🔔
<>
Max Segura

Max Segura

I'm a

About Me

Hi, I'm Max Segura — a security-focused infrastructure leader based in Sacramento, CA with 10+ years of progressive experience spanning endpoint security, network architecture, compliance engineering, and SecOps. I design and operationalize security programs, lead incident response, and harden enterprise environments across cloud and on-premises infrastructure. Recognized by Google and Western Union for responsible vulnerability disclosure.

Download CV
Security & Compliance93%
Cloud & M365 / Azure95%
Infrastructure & Networking93%
PowerShell & Automation94%
Vulnerability & Patch Mgmt92%
SIEM & Incident Response85%
🔥
10+
Years of Experience
🏆
2
Hall of Fame Awards
💀
3
Zero Days Found
📜
7+
Certifications

Experience & Education

A decade of building, securing, and leading — here's the journey.

Jun 2025 – Present
Infrastructure Security Engineer
Royal Electric Company · Sacramento, CA
Architected Prometheus/Grafana observability stacks, deployed SIEM, engineered 802.1X zero-trust Wi-Fi, led high-severity incident response, and designed a full disaster recovery program from the ground up.
AzureIntuneSIEMTenable802.1XPurview DLPNIST CSF
Jun 2022 – Jun 2025
IT Manager
Royal Electric Company · Sacramento, CA
Led IT staff development resulting in internal promotions. Designed Linux server infrastructure, Docker containerization, cross-platform API workflows using PowerShell and Python, and drove zero-trust security org-wide.
LinuxDockerPowerShellPythonAPI IntegrationZero Trust
Jun 2019 – Jun 2022
Systems Administrator
Royal Electric Company · Sacramento, CA
Managed Citrix VDI environments, hardened perimeter and internal networks, deployed enterprise EDR, migrated on-prem workloads to cloud, and automated deployments via VM Templates, GPO, and PowerShell.
Citrix VDIEDRFirewallPowerShellCloud Migration
Mar 2016 – Jun 2019
Systems & Network Administrator
River Oak Center for Children · Sacramento, CA
Designed and managed agency-wide LAN/WAN, configured network security appliances, administered Active Directory and Exchange, and built PowerShell automation tools for recurring administrative tasks.
LAN/WANActive DirectoryExchangePowerShellDisaster Recovery
B.S. Information Technology
Western Governors University
Bachelor of Science
Focused on IT infrastructure, networking, and security. Paired with hands-on industry certifications across CompTIA, LPI, and CIW tracks.
ITNetworkingSecurity
A.S. Computer Information Systems
Camden County College
Associate of Science
Foundation in computer systems, programming, and network administration.
CISProgrammingNetworking
Cyber Aces Program
Brookdale Community College
Cybersecurity Training · SANS-Sponsored
Completed the SANS CyberAces program and placed as a state finalist in the accompanying hacking competition.
SANSCTFState Finalist
CompTIA
Security+
CompTIA
Industry-standard certification validating baseline cybersecurity skills including threat management, cryptography, identity management, and network security.
SecurityCompTIA
CompTIA
Network+
CompTIA
Validates core networking skills including infrastructure, operations, security, and troubleshooting of wired and wireless networks.
NetworkingCompTIA
CompTIA
Project+
CompTIA
Demonstrates ability to manage IT projects including planning, execution, and change management.
Project MgmtCompTIA
LPI
Linux+ / LPIC
Linux Professional Institute
Validates Linux administration skills including system architecture, scripting, networking, and security hardening.
LinuxLPISysadmin
CIW
JavaScript Specialist
Certified Internet Webmaster
Validates JavaScript programming for developing interactive web applications and client-side scripting.
JavaScriptWeb DevCIW
CIW
Database Design Specialist
Certified Internet Webmaster
Covers relational database design, SQL, normalization, and data modeling for web-based applications.
DatabaseSQLCIW
CIW
Web Design Specialist
Certified Internet Webmaster
Validates skills in HTML, CSS, and web design principles for building professional, standards-compliant websites.
HTMLCSSWeb DesignCIW

Core Skills & Tech Stack

What I know, what I use, and what I bring to every environment.

