Quantum Security & Crypto-Agility Engineer
Veteran | Cybersecurity | Post-Quantum Cryptography | Cloud Security | DevSecOps | Quantum Computing

I work at the intersection of cybersecurity, cryptography, quantum technology, and federal modernization. My current focus is helping organizations understand and prepare for post-quantum cryptography (PQC), improve cryptographic visibility, and build practical security tooling that turns complex technical risk into actionable decisions.

• Post-Quantum Cryptography (PQC)
  Crypto-agility, cryptographic inventory, migration planning, NIST PQC standards, and harvest-now-decrypt-later risk.

• Cryptographic Discovery & Visibility
  Identifying where cryptography is used across applications, infrastructure, protocols, certificates, libraries, and cloud environments.

• Cloud & DevSecOps Security
  AWS security, CI/CD security, infrastructure-as-code scanning, container security, SBOM/CBOM concepts, and automated security workflows.

• Quantum Computing & Security Research
  Quantum optimization, QAOA, quantum machine learning concepts, quantum-safe security strategy, and applied quantum demos.

• Cybersecurity Engineering
  Network analysis, intrusion detection, TLS visibility, secure architecture, vulnerability management, and federal cybersecurity use cases.

A practical crypto-agility demo focused on discovering cryptographic usage in code and turning those findings into structured inventory data for PQC readiness planning.

Why it matters: organizations cannot migrate what they cannot see. Crypto inventory is a foundational step for identifying legacy algorithms, prioritizing risk, and planning a post-quantum migration path.

Current focus:

• Code-level cryptographic discovery
• Algorithm and key-size identification
• Weak or legacy crypto detection
• Inventory-style output for crypto-agility planning
• CBOM-style thinking for cryptographic assets
• PQC readiness analysis

These are the kinds of demos I build and refine for technical storytelling, research, and security strategy discussions:

A network visibility demo showing how TLS 1.3 changes traditional passive inspection assumptions. The goal is not universal decryption. The goal is governed, authorized visibility using the right vantage point, metadata, endpoint context, and policy controls.

Key concepts: TLS 1.3, forward secrecy, ClientHello visibility, QUIC/HTTP3, edge metadata, authorized inspection, Zero Trust.

A crypto-agility workflow that scans code for cryptographic usage, extracts structured findings, and produces inventory-style output for PQC readiness analysis.

Key concepts: CodeQL, cryptographic discovery, algorithm inventory, weak key detection, PQC migration planning, CBOM-style reporting.

A hands-on environment for modeling optimization problems using quantum and hybrid quantum-classical approaches.

Key concepts: QUBO, QAOA, D-Wave, quantum optimization, resource allocation, security-relevant optimization problems.

A practical lab for security automation across the software delivery lifecycle.

Key concepts: GitHub Actions, SBOM, SAST, IaC scanning, artifact integrity, container scanning, policy-as-code, runtime security.

I am gradually building out additional public demos around:

• DevSecOps security pipelines
• TLS visibility and transport metadata
• Quantum optimization experiments
• Local AI-assisted security workflows
• Cloud security automation

These are active learning and prototyping areas. I prefer to publish projects when they can clearly explain the problem, the architecture, and the security value.

I am currently focused on building and evaluating practical approaches for:

• PQC readiness and crypto-agility
• Cryptographic inventory generation
• CBOM-style reporting for cryptographic assets
• TLS 1.3 visibility and metadata-driven inspection
• Federal cybersecurity modernization
• DevSecOps security automation
• Quantum computing demonstrations for security and optimization use cases

Projects and research focused on identifying cryptographic assets, evaluating risk, and preparing systems for migration to quantum-resistant algorithms.

Example topics:

• RSA, ECC, DH, and legacy algorithm discovery
• Weak key-size detection
• TLS version and cipher visibility
• PQC migration planning
• CBOM-style cryptographic reporting
• Harvest-now-decrypt-later risk analysis

Security automation projects that help detect misconfigurations, strengthen CI/CD pipelines, and improve cloud security posture.

Example topics:

• AWS security automation
• Infrastructure-as-code checks
• GitHub Actions security workflows
• SBOM and software supply chain security
• Container and dependency scanning
• Policy-as-code concepts

Applied quantum computing projects exploring how quantum and hybrid quantum-classical methods may support optimization, cybersecurity, and research use cases.

Example topics:

• QAOA for optimization problems
• Quantum machine learning proof-of-concepts
• Quantum-safe security demonstrations
• Quantum networking and sensing concepts
• Benchmarking and simulation experiments

• Python
• Java
• JavaScript
• C#
• Apex
• SQL
• SOQL
• Bash / Linux CLI

• AWS
• GitHub Actions
• DevSecOps
• Network security
• TLS analysis
• Vulnerability management
• Cryptographic inventory
• Post-quantum cryptography
• Security automation

• NumPy
• pandas
• scikit-learn
• TensorFlow
• Jupyter
• Qiskit
• PennyLane
• D-Wave tools
• Quantum optimization concepts

• Git / GitHub
• VS Code
• Linux / WSL
• Wireshark
• Streamlit
• Salesforce
• Agile / Scrum

For now, I recommend pinning only one repository:

1. crypto-inventory-demo

This keeps the profile focused and avoids over-selling projects that are still in early prototype or learning-stage form.

• GIAC Certified Intrusion Analyst (GCIA)
• AWS Certified Solutions Architect - Associate
• ISC2 Systems Security Certified Practitioner (SSCP)
• ISC2 Certified in Cybersecurity
• CompTIA Security+
• Salesforce Certified Administrator
• Q-CTRL Quantum Professional Certificate
• SandboxAQ AQtive Guard Certified Practitioner
• D-Wave Quantum Programming - Core
• Chainalysis Cryptocurrency Fundamentals Certification
• Google IT Automation with Python
• ITIL 4 Foundation
• ICAgile Certified Professional credentials
• Data Analytics and Causal Analytics credentials from Texas A&M University - Central Texas

Texas A&M University - Central Texas
Master of Science, Information Systems
Cybersecurity concentration
GPA: 4.0

Texas State University
Bachelor of Business Administration, Computer Information Systems

I use this GitHub profile to explore and share work related to:

• Practical cybersecurity tooling
• Quantum-safe security strategy
• PQC and crypto-agility demos
• Cloud security automation
• Security dashboards and visualizations
• Quantum computing experiments
• Research-driven technical prototypes

• GitHub: @raybeecham
• LinkedIn: Ray Beecham
• Trailhead: @rbeecham