Joshua Nichols
View as PDFDownload PDF

JOSHUA NICHOLS


Professional Summary

Senior Software Developer (14+ years) specializing in secure backend systems for critical infrastructure. 200+ hours of hands-on penetration testing and cybersecurity training (Hack The Box, RIT MicroMasters). Targeting Application Security, Penetration Testing, or OT/ICS security roles.

Technical Skills

  • Languages & Frameworks: Java, Spring Framework, Spring Boot, SQL, XML parsing, Python & Bash (scripting)
  • Databases & Tools: PostgreSQL, Docker, Git, Linux, Agile/Scrum methodologies
  • Security Tools & Techniques: Burp Suite, Metasploit, Nmap, Wireshark, SQLMap, web application penetration testing, privilege escalation, cryptography, network security analysis
  • Domain Expertise: Energy trading systems, real-time data processing, critical infrastructure, secure API development, data validation and integrity controls

Cybersecurity Training & Certifications

Hack The Box (HTB): Penetration Testing and Cybersecurity Training — 200+ hours hands-on lab (Jun 2024)

Completed comprehensive penetration testing covering offensive security techniques, vulnerability exploitation, and defense strategies:

  • Web Application Security: SQL injection, XSS, CSRF, authentication bypass, insecure deserialization, API security testing
  • Network Penetration Testing: Reconnaissance, scanning, enumeration, lateral movement, privilege escalation techniques
  • Tools & Frameworks: Proficient with Metasploit, Burp Suite, Nmap, Wireshark, SQLMap, Hashcat, John the Ripper
  • Exploitation Techniques: Buffer overflows, privilege escalation (Windows/Linux), Active Directory attacks, post-exploitation
  • Practical Application: Successfully compromised 50+ vulnerable lab machines across various operating systems and architectures

RITx MicroMasters: Cybersecurity through edX (Mar 2019)

Graduate-level cybersecurity program covering:

  • Computer Forensics & Incident Response
  • Cybersecurity Risk Management & Compliance
  • Network Security & Defense Strategies
  • Cybersecurity Capstone Project

Professional History

Implementation Specialist — Jan 2026 – Present

Prometheus Group – Raleigh, NC

Currently training on SAP Plant Maintenance systems and enterprise asset management solutions.

  • Actively training on SAP Plant Maintenance (PM) systems and Enterprise Asset Management (EAM) solutions.
  • Developing foundational knowledge of SAP PM modules and business processes to support system implementation.
  • Learning enterprise maintenance management workflows, configuration steps, and system integration points.
  • Gaining hands-on exposure to industrial and manufacturing IT systems and operational technology environments.
  • Building cross-functional understanding of ERP/EAM systems to contribute effectively to future client implementations.

Senior Software Developer — May 2011 – Jan 2026

PCI Energy Solutions – Raleigh, NC

Developed secure, high-performance backend systems for energy trading and risk management platforms processing real-time market data.

  • Architected data-parsing systems to process large volumes of ISO energy market data with robust validation and error handling
  • Designed and implemented secure Java applications and RESTful APIs using Spring Boot, incorporating authentication, authorization, rate limiting, and OWASP best practices
  • Built and maintained PostgreSQL schemas with least-privilege access, encrypted sensitive data, and audit logging
  • Containerized applications with Docker using hardened configurations and isolated runtime environments
  • Implemented unit and integration testing to ensure code quality and prevent security regressions
  • Collaborated with cross-functional teams in an agile environment to deliver reliable, user-focused features
  • Maintained 99.9%+ uptime for mission-critical trading platforms and reduced security vulnerabilities through proactive reviews and documentation

Computer Service Technician Intern — Jan 2008 – May 2008

Surry Community College – Dobson, NC

  • Performed hardware/software troubleshooting for faculty and staff systems.
  • Configured network infrastructure including printers, drivers, and secure cabling for enterprise environment
  • Assisted with wireless access point deployment ensuring proper network segmentation and security controls

Education

Bachelor of Science: Computer Science (Dec 2013)

North Carolina State University – Raleigh, NC

Graduated: Summa Cum Laude (3.764 GPA) & Upsilon Pi Epsilon
Coursework: Senior Design, Java, C/C++, Software Engineering, Database Management Systems, Filing Processing, Data Structures, Artificial Intelligence, Web Computing

Associate Degrees (May/Aug 2008)

Surry Community College – Dobson, NC

  • Associate in Applied Science: Computer Information Technology (3.78 GPA)
  • Associate in Applied Science: Information Systems: Network Administration & Support
  • Associate in Applied Science: Networking Technology

Graduated: Phi Theta Kappa (3.78 GPA) & Mu Alpha Theta
Coursework: CCNA I–IV, Microsoft Client & Server, System Analysis & Design

Professional Attributes

  • Security Mindset: Approach development with defender and attacker perspectives, proactively identifying vulnerabilities
  • Communication: Translate complex technical security concepts for both technical and non-technical stakeholders
  • Continuous Learning: Self-directed completion of advanced cybersecurity training while maintaining full-time engineering role
  • Domain Expertise: Deep understanding of energy sector operations, trading systems, and critical infrastructure security requirements