About Skills Projects Experience Contact Blog ↗
Cloud & Cybersecurity Engineer

Ron Mercier

I build things that hold up when the pressure is real — cloud infrastructure, security tooling, and the kind of technical support that turns a customer's worst day into a resolved ticket. Currently Technical Support Engineer at Verint, delivering enterprise fraud and security platform support. Previously Cloud Support Specialist at Akamai, where I handled DDoS alerts, compromised account remediation, and database recovery across 500+ global customers. Now building SecureByDefault.io — honest security writing for engineers who want signal, not slides.

View My Work Contact Me SecureByDefault ↗
MSc Cybersecurity CySA+ PenTest+ ISC2 CC AWS CCP
About

Engineer. Writer. Builder.

I'm a Cloud & Cybersecurity Engineer based in Raleigh, NC, with a track record across enterprise cloud platforms, fraud and security systems, and real-world incident response. The throughline in everything I've done: keeping complex systems running under pressure, and communicating clearly when things go wrong.

I currently work as a Technical Support Engineer at Verint, delivering deep technical support for enterprise Fraud & Security platforms — root-cause analysis, log forensics, and cross-team engineering collaboration on the hardest problems customers escalate. Before that, 2.5 years at Akamai Technologies as a Cloud Support Specialist — triaging DDoS alerts, remediating compromised accounts, and restoring database availability across 500+ global customers, with a 90%+ satisfaction rating. Prior to that: network infrastructure at AT&T and hardware systems at Woven by Toyota.

I'm also a husband, father of five, and someone who writes about security publicly because most security writing is either too academic or too vendor-sponsored. SecureByDefault.io is the version I'd want to read — real attack breakdowns, honest tool evaluations, and practical guidance written for people who work in the field.

Current Role
Technical Support Engineer
Verint · Fraud & Security Solutions · Remote
Base
Raleigh, North Carolina
Open to remote and hybrid roles
Graduate Education
MSc Cybersecurity — WGU
Graduated February 2026 · Cloud Security · GRC · PenTest
Undergraduate Education
BSc Computer Science — WGU
Graduated 2021 · Architecture · Linux · Databases
Writing
SecureByDefault.io
Real attack breakdowns · No hype
Open Source
6 Active Repositories
Hardening tools · IR toolkits · Checklists
Expertise

What I Work With

Technical skills built through years of cloud support, network engineering, and cybersecurity work — solving real problems in production environments.

🛡️
Cloud Security
AWS infrastructure hardening, IAM least-privilege design, security group configuration, S3 bucket security, and cloud-native threat detection.
🤖
AI Model Evaluation
Structured rubric-based assessment of LLM outputs for correctness, reasoning quality, and instruction adherence. Technical analysis across coding, mathematics, and complex problem-solving domains.
🎧
Enterprise Technical Support
High-velocity support at Akamai (15–20 tickets daily) and Verint enterprise platforms. Root-cause analysis, log forensics, DDoS triage, account remediation — 90%+ satisfaction across 500+ customers.
🐧
Linux & Server Admin
Ubuntu, Fedora/RHEL production environments. Nginx, UFW, Fail2Ban, SSH hardening, systemd, performance tuning, and infrastructure automation.
Incident Response
Triage, containment, forensic preservation, and post-incident reporting. CySA+ and PenTest+ certified with hands-on enterprise IR experience.
☁️
AWS & IaC
Lambda, DynamoDB, API Gateway, S3, CloudFront, Route 53, ACM, SAM, and CloudFormation. CI/CD via GitHub Actions with OIDC auth.
🌐
Network Security
Enterprise network engineering from AT&T. TCP/IP, firewall architecture, WAF configuration, VPN zero trust, and network-layer threat analysis.
GitHub

Pinned Repositories

Open-source security tools, hardening configs, and incident response resources — built from real operational experience.

🔒
⭐ Battle-tested
securebydefault-server-hardening
Production-grade Linux server hardening baseline — Nginx security headers, UFW deny-by-default, Fail2Ban tuned configs, SSH key-only auth, and kernel sysctl hardening. Tested against real attacks on day one.
Bash Nginx Linux Fail2Ban UFW
View repository →
28 items
cloud-security-checklist
A practical, engineer-built security checklist across 6 categories: Identity & Access, Email & Phishing, Devices, Backups, Network & Cloud, and People & Process. Free PDF version available.
Security Cloud Checklist Bash
View repository →
🎯
5 scenarios
ddos-tabletop-toolkit
Practitioner's DDoS incident response tabletop toolkit — 5 scenarios from volumetric floods to smokescreen data exfiltration. Runbooks, facilitator guides, and scorecards. Built from Akamai IR experience.
DDoS IR Tabletop Blue Team
View repository →
Python 3.12
cloud-resume-backend
Serverless visitor counter API for the Cloud Resume Challenge. AWS Lambda + DynamoDB + API Gateway HTTP API, deployed via AWS SAM with OIDC-authenticated GitHub Actions CI/CD. No stored credentials.
AWS SAM Lambda DynamoDB Python OIDC
View repository →
🌐
Live site
AWS-S3-Static-Website
Portfolio site hosted on AWS S3 with CloudFront CDN, Route 53 custom domain, ACM SSL/TLS certificate, and automated GitHub Actions CI/CD deployment. This site you're viewing now.
AWS S3 CloudFront Route 53 CI/CD
View repository →
📋
Case study
Incident Response Writeup — SQLi
Incident response case study documenting the detection, analysis, containment, and remediation of a SQL injection attack. Methodology, timeline, forensic evidence, and lessons learned.
IR SQLi Forensics Writeup
View repository →
View All Repositories ↗
Experience

