feeds: sync--:--:-- utc

Anthony Tropeano

Security Engineer, Applied Cryptography & Secure Systems

Ocala, FLOpen to remote or relocation

Summary

Security engineer focused on applied cryptography and secure systems who ships working software, operates infrastructure, and traces trust assumptions across application, network, and deployment boundaries to turn security requirements into maintainable code, deployed controls, and operational visibility.

Technical Skills

Languages:
Rust, Python, TypeScript/JavaScript, C/C++, Bash, SQL
Security Engineering:
Wazuh, Suricata, Zeek, network segmentation, Linux hardening, Burp Suite, NIST CSF, NIST SP 800-63B, OWASP ASVS, MITRE ATT&CK
Cryptography and Identity:
ML-KEM, ML-DSA, Ed25519, AES-256-GCM-SIV, AES-256-GCM, ChaCha20-Poly1305, mTLS, OIDC/OAuth2, GPG code signing
Infrastructure and DevSecOps:
Proxmox VE, OPNsense, Docker, Ansible, Caddy, WireGuard, Grafana, Prometheus, GitHub Actions
Application Development:
React, Next.js, Bun, Hono, Node.js, PostgreSQL, MariaDB, REST/GraphQL

Professional Experience

Defend I.T. Solutions Founder & Security Engineer

May 2025 - Present

Ocala, FL

  • Built and now operate an Ansible-driven SOC/NOC across dual Proxmox nodes, deploying Wazuh SIEM to 12 agents, Suricata and Zeek network sensors, and Grafana/Prometheus monitoring.
  • Automated Proxmox security-appliance deployment, reducing manual provisioning from more than two hours to 15-47 minutes.
  • Deployed a two-tier OPNsense firewall topology with network segmentation, custom DDNS, Unbound DNS, Caddy reverse proxying, and automated internal CA certificate distribution.
  • Completed the open-source DIS-Crypto MVP in Rust, unifying Rust, C, C++, Python, Node.js, and Bun behind a generated C ABI.
  • Shipped O-Tether, a closed-source inline ARM security appliance; continue building TrashScanner toward OWASP ASVS Level 2 and NIST SP 800-63B AAL2 targets.

University of Arizona Python Course Assistant

Dec 2024 - Dec 2025

Remote

  • Mentored cybersecurity undergraduates in Python programming, debugging methodology, and development-environment configuration.
  • Identified recurring programming and environment failures, then authored targeted reference material to support student completion.

Education

Nova Southeastern University M.S., Artificial Intelligence (Data Science Concentration)

Fall 2026 | Expected 2028

University of Arizona B.A.S., Cyber Operations (Cyber Engineering Emphasis)

December 2025

Summa Cum Laude | GPA 4.0 | NSA CAE-CO Designated Program | Outstanding Senior Award Nominee | Distinguished Undergraduate Scholar | Dean's List with Distinction

Certification

NSA Cyber Operations Program Certificate, University of Arizona (December 2025)

Selected Projects

DIS-Crypto

Open source, MVP complete

Rust

  • Built the library in Rust behind one generated C ABI serving Rust, C, C++, Python, Node.js, and Bun.
  • Designed security-level-based selection; core asymmetric trust operations combine classical and post-quantum algorithms, while encryption modes are authenticated and key-committing.

TrashScanner

In development

TypeScript, Bun, Hono, React, MariaDB, Zitadel OIDC

  • Targets OWASP ASVS Level 2 and NIST SP 800-63B AAL2 with six per-request gates: identity, freshness, device, possession, entitlement, and ownership.
  • Implements single-use Ed25519 JWT rotation, dual-path mTLS/Web Crypto device authentication, signed code-manifest boot verification, and least-privilege database roles.

O-Tether

Shipped, closed source

ARM security appliance

  • Built an inline appliance for low-cost ARM hardware with a phone-tether bridge, default-deny firewall, threat-intelligence filtering, flow classification, inline intrusion prevention, signed releases, and fail-closed behavior.

SIGINT

Live

TypeScript, React, Bun, Canvas 2D, Web Workers

  • Built an OSINT dashboard combining eight data sources on an interactive globe with a custom Canvas 2D and Web Worker rendering engine.
  • Implemented cross-source correlation, scored alerts, watch-mode notifications, PWA functionality, and offline capabilities.

0xDL and pveauto

Published Rust projects

Rust

  • Published 0xDL for asynchronous downloads with cryptographic integrity validation and pveauto for automated Proxmox VE ISO download and verification.

threads-kernel

CYBV 489 coursework

C

  • Implemented scheduling, synchronization, IPC, interrupt handling, system calls, and basic disk I/O within the academic THREADS teaching framework.
  • Co-authored Escamilla et al., “Investigating Covert IPC in THREADS,” Cyber Recon '25, contributing the round-robin scheduler and core OS primitives.