Kevin Muirhead

Software Engineer

Kevin Muirhead

Security Practitioner · Army Veteran

Building secure, scalable software with an adversarial mindset. Full-stack engineer who bridges offensive security research and production-quality software design.

View Projects Get In Touch
SCROLL

// about

Security-first engineer.
Adversarial by training.

I'm a software engineer with a B.S. in Software Engineering from Penn State and over four years of hands-on security and development experience. My background spans the full security stack — from writing custom PoC exploits and leading APT incident response, to building the Python and PowerShell automation that closes the gap between detection and remediation.

Before pivoting to tech, I spent a decade as a Criminal Investigator and Intelligence Analyst in the U.S. Army — conducting 100+ felony-level digital investigations and managing security clearances for 600+ personnel. That adversarial, investigative mindset is baked into how I approach software design.

Today I build at the intersection of full-stack development and security engineering: React frontends, Django APIs, and the automation pipelines that keep systems hardened and observable. I write code I'd want to audit.

4+
Years in Security
& Software Engineering
9
Years Army Service
CID · Intel · SOCOM
100+
Digital Investigations
Led & Resolved
50+
Custom EDR/SIEM Rules
Deployed in Production
Security Clearance
Held Top Secret clearance · Jan 2011 – Dec 2020
US Army CID · US Southern Command · JBLM

// skills

Technical Toolkit

Languages
Python JavaScript PowerShell C C++ C# Java HTML/CSS Assembly SQL
Frameworks & Platforms
React.js Django Node.js Spring Boot PostgreSQL MongoDB Microsoft Azure Terraform Git / GitHub
Security Tools
Metasploit Ghidra Wireshark NMAP EnCase Cellebrite EDR/SIEM MS Sentinel Rapid7 Remnux Flare-VM XQL
Methodologies
MITRE ATT&CK SAST/DAST Threat Modeling Incident Response Secure SDLC Agile Static Analysis Malware Analysis OSINT
Cloud & Ops
Azure MS Purview Terraform GitHub Actions Jira ServiceNow GNU Radio Linux Windows
Leadership & Analysis
Cross-functional Collab Technical Mentoring Intel Reporting UML Modeling Forensic Chain of Custody Executive Briefing

// experience

Where I've Worked

Security Analyst II — Offensive Ops & eDiscovery

Lennar Homes · Miami, FL

May 2024 – Present
  • Developed and executed custom PoC exploits to validate vulnerabilities, translating attacker research into actionable, code-level remediation guidance for DevOps teams.
  • Built multithreaded Python & PowerShell automation suites integrated with Azure, Exchange, and Purview — reducing manual remediation time by 25%.
  • Directed 15+ high-priority internal investigations (data exfiltration, policy violations) as technical lead and liaison between Legal and HR.
  • Forensically processed digital evidence across 50+ devices using EnCase, maintaining strict chain of custody for ongoing legal matters.
  • Correlated CISA alerts & proprietary threat feeds with internal asset data to proactively flag systems susceptible to active exploitation campaigns.

Security Analyst I — Security Operations Center

Lennar Homes · Miami, FL

May 2023 – May 2024
  • Led cross-functional incident response for a sophisticated APT intrusion — identified malicious IPs, isolated compromised devices, and restored network integrity.
  • Deployed 50+ custom EDR/SIEM rules and XQL queries, automating detection of APT patterns and significantly reducing response time.
  • Engineered Python & PowerShell scripts to proactively remove greyware from 100+ remote work computers.
  • Automated multiple routine SOC workflows, increasing team throughput and reducing analyst toil.

Criminal Investigator · Intel Analyst · Security Manager

U.S. Army (CID · SOUTHCOM · JBLM)

Sept 2011 – Dec 2020
  • Led 100+ felony-level digital investigations using forensic tools (EnCase, Cellebrite), reconstructing complex threat actor behavior with strict chain of custody.
  • Managed and disseminated 150+ serialized intelligence reports, informing strategic security posture at command level.
  • Oversaw classified equipment compliance and security clearances for 600+ personnel.
  • Trained and mentored junior analysts in data collection, analysis, and operational reporting.
  • Held Top Secret clearance. Recipient of Army Commendation Medal, NATO Medal, Afghanistan Campaign Medal, Combat Action Badge.

IT Student Consultant

Penn State University · Erie, PA

Jan 2022 – May 2023

Performed diagnostics and resolved technical issues for student devices; provided cross-channel customer support while completing B.S. in Software Engineering.

// projects

What I've Built

Kali Linux MCP Server

A Model Context Protocol server that exposes Kali Linux security tooling to Claude AI. Infrastructure deployed and managed via Terraform, enabling AI-assisted penetration testing workflows from a reproducible, IaC-driven environment.

Terraform Kali Linux Python MCP Protocol Claude AI
Home Lab

Malware Analysis Lab

Isolated virtual environment (Remnux + Flare-VM) for dynamic and static malware analysis. Disassembles x86 with Ghidra, maps C2 traffic via Wireshark + iNetSim, and tracks execution with Process Monitor.

Remnux Flare-VM Ghidra Wireshark PE Studio
Founder

Ethical Hacking Club — Penn State

Founded and led PSU's ethical hacking club. Taught Kali Linux fundamentals, port scanning, OSINT collection, digital forensics concepts, and application security through WAF integration exercises.

Kali Linux NMAP OSINT WAF Leadership

// education & certifications

Credentials

B.S. in Software Engineering

Penn State University (PSU) · Erie, PA

CompTIA Security+
November 4, 2023
Microsoft Azure Fundamentals (AZ-900)
March 23, 2024
HackerRank Python (Basics)
August 5, 2025
SANS FOR578: Cyber Threat Intelligence ↗ sans.org
GCTI Certification Pending

// contact

Get In Touch

Open to full-stack, backend, security engineering, and DevSecOps opportunities. Let's talk.

LinkedIn
linkedin.com/in/kevin-muirhead-9b69651b2