Where I've Worked

AI Model Evaluator · Contract
Handshake
May 2026 — Present · Remote
  • Evaluate AI-generated responses across technical, analytical, and reasoning-focused tasks using structured rubric-based quality frameworks.
  • Assess outputs for correctness, reasoning quality, instruction adherence, and response effectiveness across coding, mathematics, and complex problem-solving scenarios.
  • Identify logical gaps, inconsistencies, and quality issues in large language model outputs — writing detailed justifications that improve model reliability.
  • Compare alternative AI-generated solutions to determine the strongest response based on rigorous quality criteria.
AI Evaluation LLM Quality Structured Reasoning Technical Analysis
Technical Support Engineer — Fraud & Security Solutions
Verint
Jan 2025 — Present · Remote
  • Deliver deep technical support for enterprise Fraud and Security platforms, partnering with customers, integrators, and internal engineering teams to resolve the most complex escalations.
  • Perform root-cause analysis and systematic debugging of software, networking, and system-related issues in high-stakes enterprise environments.
  • Analyze logs, system configurations, and application behavior — translating raw technical data into clear, actionable resolution paths.
  • Collaborate cross-functionally with engineering and support teams to drive issue resolution and improve platform-wide reliability.
  • Document technical findings, troubleshooting workflows, and solutions to build a shared knowledge base that reduces resolution time across the team.
Enterprise Support Root-Cause Analysis Log Forensics Fraud & Security Networking
Cloud Support Specialist
Akamai Technologies
Sept 2022 — Jan 2025 · Remote
  • Managed 15–20 technical support tickets daily across Akamai's Linux-based cloud platform — resolving complex issues for 500+ customers across networking, compute, managed databases, VMs, and object storage.
  • Detected, triaged, and resolved DDoS alerts on customer cloud servers — coordinating rapid mitigation to minimize service disruption and protect customer infrastructure.
  • Investigated and remediated compromised customer accounts, conducting root-cause analysis and implementing corrective measures to restore security posture.
  • Collaborated with the database management team to diagnose and resolve database failures, restoring availability and communicating resolution timelines to affected customers.
  • Partnered with Engineering, Trust & Safety, Product, and Sales teams to advocate for customer needs and drive continuous service improvement.
  • Authored internal documentation and user-facing resources that streamlined issue resolution and reduced repeat ticket volume across the support team.
Linux Cloud Infrastructure DDoS Response Incident Response DNS Technical Support
Hardware Technician · Contract
Woven by Toyota
Jan 2022 — Sept 2022 · San Jose, CA
  • Managed imaging and software deployment across 50+ autonomous vehicle hardware systems, reducing setup time by 20%.
  • Analyzed reliability test data to predict hardware lifespan with 95% accuracy, enhancing long-term product quality.
  • Troubleshot OS, firmware, and hardware failures across Linux and embedded systems environments, restoring full functionality under tight timelines.
  • Maintained security configuration and software across all managed systems to sustain privacy and protection against unauthorized access.
  • Managed comprehensive repair and update logs via Jira, increasing team operational efficiency by 30% through optimized issue tracking.
Linux Embedded Systems Hardware Diagnostics Jira Device Imaging
Senior Network Technician
AT&T
Aug 2016 — Jan 2022 · San Jose, CA
  • Led a team of 8 technicians to complete 6 MDU fiber infrastructure projects on time, within budget, and with 100% client satisfaction.
  • Installed and upgraded VoIP, video, and high-speed internet services for 500+ residential and commercial customers, achieving 98% customer satisfaction.
  • Analyzed network performance across the customer base, identifying and implementing improvements that increased average speeds by 20%.
  • Troubleshot routers, switches, firewalls, and hardware across residential and enterprise environments, providing clear technical explanations to non-technical customers.
Network Engineering VoIP Fiber Infrastructure Team Leadership Enterprise Support
Recommendation

"Ron is someone who I have a ton of respect for. He often rose to the occasion to handle new tasks in a rapidly evolving environment, and never made a fuss about it. I often thought of Ron as someone who quietly performed better than many realized because he operates without fanfare or commotion. Dependability and integrity are essential traits in any workplace, but especially so in a remote environment. I absolutely recommend Ron for any team that feels the same."

MP
Michael Peters
Training Specialist, Compute Support · Akamai Technologies
Contact

Let's Connect

I'm currently open to Cloud Security Engineer, SOC Analyst, and Cloud Support Engineering roles where I can apply my incident response experience and security mindset at scale. I respond to every genuine message — whether that's a role inquiry, a question about something I've written, or a project worth discussing.

You can also reach me through SecureByDefault.io — subscribe to the newsletter or reply to any issue I send. I read every response.

Send Me an Email
📧
Email
ron@securebydefault.io
💼
LinkedIn
linkedin.com/in/ron-mercier
🐙
GitHub
github.com/RonMercier
🛡️
Security Blog
securebydefault.io