Profiles search

Ketil Heggtveit

Principal security engineer
Exeter, New Hampshire, United States
View resume Unlock resume

Skills

Technical Skills:
Security Engineering & Operations
SIEM architecture & management (Splunk Enterprise Security)
Threat modeling & vulnerability assessments
Incident response & security monitoring
Network traffic analysis & intrusion detection (IDS/IPS)
Security automation & orchestration
Penetration Testing & Red Team Operations
Advanced penetration testing & ethical hacking
Threat simulations & adversary emulation
Web application security (OWASP Top 10, SAST/DAST)
Exploit development & vulnerability research
Security Tools & Platforms
SIEM: Splunk (Enterprise Security, dashboards, log analysis)
Threat Hunting: Security Onion, Censys, Shodan
Penetration Testing: Metasploit, Burp Suite, Kali Linux, Nessus, Rapid7
Automation & Scripting: Python, Bash, PowerShell
Cloud Security: AWS security services, IAM, KMS, VPC segmentation
Endpoint & Network Security: Tripwire, Snort, TCPDump
Secure Development & DevSecOps
Secure coding practices & software security reviews
Security integration in CI/CD pipelines
Application security testing & remediation
Log Management & Data Engineering
Security log aggregation & analysis
Log normalization & enrichment
SIEM data modeling & Common Information Model (CIM)
Soft Skills & Leadership:
Cross-functional collaboration with engineering, DevOps, and leadership teams
Security mentorship & training for technical teams
Project leadership in security initiatives
Strong communication skills for translating security concepts to non-technical stakeholders
Certifications & Frameworks:
Certifications: CISSP, GXPN, GWAPT, OSCP
Security Frameworks & Standards: NIST, MITRE ATT&CK, ISO 27001, PCI DSS
Compliance & Governance: Security policy development, risk management

About

I’m a seasoned cybersecurity professional with over 20 years of experience in security engineering, penetration testing, and SIEM architecture. I’ve had the opportunity to work across industries like healthcare, finance, and defense, leading Red Team operations, vulnerability management, and security assessments to strengthen organizations’ security postures. At Athenahealth, I completely re-architected a Splunk-based SIEM, improving threat detection, incident response, and log efficiency for a 24/7 security team. As a Red Team Manager at Werfen, I led penetration testing efforts, guided secure coding practices, and collaborated with development teams to enhance product security. Beyond technical expertise, I enjoy mentoring teams, automating security workflows, and integrating security solutions with tools like ServiceNow and Jira to make security operations more efficient. With certifications like CISSP, GXPN, and OSCP, I bring a deep understanding of SIEM, cloud security, and threat modeling, and I’m passionate about building scalable, effective security solutions that not only protect systems but also empower teams to work smarter and safer.