
I am an experienced managing security consultant and published threat researcher with 7+ years leading offensive security and application security engagements across enterprises. I thrive in greenfield environments where I have the autonomy and leadership to build systems and processes from scratch, as well as governance models to ensure consistent repeatability.
At CyberCX, I’m the technical capability lead of 50+ offensive security service offerings. I’m responsible for overseeing all research and development, improving tooling and methodology across penetration testing, technical assessments and application security. I’m customer oriented, and eager to work collaboratively end-to-end, from initial vulnerability identification, to technical remediation and risk mitigation.
I like taking an intelligence-led approach to all security work. I’ve published threat intelligence reports with a broad coverage of the threat landscape, including ransomware affiliates, initial access brokers, youth-led cyber crime, and nihilistic violent extremist groups.
Excellent understanding of infrastructure, malware, execution chains and evasion techniques used by threat actors.
Practical experience as an offensive security lead, exploiting vulnerabilities, performing privilege escalation and lateral movement.
Experience from architecting a hybrid on-prem and cloud based Defence secure research enclave.
Domain expert in OSINT investigations for ultra-high net worth family offices.
Investigative mindset to understand complex problems, develop intuition and identify out-of-the-box solutions.
Confidence to tailor communication style to a wide range of stakeholders, from engineers to chief information security officers.
Strong emotional intelligence to foster a collaboratige culture, embracing diversity.
5+ years experience generating high quality client deliverable for executive and technical audiences.