Career
Work Experience
June 2025 — Present
Rockwell Automation
Current
Senior Product Security Engineer — PSIRT
  • Own the end-to-end vulnerability lifecycle for Rockwell Automation products, including intake, triage, risk assessment, remediation coordination, and public disclosure
  • Triage reported vulnerabilities from internal teams, external researchers, and government CERTs
  • Drive remediation of product security vulnerabilities by coordinating fixes across engineering, product management, legal, and customer support teams
  • Respond to and coordinate product security incidents, post-exploitation findings, and other reported security issues
  • Architect Jira workflow improvements, custom fields, and automation to enhance vulnerability tracking, reporting, and PSIRT data quality
  • Manage and expand the product security bug bounty program, improving vulnerability intake and collaboration with external researchers
April 2023 — June 2025
Tyler Technologies
Application Security Engineer
  • Tested Tyler products for OWASP Top 10 vulnerabilities using automated and manual methodologies
  • Provided security guidance and remediation paths to development teams across the organization
  • Participated in threat modeling sessions and supported secure design reviews
  • Executed security project plans, managing scope, schedule, and cross-functional responsibilities
Feb 2022 — April 2023
Synack Inc.
Associate Security Analyst
  • Triaged and validated OWASP Top 10 vulnerabilities from the Synack Red Team, including IDORs, XSS, SSRF, CSRF, RCE, and SQLi
  • Performed patch verifications to confirm client-side remediation of disclosed vulnerabilities
  • Daily usage of Burp Suite, Metasploit, and SQLMap to validate findings and identify false positives
  • Developed a Python automation script to handle mission queue delegation, reducing manual triage overhead
  • Served as a technical point of contact for external researchers, answering vulnerability questions and refining triage methodology
Sept 2021 — Feb 2022
Synack Inc.
Security Analyst Intern
  • Validated security tasks discovered by the Synack Red Team and ensured reports were properly scoped
  • Collaborated with analysts to develop a structured vulnerability triage methodology
June 2021 — Aug 2021
University of Akron
Networking Technician (Co-Op)
  • Hardened LAN devices and integrated logging infrastructure with Active Directory
  • Managed network infrastructure serving 20,000+ students
Security Research
Published CVEs

Publicly disclosed vulnerability research, indexed in the National Vulnerability Database.

CVE-2025-25925 CVE-2025-25927 CVE-2025-25928 CVE-2025-25929 CVE-2025-46052 CVE-2025-46053
Education & Credentials
Certifications
Education
B.S. Computer Information Systems — Cybersecurity
University of Akron
Certification
CompTIA A+
Certification
Cisco CCNA
Verify credential →
HackTheBox
BlackSky: Hailstorm (AWS)
View certificate →
HackTheBox
Certified Web Exploitation Specialist
View certificate →
Contact
Let's connect.

Send an Email
Email jcrynick@icloud.com LinkedIn johncrynick GitHub @johnchd