Experienced security consultant, with an extensive background in penetration testing, security reviews and threat assessment. Excellent research and data analysis skills.

Expertise in the following:
• Ethical grey and black-box web application, internal and external infrastructure penetration tests, audits and exploitation, both remotely and on client sites.
• Operating system build (configuration) reviews, including mainframes.
• Firewall and router security reviews.
• Intrusion analysis.
• Threat intelligence and assessment
• Vulnerability assessments.
• Evidence gathering and investigations using internet and device forensic techniques, including log and network packet analysis.
• PCI/ISO 2007 standards
• Social engineering.
• Report proofreading.
• Ascertain security issues in new business projects throughout their lifecycle.
• Red-team work.
• Cloud service security testing.
• Scoping client engagements; excellent client communication both during and after a job.
• Gathering information and evidence on intellectual property infringements, including original source and supply chain diversions, manufacturers and distributors.
• Conducting extensive online research and monitoring of illicit activity. Finding information using advanced non-invasive techniques, including data leakage of sensitive information from public sources such as forums, social media, chat rooms, paste and underground sites.
• Tracing individuals and the source of network, email and internet activity.
• Managing and delivering projects on time and to budget.

Work Terms

Can work at any time/day. Strive to meet deadlines and produce high-quality work. Reports of findings will generally contain a summary, detailed findings, references to further reading and conclusions.