Whoami

I'm a Security Engineer with primary focus in Application Security and Offensive Security. I enjoy turning complex problems into simple and robust secure solutions.

My job is dedicated to safeguarding your organization, thwarting potential threats from malicious actors. Furthermore, my goal is to convey your message and identity through the most secure means possible. I specialize in creating and implementing solutions that fortify your source code and protect both internal and external assets from potential vulnerabilities.

What i'm doing

  • design icon

    Application Security

    Securing software applications from threats through proactive measures, ensuring robust protection against potential vulnerabilities and enhancing overall software security.

  • Web development icon

    Offensive Security

    Simulate cyber attacks to identify and mitigate vulnerabilities, strengthening organizations' overall security posture.

  • mobile app icon

    Cloud Security

    Securing data, applications, and infrastructure in cloud environments for resilient and secure operations.

  • camera icon

    Vulnerability Management/Assessment

    Proactive identifying and prioritizing vulnerabilities in systems for enhanced security.

Resume

Education

  1. Rochester Institute of Technology

    2022 — 2022

    I successfully pursued a Master of Science degree in Computing Security, achieving an outstanding GPA of 3.92 out of 4.0. Throughout the program, I demonstrated a strong commitment to academic excellence and a comprehensive understanding of computing security concepts and practices.

  2. Rochester Institute of Technology

    2018 — 2022

    I earned a Bachelor of Science degree in Computing Security with a GPA of 3.80 out of 4.0. Additionally, I graduated Summa Cum Laude, reflecting my dedication to academic excellence and outstanding performance. During my undergraduate studies, I also pursued a minor in Networking and System Administration, further broadening my knowledge and skills in the field.

Experience

  1. Security Engineer II at Akamai Technologies

    2022 — Present

    I took charge of overseeing the corporate-wide Bug Bounty platform, fostering collaboration with White hat hackers. Additionally, I orchestrated responses to security incidents, working closely with cross-functional teams to ensure swift bug fixes and the implementation of necessary security patches.

    In customer-facing incidents, I demonstrated proactive security engineering, effectively preventing the recurrence of similar issues. Moreover, I played a key role in engineering and maintaining a robust asset and vulnerability management system. This initiative significantly improved infrastructure visibility and allowed for the prioritization of remediation efforts.

  2. Security Engineer at Linode (Acquired by Akamai Technologies)

    2022 — 2022

    I engineered a custom Static Application Security Testing (SAST) solution seamlessly integrated into our CI/CD pipeline, enhancing application security by proactively addressing potential vulnerabilities.

    I integrated vulnerability scanning tools with a centralized vulnerability management platform, centralizing and streamlining security data to improve prioritization and remediation.

    I collaborated cross-functionally to gather threat intelligence data, enabling the identification and evaluation of emerging cyber threats. This support for data-driven decisions fortifies our organization's security posture.

  3. Security Researcher at EATON Cybersecurity SAFE Lab

    2021 — 2022

    I conducted in-depth vulnerability assessments using OpenVAS and Nessus, empowering clients with actionable insights to strengthen their infrastructure's security.

    I initiated and conducted penetration testing engagements, showcasing expertise in Linux and IoT device security to safeguard critical assets in both external and internal engagements.

    I created a comprehensive Penetration Testing Playbook, offering a structured guide for conducting effective security assessments.

My skills

  • Programming
    Python, BASH, GraphQL, MySQL, HTML, JavaScript, Go, Java, C/C++
  • Tools

    Docker, OpenStack, Ansible, Volatility3, wFuZZ, Nmap, Git, BurpSuite, Semgrep, Bandit, Nessus, OpenVAS, Metasploit, Wireshark, ELK Stack, OSQuery, Sysmon, GitHub Actions, Jenkins, Jira

  • Technical

    Offensive Security, Application Security, Bug Bounty, Penetration Testing, Cloud Security, Threat Hunting, Digital Forensics, Incident Response

  • Networking

    Network Security, TCP/IP model, DHCP, DNS, Active Directory, Reverse/Forward Proxy

  • Platforms

    Linux, Linode, AWS, Windows, MacOS, FreeBSD