Meet Hunter!
Hi! My name is Hunter Moreno, and I’m a cybersecurity analyst at Rhymetec. My path to where I am today wasn’t traditional. I wanted to delay taking out student loans until I reached university, so I worked in IT full-time while in community college, taking just a class or two each semester as I could afford them.
After receiving my associate’s degree, I transferred to university for my bachelor’s in cybersecurity. During this time, I got my first cybersecurity role with an oil and energy company where I handled security for their locations across the USA, Colombia, and Mexico. This experience gave me hands-on experience with endpoint security, threat intelligence, and cyberattack response. Most importantly, it taught me to adjust my communication to align with a non-technical audience, as many breaches result from human error, too many tools, or not enough tools.
I recently finished my master’s degree in Information Technology with a focus in Information Security. However, my education journey is not over just yet! I plan to start studying pen testing and obtaining certifications.
Tell us a surprising fact about yourself…
I grew up on a ranch in a small town with just one stoplight! I even had a computer with dial-up internet in our barn!
If you could have any superpower, what would it be?
I’d love the power to instantly teach cybersecurity awareness to elderly people everywhere. Elderly people are often targeted by scammers and cybercriminals, and being able to help them recognize and avoid these threats would prevent tremendous financial and emotional damage.
What are some things you enjoy doing outside of work?
I love rock ‘n’ roll music and going to concerts! I actually got to combine this passion with my studies – my master’s capstone project involved creating a database related to music.
Tell us about your role at Rhymetec…
I’m a cybersecurity analyst at Rhymetec, where I’ve been working since September 2024. I help our customers achieve compliance with standards like SOC 2, ISO 27001, and HIPAA. My daily responsibilities vary quite a bit, which keeps the work interesting, but typically include setting up monitoring alarms in AWS and Azure environments, creating security policies, and running compliance tests. I also conduct vendor reviews and risk assessments, manage device compliance configurations like encryption and MFA setup, oversee mobile device management security, and perform internal audits. A significant part of my work involves gathering evidence for compliance audits and conducting employee security reviews.
Why did you pursue a career in the cybersecurity industry?
My grandfather let me play games on a computer starting around age 5 because he knew computers were the future, and I’ve been hooked on technology ever since. Growing up, I had to run a 25-foot dial-up cord to the barn just to get more computer time!
As I got deeper into technology during my studies, I was trying to figure out which direction to take my career. I learned that cybersecurity was a rapidly growing field with great opportunities, and that practical aspect really appealed to me. Combined with my fascination with how technology works and the challenge of protecting digital systems, cybersecurity felt like the perfect fit.
What is your favorite part about working at Rhymetec, or in the cybersecurity industry?
I love that cybersecurity is like being a digital protector. Our job is to see threats you don’t until it’s too late. Every day brings different challenges and puzzles to solve, whether it’s helping a client set up better security controls or investigating a potential threat. Plus, the field changes so quickly that I’m always learning something new, which keeps the work exciting.
What is your favorite quote or the best advice you have ever received?
The best advice I’ve ever received came from my mother and grandmother: “Education is the one thing no one can ever take from you.” That belief shaped my approach to life. It taught me that knowledge builds independence, creates opportunity, and empowers you to navigate challenges on your own terms. I carried that mindset through working my way through school and earning my master’s degree, and it continues to guide me today. Whether it’s formal education or self-taught skills, I believe continuous learning is one of the most powerful tools anyone can have.
From a security or compliance perspective, what advice would you give to a potential client or SaaS business?
My biggest piece of advice is to never assume your security controls are working just because someone says they are. I’ve seen too many cases in my career where servers and systems were thought to be secure, but when we actually verified the controls, we found significant gaps. Often this happens because security measures weren’t properly documented or the implementation was never completed as planned.
Compliance frameworks like SOC 2 and ISO 27001 aren’t just regulatory requirements – they provide crucial verification that your security controls are actually in place and functioning as intended. Beyond the technical benefits, achieving compliance also demonstrates to your customers and stakeholders that you take security seriously. In today’s business environment, that visible commitment to protecting data can be a real competitive advantage.