Charles Perine

Charles Perine

Resume

Skills

Security ResearchApplication SecurityRed Teaming
Network SecurityPenetration TestingEmbedded System Security
Computer SecurityReverse EngineeringControl System Security

Work experience

Threat Researcher at Trend Micro

Oct 2018 through Feb 2024

  • Led multiple research projects, managing time-lines, research direction, and team coordination
  • Conducted security assessments, uncovering vulnerabilities in multiple devices and notifying ZDI
  • Developed a method to identify customers of cloud services
  • Built, maintained, and monitored hyper-realistic factory honeypots, establishing a fictitious company to enhance realism and capture cyber threats
  • Collaborated on several research projects, leading to the creation of white papers, blog content, conference presentations, and media coverage
  • Tested Databricks and Retrieval-Augmented Generation (RAG) technologies to support a research project, optimizing data processing and information retrieval

Senior Security Consultant at Revolutionary Security

Oct 2017 through Sept 2018

  • Performed programmatic and technical threat model for product development organizations
  • Managed and executed pentesting and vulnerability assessments to evaluate and enhance the security of both corporate networks and industrial control systems
  • Executed vulnerability assessment of sub-GHz radio networks and hardware

Information Assurance Engineer at Leidos (formerly Lockheed Martin IS&GS)

Oct 2012 through Oct 2017

  • Led pentesting engagements and vulnerability assessments to verify the security of corporate, industrial control, point of sale and Internet service provider systems
  • Mentored junior consultants in industrial control system assessment methodologies
  • Discovered multiple 0day vulnerabilities in industrial control systems
  • Communicated complex technical details effectively to C-level management
  • Developed content for new and existing client offerings

Lead Analyst - Security Assessments at General Electric

Mar 2011 - Oct 2012

  • Performed software and hardware security assessments for intra-company organizations
  • Led root-cause analysis investigations in response to product security incidents
  • Directed small, agile, global assessment teams
  • Trained analysts in fuzzing, reversing, and exploitation of control and embedded systems

Security Consultant at Digital Bond

Jan 2008 - Mar 2011

  • Performed security assessments of Industrial Control Systems, Smart Grid, and Corporate Networks
  • Generated custom Meterpreter scripts for complex ICS attacks
  • Produced and instructed a protocol fuzzing, exploitation development, and firmware analysis curriculum

Computer and Network Security Analyst at Sandia National Laboratories

Feb 2007 - Jun 2007

  • Analyzed and correlated network traffic with IDS alerts
  • Performed research on network monitoring, network obfuscation techniques, and malware propagation
  • Led security evaluations on embedded collaboration devices
  • Contributed to the design and development of a security platform for SCADA protection (OPSAID)

Computer and Network Security Intern at Sandia National Laboratories

Nov 2004 - Feb 2007

  • Led and managed the open source release of NetState (a unique network monitoring system)
  • Developed and administrated an attack and defense simulation network for forensic analysis
  • Performed security evaluations of various architectures, providing detailed remediation plans and recommendations

Technical Experience

  • 10+ years experience with *nix based operating systems
  • 10+ years experience with Industrial Control System security
  • 10+ years experience installing, configuring and maintaining computer networks
  • 5+ years security research
  • Familiar with the following programming languages: C/C++, IA32, Perl, Python, SQL, Shell scripting

Education

  • Bachelor of Science in Computer Science
    • California State University - Hayward in Hayward, CA
    • Aug 2004 - Aug 2006
  • Associate of Science in Computer Science
    • Las Positas College in Livermore, CA
    • Sep 2001 - Aug 2004

Training

  • Mobile and Telecom Applied Hacking and Reverse Engineering by Philippe Langlois
    • REcon - Montreal, ON
    • Jun 2016
  • Hardware Hacking by Joe Grand
    • REcon in Montreal, ON
    • Jun 2015
  • Exploit Laboratory by Saumil Shah
    • REcon in Montreal, ON
    • Jun 2014
  • Unethical Hacking
    • Immunity, Inc. in Miami, FL
    • Nov 2008
  • SEC 503: Intrusion Detection In-Depth
    • SANS in Monterey, CA
    • May 2007

Publications

Talks