Summary
Max Thauer is an incident response leader and manager with 11 years of hands-on experience investigating ransomware, APTs, cloud compromise, web exploitation, insider threats, and trade secret theft across Windows and Linux environments. Currently at Google after senior roles at Mandiant and Stroz Friedberg, he combines incident leadership with deep technical workstreams in malware analysis, disk and memory forensics, EDR tuning, and SIEM/log analysis. He brings practical automation skills—Python, web scraping, virtualization and honeypot deployments—to accelerate investigations and capture attacker tradecraft. A former network administrator who deployed Splunk and automated encrypted backups early in his career, he blends practitioner-level forensics with program-level incident management. Based in Chicago, Max is active in the DFIR community and known for translating complex technical findings into actionable remediation for diverse enterprises.
10 years of coding experience
4 years of employment as a software developer
Bachelor of Science (BS) Computer Networking and Information Security, Bachelor of Science (BS) Computer Networking and Information Security at Champlain College
Lake Forest Academy
University College London