Enterprise Cybersecurity & Compliance
IT Strategy Development & Execution
Enterprise IT Infrastructure Management
Incident Response & Threat Hunting
Vulnerability & Patch Management
IT Governance & Risk Management
PowerShell & Python Automation
Team Leadership & Development
Disaster Recovery & Business Continuity
API Integration & Agentic Workflows
Vendor Management
IT Service Management (ITSM)
TECH STACK
Microsoft 365
CrowdStrike
SentinelOne
IronScales
Tenable
Rapid7
Duo
Veeam
Palo Alto Networks
Prisma Access
Cortex XDR
KnowBe4
Ubiquiti
Claude AI
ChatGPT
Cradlepoint
SonicWall
Citrix
Docker
Grafana
Prometheus
Akamai
CloudFlare
Wazuh
Action1
Secure Access
Wasabi
Microsoft Defender
Microsoft Purview
Microsoft Intune
Microsoft Entra-ID
Broadcom
Stonefly
PrinterLogic
Fresh Service
Barracuda
Aruba
Mellanox
Xink
MaaS360
Netwrix
Powershell Universal

Featured Work

A selection of projects that showcase what I actually build and ship.

🔎
Security Automation
End-to-End Tenable Vulnerability Management
Stood up a full enterprise vulnerability management program using Tenable from the ground up. Configured scan policies, smart tags, and on-prem scan agents for full environment coverage. Built discovery scans, remediation projects, and custom dashboards for executive and technical reporting. Managed asset onboarding, RBAC, and remediation scan workflows. Implemented recast rules for severity reduction and formal risk acceptance — bringing structure and accountability to the entire vulnerability lifecycle.
Tenable Scan Policies Smart Tags On-Prem Agents RBAC Recast Rules Risk Acceptance Custom Dashboards
🏢
Infrastructure Security
Ground-Up Office Infrastructure Deployment
Designed and deployed full office network infrastructure from the ground up — from empty walls to fully operational and secured environments. Encompassed physical network architecture, switch deployment, VLAN segmentation, firewall policy hardening, site-to-site VPN tunnels, and 802.1X enforcement across all network segments.
Network Architecture VLAN Segmentation Firewall Policy Site-to-Site VPN 802.1X Switch Deployment
🔐
Security Infrastructure
802.1X Zero-Trust Wi-Fi Deployment
Engineered certificate-based network authentication across all corporate segments using NPS, NDES, and Intune SCEP. Enforced zero-trust Wi-Fi access control eliminating password-based network entry entirely — every device now proves identity before touching the network.
802.1X NPS NDES Intune SCEP Zero Trust PKI
🛡️
Infrastructure Strategy
Enterprise Disaster Recovery Program
Designed and delivered a full DR program from the ground up — zero documentation to production-ready. Encompassed strategy, network architecture, data separation, replication pipelines, runbooks, and executive reporting. Built to survive real failure scenarios, not just pass an audit.
Veeam Network Architecture Data Replication Runbooks Azure
📊
Infrastructure Security
Prometheus & Grafana Observability Stack
Architected and deployed a full observability platform providing real-time monitoring of server health, infrastructure performance, and security telemetry across distributed environments. Replaced reactive incident management with proactive detection through custom dashboards and alerting pipelines.
Prometheus Grafana Linux Alerting Telemetry
🔬
Research Details Restricted
SCORM Security Research
Independent security research into SCORM-based learning management systems uncovering exploitable vulnerabilities in how LMS platforms handle SCORM data payloads. Findings have not been fully published pending responsible disclosure. Details available upon request to verified security professionals.
LMS Security SCORM Vulnerability Research Responsible Disclosure

Get In Touch

Have a project, opportunity, or just want to talk security? I'm open to connect.

Let's build
something great.
Open to Connect

Based in Sacramento, CA. Available for security consulting and infrastructure projects.

✉️
Email
maxell.segura@gmail.com
 🔗
LinkedIn
linkedin.com/in/maxsegura
 📝
Blog
securityshards.wordpress.com
 📍
Location
Sacramento, CA