Toronto, Ontario, Canada
• Led cloud and web application penetration tests against complex enterprise environments, identifying and exploiting high-impact vulnerabilities in cloud-native architectures • Served as sole Subject Matter Expert for Oracle Cloud Infrastructure, designing and executing the firm’s first OCI assessment and authoring internal testing methodology from the ground up • Drove expansion of cloud offensive capabilities by developing and standardizing testing methodologies across cloud platforms, enabling broader and more consistent engagement coverage • Contributed core functionality to Aurelian and Nebula, shaping internal cloud attack simulation and enumeration capabilities • Developed and enhanced internal and open-source offensive tooling to support scalable cloud assessments, including enumeration, privilege escalation, and attack path analysis • Authored and maintained internal cloud security documentation and testing playbooks, enabling consistent execution of cloud assessments across the team • Identified complex attack paths across IAM, networking, and cloud services, demonstrating real-world exploitation scenarios including privilege escalation, lateral movement, and data exfiltration • Built specialization in Kubernetes security, maintaining internal documentation and improving Kubernetes testing tooling and methodologies • Partnered with clients to translate offensive findings into prioritized, actionable remediation strategies aligned to real-world threat models
• Conducted penetration tests and vulnerability assessments on systems, networks, and applications to identify security weaknesses and potential vulnerabilities • Utilized various tools and techniques to simulate real-world cyber attacks and assess the effectiveness of existing security controls • Collaborated with IT teams and stakeholders to scope penetration testing engagements and define objectives, targets, and rules of engagement • Documented findings, including vulnerabilities discovered, exploitation methods used, and recommendations for remediation, in detailed reports • Provided guidance and recommendations to system and network administrators on how to mitigate identified vulnerabilities and improve overall security posture • Stayed current with the latest security threats, vulnerabilities, and exploitation techniques through research, training, and participation in relevant forums and communities • Conducted social engineering tests, such as phishing campaigns, to evaluate the effectiveness of security awareness training and policies. • Developed proof of concept scripts for emerging vulnerabilities in our lab environment • Engaged with clients and stakeholders to communicate technical findings and recommendations in a clear and understandable manner, tailored to the audience’s level of technical expertise • Trained co-op students in penetration testing with shadowing and supervised tasks
• Implemented and configured the SIEM solution to aggregate, correlate, and analyze security event data from various sources across the organization. • Managed and maintained the SIEM infrastructure, including servers, databases, and connectors, ensuring optimal performance and availability. • Developed and tuned correlation rules and alerting mechanisms to detect and respond to security incidents in real-time • Fine-tuned UEBA models by analyzing user and entity behaviors, optimizing detection thresholds, and refining algorithms to enhance accuracy and effectiveness in identifying anomalous activities • Conducted regular audits and reviews of configurations and policies to ensure alignment with security best practices and compliance requirements • Investigated security incidents and anomalies, analyzing log data and network traffic to determine the scope and impact of incidents. • Collaborated with incident response teams to develop and execute response plans for security incidents detected by the SIEM • Participated in the design and implementation of security monitoring and logging architectures to improve visibility and detection capabilities • Documented configurations, processes, and procedures for knowledge sharing and future reference. • Actively participated in multiple projects, including standing up new SIEM and UEBA solution
• Implemented and managed endpoint security solutions to protect against malware, ransomware, and other cyber threats • Conducted regular assessments and audits of endpoint security configurations to ensure compliance with security policies and industry regulations • Deployed and configured endpoint protection platforms and endpoint detection and response tools to safeguard organizational assets • Monitored and analyzed endpoint security logs and alerts, investigating potential security incidents and taking appropriate action • Responded to and resolved endpoint security incidents in a timely manner, minimizing impact and mitigating risk to the organization • Documented endpoint security configurations, incidents, and remediation efforts for reporting and compliance purposes • Actively participated in multiple projects, including upgrading the API gateways