Drago Bonacich
STATUS: ACTIVE // CLEARANCE: SECRET

DRAGO BONACICH

IT SECUR_

Marine Corps Veteran. SANS Student. Dedicated cybersecurity professional with a proven track record of performing under pressure. Passionate about Blue Team operations, Incident Response, and simplifying complex security problems.

ESTABLISH COMMS LINKEDIN

// CERTIFIED_OPERATOR

GIAC

GCIH, GSEC, GISF, GFACT

CompTIA

CySA+, Sec+, Net+, A+

ISC2

CISSP

Microsoft

AZ-900

// OPERATION_HISTORY

IT Security & Compliance Specialist

Dec 2023 - Present
NC Department of Information Technology
  • Actively participate in Incident Response for NC DPS/DAC, resolving incidents from automated alerts, tickets, and SOC teams.
  • Utilize CrowdStrike, Nessus, ServiceNow, Acunetix, and Tanium for daily security operations.
  • Drive strategic projects to mitigate security gaps, involving scripting and cross-departmental collaboration.
  • Develop custom Python/PowerShell scripts for security automation and auditing via CrowdStrike RTR.
  • Research and vet security product vendors to enhance security infrastructure.
  • Leverage AI to build custom GUI tools, enhancing team efficiency.

Intrusion Analyst Apprentice

Apr 2023 - Dec 2023
ISG Cyber / NCDPS
  • Gained hands-on experience in Digital Forensics, Business Continuity Planning, and Policy writing.
  • Assisted in coordinating security assessments and collaborated with various DIT/agency sections.
  • Vetted third-party local and cloud vendors for compliance with federal/state regulations.
  • Performed compliance assessments on internal OS images.

Support Engineer (Endpoint & Threat Analytics)

2021 - 2023
Microsoft
  • Provided comprehensive support for Defender for Endpoint, Defender Antivirus, Cloud App Security, and Defender for Identity.
  • Conducted in-depth backend analysis using Splunk, Kusto, and Azure Support Center.
  • Collaborated with internal teams to analyze and resolve complex problems.
  • Effectively managed multiple cases, maintaining positive customer rapport and timely issue resolution.

Scout Sniper Platoon / Infantry

2017 - 2021
United States Marine Corps
  • Trained in advanced infantry tactics, including fieldcraft, precision marksmanship, urban breaching, demolitions, and rocket fire.
  • Operated as a Communications Specialist for an elite intelligence asset, supporting reconnaissance and surveillance operations.
  • Maintained and troubleshot encrypted comms assets (Harris radios) and Small Unmanned Aircraft Systems (SUAS).
  • Engineered risk assessments and mitigation matrices for complex missions.
  • Led and trained teams of Marines, including international forces and NATO allies, in military tactics and equipment.

// FIELD_PROJECTS

MITM Attack Demo

Demonstrated ARP poisoning and DNS cache spoofing using Bettercap. Configured enterprise defenses (DHCP Snooping, DAI) on Cisco switches to mitigate.

Kali Linux Cisco
View Analysis Video

Pi-Hole DNS Sinkhole

Implemented a network-wide ad blocker using Raspberry Pi Zero. Configured headless Linux distro and network gateway DNS settings for traffic filtering.

Linux Networking

Hybrid Cloud Environment

Managed mock enterprise with Azure AD and on-prem Windows Servers. Deployed Node.js apps via Azure Webapps from local repositories.

Azure Windows Server

// ACADEMIC_DB

SANS Technology Institute

BS in Applied Cybersecurity (In Progress)

Fullstack Academy

Cybersecurity Analytics Bootcamp

Covered 6 Security Academy

Cybersecurity Technician Program

Embry Riddle Aeronautical University

Microsoft Software & Systems Academy