? N2K Designs - simply elegant salon website design - McCrory, James

McCrory, James


Martial Arts Instructor, Computer Programmer, Web Developer/Designer, and Cyber Security Enthusiast. Has been teaching since 1993, working with computers since DOS, developing for the web since HTML 2, received a Bachelor's degree in Computer Science in 2011, and founded Need to Know Designs, LLC the same year.

Contributions to this project:

  • Generated Idea
  • Formed Team
  • Designed Database
  • Developed Backend Interaction for adding and updating store information
  • Created Adrain template, and the 3 variations
  • Developed testing plan
  • Works with HTML, ASP.NET (C#), javascript, jQuery, PHP, CSS, and jQuery Mobile
  • Part of the custom design team
  • Project Lead
  • Sales Team Manager



Other Projects:

Trust Foundry

2014 to Present

Assist as-needed on Website Penetration Testing projects

Assist as-needed on Mobile Application code reviews

Work on System Admin hardening quizzes


2014 to Present

Attend meetings, or watch recordings, to learn about new technologies/exploits

Present on different projects and tools, such as Raspberry Pi and Maltego

Assist with A/V for TriKC and meetings as-needed

Send out Monthly Cyber Security news Swath

Practice different security techniques in a semi-friendly environment

SANS Advisory Board

2015 to Present

Work with others in the security community to solve a variety of security related problems

Learn from board postings about new security vulnerabilities and how to use tools

Respond to SANS questions about courses, and policies

Raspberry Pi Tools Project

2015 to Present

Combining Raspberry Pi projects into simple executable scripts

Have a DNS server to block ads, and free up resources on your computer. However, this only works on networks you have. Whereas, the hosts files works on your computer on any network.

Set up personal networks and a guest network to route traffic through TOR. However, it also makes traffic hit local DNS before going into TOR to keep you on local sites, and still block ads.

Automatic updates for the Raspberry Pi. Allows you to turn it on, and ensure that updates are regularly received.

Information Here

Wells Fargo

2019 to present

Earned GSEC certification from GIAC after taking SANS course

Enhance and tune Splunk queries based on best practices for Splunk Enterprise Security

Analyze requests from business stakeholders for new and existing content, and develop solutions

Work through Agile processes to generate actionable content for myriad security teams

Act as Subject Matter Expert for information, or creation, requests on Splunk Data, Dashboards, and Queries

Review content generated by others for quality, consistency, resource usage, and ability to meet original request

Began work toward Master's Degree in Information Security Engineering

Review existing content for applicability to enterprise needs, and consistent functionality

Rush Enterprises

2017 to 2019

Earned GCCC certification from GIAC after taking SANS course

Implemented Information Security Program using Center for Internet Security controls, and set in motion multi-year plan to implement

Improved Information Security Awareness Program for all employees with computer-based training, monthly phishing campaigns, newsletters, and annual events

Automated tasks across myriad security tools using python, ruby, and PowerShell

Networked with other teams to move security initiatives forward, such as Vulnerability Management, Hardware/Software Asset Management, and Secure Configurations

Developed incident response processes for known incidents with tiered triage levels

Leveraged vendor contracts to update and enhance overall security toolsets

Administered and tuned security devices: NeXpose, LogRhythm, ForcePoint, & FirePOWER


2016 to 2017

Active Threat Monitoring to categorize, prioritize, investigate, document and escalte, as necessary, incoming threat notifications

Active Threat Hunting throughout multiple environtments using multiple tools to review ongoing processes, OS access, Logs, and application activity

Set up Splunk for use as a SIEM

Work with multiple teams to ensure events are getting into Splunk

Work cross-shifting with other teams to define processing of events into Splunk

Work with vendors to determine SIEM requirements, troubleshoot data feeds, enrich datasets, and customize code base as-necessary.

Earned AWS Certified Solutions Architect - Associate certification

Gave multiple technical talks about AWS Security, Regular Expressions, and outreach to UTSA (University of Texas, San Antonio) Cyber students about Penetration Testing

Volunteered for full 24-hour hack-a-thon at UT-Austin (University of Texas, Austin) to assist over 30 teams with diverse technical questions from python, security, database design, database setup, AWS, javascript, iOS Programming, and Android

Mentor incoming analysts, set up onboarding documentation, and train new analysts on toolset

Develop automation tools for processing API streams, alerting teams to daily tasks via Slack, and scraping tools without APIs

Develop SOC (Security Operations Center) internal communication tools for multi-national, cross-shifting teams

Perform code reviews, introduce other analyst-developers to standard programming practices, work with senior members to develop appropriate processes around development

Act as an escalation point for level 1 analysts for incoming alerts and active hunting

Generate customer facing documentation about incidents

Perform duties of Team Lead during Team Lead absence to ensure proper incident handling, appropriate task load, and to hand-over daily summary at shift change


2011 to 2016

Created interactive 97 field form, that exported to Excel for same "look-and-feel" for business unit

Broke the browser upload limitation on server side with JAVA and Glassfish; on the client side with javascript (showing progress, start, stop, and resume functionality in compatible browser) for files in excess of 16 GB in all browsers.

