Resume · Brandon Headrick

Summary

Security engineer at Georgia Tech Research Institute since October 2025, focused on cloud infrastructure, identity, data protection, and business continuity. Previously spent twelve years as a cybersecurity software engineer at the same institution, leading modernization and access-control work on a long-lived enterprise personnel management application. Comfortable working end-to-end (from architecture and feature design through implementation, testing, and access-control modeling), and equally at home delegating, mentoring, and writing the code that ships.

Experience

Oct 2025 to Present

Security engineer

Georgia Tech Research Institute · Atlanta, GA

Operating and configuring HYCU R-Cloud for organizational data protection, defining backup policies and recovery objectives aligned with business continuity requirements.
Authoring and maintaining business continuity and disaster recovery plan (BCDRP) documentation, including recovery objectives, runbooks, and stakeholder communication procedures.
Building and securing AWS cloud infrastructure with security-first defaults: identity and access management, network segmentation, and encryption posture.
Administering identity and access through Okta and Auth0, including SSO integration, application onboarding, and user lifecycle management.
Configuring monitoring and alerting via Site24x7 to track uptime and surface incidents for critical services.
Codifying incident response, change management, and operational workflows in ServiceNow.

Sept 2013 to Oct 2025

Cybersecurity software engineer

Georgia Tech Research Institute · Atlanta, GA

enterprise personnel management application

Led the modernization of a legacy access-request module to current standards: designed the approach, refined the architecture, delegated implementation tasks, and contributed hands-on code.
Feature owner and lead for modernizing the group privilege admin module: authored the design, refined the architecture, directed testing, and delivered a scalable, maintainable solution.
Owned the design, test coverage, and implementation of a new high-level privilege; integrated it across legacy modules and validated access controls to prevent escalation.
Feature owner for a tightly-scoped user-creation role: authored the design, established robust test coverage, implemented enforcement, and integrated across legacy modules with safeguards against escalation.
Enhanced an admin module’s user search by improving performance and modernizing the UI to align with the application’s design system.
Optimized multiple database queries using measurement-driven analysis to improve performance and efficiency.
Delivered ongoing bug fixes and feature enhancements to improve stability, performance, and user experience.

other initiatives

Spearheaded SSO integration and UI modernization for an open-source distributed learning platform, aligning the experience and branding with the broader product suite.
Developed core features of a mail application (front and back end), including message moves between folders, archiving, folder management, and an editable user-info popover.
Managed the division-wide intern and co-op program: designed and delivered a three-week full-stack Java onboarding curriculum (Git, Java, JavaScript, AngularJS, coding standards); led SIS recruiting via career fairs, outreach, interviews, and performance reviews; evaluated résumés for student roles across Web Application, Database, SecOps, Infrastructure, Windows, Big Data, and Cloud teams.
Designed a Secure Software Development curriculum covering secure architecture, test strategies, embedded firmware threat vectors, and web application security controls.

Skills

Programming: Java, JavaScript, TypeScript, React, AngularJS, HTML & CSS, Less
Backend & testing: Jersey, Jackson, Guice, TestNG, Mockito, Jasmine, Gradle
Data: PostgreSQL, Oracle SQL
Cloud & infrastructure: AWS, Cloudflare Workers, Podman
Identity & access: Okta, Auth0, SSO integration, role-based access control design
Data protection: HYCU R-Cloud
Monitoring & ITSM: Site24x7, ServiceNow
Tools: Postman, Git, GitLab, Bitbucket, Jira
Open source: OpenClaw
Professional: Feature ownership from design through delivery; agile development practices; cross-functional collaboration; intern and co-op program management; technical mentoring and curriculum design.

Specialized practice

Architecting security-hardened static web applications with strict Content Security Policy, self-hosted assets, and zero third-party runtime dependencies.
Authoring business continuity and disaster recovery plan (BCDRP) documents, including recovery objectives, runbooks, and stakeholder communication procedures.
Designing and integrating high-privilege access controls with safeguards against privilege escalation.
Authoring secure software development curricula covering architecture, embedded firmware threat vectors, and web application security controls.
Performance optimization through measurement-driven query and code analysis.

Education

December 2012

M.S. Computer Science

Georgia Institute of Technology · Atlanta, GA

Concentration in Interactive Intelligence. GPA 4.0.

May 2011

B.S. Computer Science

Georgia Institute of Technology · Atlanta, GA

Concentration in Artificial Intelligence & Digital Media. GPA 3.61.

Certifications

Certified Information Systems Security Professional (CISSP) March 2025

Publications

Creativity support for novice digital filmmaking. Davis, N., Zook, A., O’Neill, B., Headrick, B., Riedl, M., Grosz, A., Nitsche, M. CHI ’13 · April 2013
Scaling mobile alternate reality games with geo-location translation. Hajarnis, S., Headrick, B., Ferguson, A., Riedl, M. O. ICIDS ’11 · November 2011
WeQuest: scalable alternate reality games through end-user content authoring. Macvean, A., Hajarnis, S., Headrick, B., Ferguson, A., Barve, C., Karnik, D., Riedl, M. O. ACE ’11 · November 2011