Richard Kohler

Albany, NY

borichthekid92@gmail.com

đź”’ Cybersecurity Professional
Insider risk | Detection engineering | Threat hunting | Log analysis

Get in Touch View My Work

Profile

I'm a dynamic cybersecurity professional with hands-on expertise in threat detection, insider risk analysis, and digital forensics. I've investigated complex security incidents across Windows, Linux, and macOS environments—including cases involving nation-state-aligned actors—and engineered advanced detection logic that scales across enterprise infrastructure.

My approach centers on translating complex telemetry into actionable intelligence for both technical teams and executive leadership. I excel at building detection rules, identifying emerging threats through proactive threat hunting, and collaborating closely with stakeholders to strengthen organizational security resilience.

Featured Projects

🛡️ Windows Insider Threat Pen Tester

A modular Windows-based insider threat simulation toolkit designed to emulate realistic insider behaviors, data exfiltration patterns, and malicious user activity. Purpose-built for detection engineering, rule validation, and behavioral analytics testing.

View on GitHub

⚙️ IT Admin Scripts for Windows

A production-ready collection of Windows automation and hardening scripts covering user management, system configuration, operational troubleshooting, and compliance. Built for IT teams and SOC analysts validating endpoint behavior.

View on GitHub

Professional Experience

Insider Threat Investigator, Tier 2

DTEX Systems · Remote, NY · Jan 2024 – Aug 2025
  • Led end-to-end insider threat and user/device activity investigations, including nation-state APT cases.
  • Analyzed large-scale customer telemetry to identify emerging threats, anomalous behaviors, and policy violations.
  • Pioneered DTEX's initial Linux detection ruleset and deployed to production across 10+ clients.
  • Developed 100+ YARA/REGEX detection rules across Windows, macOS, and Linux platforms.
  • Monitored and triaged DLP alerts, identifying high-risk data movement and insider-driven exfiltration.
  • Produced monthly findings reports and led weekly client review calls for C-suite stakeholders.

Technical Research Team Lead

Research Foundation for SUNY · Albany, NY · Jul 2023 – Jul 2024
  • Designed cloud Linux honeypots and active defense systems for behavioral research.
  • Led post-exploitation analysis focused on cognitive bias deterrents and threat actor methodology.
  • Mentored junior researchers and coordinated research deliverables for funding organizations.

Teaching Assistant – Cybersecurity & Digital Forensics

University at Albany · Albany, NY · Jul 2022 – Jul 2024
  • Supported programming, forensics, and cybersecurity courses for 50+ students.
  • Presented BeEF-XSS project demonstrating browser hijacking and phishing attack chains.
  • Mentored students in secure coding practices and investigative threat analysis methodology.

IT Specialist Intern

Griffiss Institute · Rome, NY · Apr 2023 – Sep 2023
  • Managed Azure AD provisioning, user permissions, and identity governance.
  • Configured and maintained Fortinet firewalls and Cisco network switches.
  • Conducted vulnerability assessments using Nessus and produced remediation documentation.

Cybersecurity Tutor

Hudson Valley Community College · Troy, NY · Jul 2020 – Jul 2022
  • First-ever Cybersecurity Tutor at HVCC; developed curriculum and tutoring methodology.
  • Taught Python, Java, Linux, and cybersecurity fundamentals to 30+ students.
  • Delivered personalized one-on-one and group sessions with 95% student satisfaction rating.

Education

🎓 B.S. in Digital Forensics

University at Albany · Albany, NY · May 2024

Graduated with Honors
Dean's List · GPA: 3.6
Specialized in incident response, memory analysis, and cryptography

đź“š A.S. in Cybersecurity

Hudson Valley Community College · Troy, NY · Aug 2022

Graduated with Honors
President's List · GPA: 3.6
Foundation in network security, programming, systems administration, cybser secuirty fundamentals. I also became the first paid cyber security tutor for the school, where I assisted students with their classes and projects.

Expertise & Certifications

Certifications

  • âś“ CompTIA Security+ (Valid through 2027)
  • âś“ Advanced Security Analytics – VICEROY Scholars

Detection Engineering

YARA | SIGMA | REGEX | Elasticsearch | OpenSearch | MITRE ATT&CK | Cyber Kill Chain | DTEX Intercept | Windows/macOS/Linux detection

YARA Rules SIGMA Elasticsearch OpenSearch MITRE ATT&CK

Digital Forensics

Memory analysis | Cryptography (AES, RSA, ECC) | Hash algorithms | CyberChef | Volatility | Autopsy | EnCase | FTK | Cellebrite

Volatility Autopsy EnCase CyberChef Memory Forensics

Offensive Security

Metasploit | Havoc C2 | Empire | Mimikatz | Impacket | BeEF-XSS | Nmap | tcpdump | Sysinternals

Metasploit Havoc C2 Mimikatz Impacket Nmap

Network & Protocol

OSI | TCP/IP | DNS | SSL/TLS | HTTP/HTTPS | Wireshark | NetworkMiner | firewall rules

Wireshark TCP/IP SSL/TLS DNS Firewalls

Endpoint & SIEM

Sysmon | SELinux | DTEX Intercept | Wazuh SIEM | EDR tuning | log aggregation

Sysmon SELinux DTEX Wazuh EDR

Let's Connect

I'm actively seeking roles in cybersecurity operations, detection engineering, insider risk investigation, and digital forensics. Let's talk about how I can strengthen your organization's security posture.

borichthekid92@gmail.com
Albany, NY