Rebranded SharePoint 2010 for different sections of business

Leveraged Confluence and javascript to deliver cross page updating of employee statistics

Used jQuery to write image slider, common code libraries, and SharePoint interactivity

Administrator of Maximo installation for different customer groups

Liasion between developers and Cyber Security

Continuous improvement of legacy applications through updates, performance enhancements, or rolling into current software packages with Python, JAVA, Visual Basic, Access 2007/2010 Databases, Oracle 11g, and C#

Quality Assurance on multiple business critical applications, ensuring a balance between code correctness, timely delivery and customer satisfaction

Earned GWEB and GCIH certifications from GIAC after taking SANS courses

Assist with mobile strategy, and developing proof-of-concept applications for cross-platform development

Work on internal penetration testing team

Attend additional SANS courses such as SEC 561 for more hands-on penetration testing experiences

Review 3rd-party code and applications for functionality and vulnerabilities

Develop internal branding library using responsive web-design principles

Lead, present at, or assist in monthly IT security and logging meetings to keep community apprised of ongoing technologies and security needs

Automated more tasks from user testing to annual security testing

Work with other developers to compete in hackathons to build applications in 24 hours

Utilize Splunk for complex data mining

Presented at the DoE Cybersecurity Conference in 2015

Collaborated with security, networking, system administrators, and developers on recommendations for data breach at government oversight body

KC Kidney Consultants

2013 - Enabled 18 pages of forms witihin an exisiting web design

Oversaw security requirements

Created modular code base for future growth and development including office personnel readable settings

Enabled JSON objects for multiple identical validations and ease to change required fields and acceptable values

Generated Documentation for ease of update and future project

Created backend PHP processor for the form validation

Assisted with HTML form generation, and client side validation troubleshooting

Troubleshot and recommended appropriate solution to insecure hosting environment

Created Excel Template for Office Staff to continue internal process

Helped export fields from form into Excel document, and created JSONs for mapping majority of fields

Ad Blocking via hosts file

2012 (updated often) - With an initial push to block ads from my Hulu viewing experience without any extensions in my browser dragging down the speed of my PC, and a hand from Mr. Balman, I have successfully blocked all ads from Hulu, many other video viewing websites, and some other trackers as well. While not all ads can be blocked at the domain level, I have instructions inside the file on how to block Pandora ads from playing inline as well, but you have to do this at your internet router through specific URL filtering. There is an opitonal section, that blocks some facebook items, as I don't facebook.

Available Here

To use, determine where the hosts file is on your computer, and how to run an editor as administrator (if needed), then copy and paste the contents into your hosts file and save. You will then have blank spots where ads used to be. Feel free to contact me if you come across more sites to be blocked.

Pandora Auto Play Chrome Extension

2012 - Updated - December 7, 2012 to remove the toolbar icon, and make automatically engage when you visit pandora.com. Get verion 2.0 now to get Pandora to continue past the 1 hour marker using custom written Chrome Extension. Starting at version 1.4 this extension successfully works around the fringe case of clicking continue before the Pandora-code knows it was clicked. Great for your background music at work, home, or parties. This extension for Chrome was written in encapsulated custom javascript, and is free for distribution. Also works for abacast.net too. However, on abacast.net it is not able to block the "interjections" as local radio stations don't just play music 100% of the time.

Now Available Here in the Chrome Store

True Home Pages Chrome Extension

2012 - As Chrome updates, their documentation doesn't quite follow. This extension was built to work around Chrome's dropping of multiple tab creation from the home button. For those who don't want a plethora of page to open upon opening Chrome, but rather, like myself, have a bevy of sites we visit daily, when time allows. From the extensions menu you can add as many "home pages" as you want via the options menu. This extension for Chrome was written in encapsulated custom javascript, and is free for distribution.

Now Available Here in the Chrome Store

Steven Briggs Phd

2010 - Updated website with new email form, new information, and more interactive directions

2011 - Gathered requirements and designed database for scheduling system.

Sumo Moving Boxes

2011 - Gathered Requirements, designed functional layout, integrated jQuery and jQuery add-ons, created database, implemented PHP interaction with database, created interactive forms for ordering and questions, and troubleshot compatibility issues

McCrory Auction

2010 - Created database, designed website, allowed for bidding of items in real time, and protected bidders information both during and after close of auction

Bay Area Murals

2010 - Went through over 1,000 images to sort out duplicates and remove those not "web ready," then updated website with new images

Wobby (Wide Open Bookmarks)

Creating shareable, subscribable, and community bookmark listings