-variant SSH brute-force attack — isolated via Cowrie honeypots and ipset blocklists, performed full network forensics, and submitted structured threat intelligence to CISA and IC3
• Deployed Terraform-managed infrastructure and multi-WAN failover firewalls (Cisco, SonicWall, Barracuda); applied STRIDE threat modeling to client architecture reviews and onboarding workflows
• Contained a live ransomware intrusion at an accounting client — isolated the infection, restored from air-gapped backups with ~15 minutes of data loss, and returned the firm to full operation the same day. No ransom paid.

Enterprise Project Manager @ Structured Communications, Inc. & Anstar Corporation

2007-01 – 2013-04, Illinois

Directed Fortune 500 infrastructure buildouts and data center migrations for healthcare, financial, and union facilities.

• Delivered a $30M Central DuPage Hospital infrastructure installation under budget and ahead of schedule with full clinical system validation
• Executed zero-downtime decommissioning and migration of 560+ legacy servers for an NYSE-listed firm through controlled validation pipelines and phased cutovers
• Managed complete infrastructure buildout at IUOE Local 150's Chicago headquarters — firewalls, LAN/WAN design, VoIP, and Cisco network deployments

Senior Systems Engineer IV & Global Standards Chair @ Motorola Solutions

1997-01 – 2006-06, Schaumburg, IL

Founded and led the Desktop Architecture team; chaired global standards across 7 business units.

• Founded the Certified Factory Image (CFI) program — a global supply-chain security initiative validating OS images at the factory with Dell, HP, and Lenovo across 100,000+ engineering endpoints; the approach is now standard industry practice
• Chaired the Global Hardware Standards Committee; authored enterprise disaster recovery and operational continuity protocols for the WSDD division
• Recovered $3M in duplicate vendor charges through meticulous cross-database audits and line-by-line contract review
• Promoted to Team Lead, then Asset Manager overseeing 3 storerooms and all tracked hardware across engineering labs

PortSwigger Web Security Academy

BSCP Certification Track — Web Application Security (In Progress), Remote

2025-07 – Present

College of DuPage

Computer Science & Business, Glen Ellyn, IL

1992-09 – 1995-06

United States Marine Corps

Aircraft Electronics (Avionics Technician), Millington, TN

1994-01 – 1995-01