Support and drive Vulnerability management efforts to improve CVE data efficacy (GoLang)

Developed and patented internal tooling for dynamic CVE Data collection (Laravel, VueJS)

Developed cloud-based composite alert detections from Threat Intelligence (Python, Sigma, Snowflake, Neo4j)

Developed internal baseline framework to compare Lacework vulnerability evaluation engine against CVE Data sources (Python)

Developed the PHP language support for the Code Aware Agent (GoLang)

Establishing an Attack Simulation program to test and validate detections (Terraform)

Performed novel research on Living Off the Land vulnerability detection and presented at BlackHat USA 2023.

Automated testing and deployment (GitHub Actions)

Design and build the entire web application (Laravel, VueJS)

Follow DevOps strategies to maintain the application and infrastructure

Define and implement Penetration Testing and Security Research strategy

Develop Penetration Testing Methodologies, and define security best practices and standards

Develop proof of concept exploits to demonstrate impact of vulnerabilities (python, bash)

Perform manual code review to discover vulnerabilities within large code bases (C#, PHP, Java)

Perform Penetration Testing & Security Research on BD's products using emerging technologies such as Kubernetes and cloud native applications

Provide guidance on secure architecture design and DevSecOps within CI/CD pipelines

Support developers in their SDLC and provide guidance for mitigating emerging threats

Utilise SAST and DAST solutions within the testing methodologies and SDLC (Checkmarx, FoD)

Team Leadership, Mentoring, and Career Planning

Developed a plagiarism detection system using machine learning (spaCy NLP)

Provide assistance in building new lab and exam machines

Provide guidance to students during their lab time

Provide Linux, VPN, Virtual Machine technical support

Used the opportunity to up-skill, and learn from those who build Offsec and obtain two additional Offsec certificates

Write technical documentation for new lab and exam machines

Develop and define engagement methodologies and frameworks

Implement automated source code analysis (SonarQube)

Plan and execute on security assessments on internal environments

Support Incident Response team during investigations, particularly where new TTPs were discovered

Advise internal infrastructure teams on designs and implementation strategies of new systems

Design and implement CyberArk as a least privilege solution and successfully manage all server and workstation local Admin accounts

Design and implement global Splunk infrastructure for security monitoring capability

Develop security monitoring detections and strategies from Threat Intelligence

Plan and execute on security assessments on internal environments

Research vulnerabilities, reverse engineer targeted malware and write associated internal advisories

Support Incident Response team during investigations, particularly where new TTPs were discovered

Acting as Information Security Officer and Information Security Consultant at several large organisations

Engaging in research and development to identify trending security issues and possible solutions

Successfully implement Data Loss Preventions solutions at Royal Bank of Scotland and Standard Bank SA

Support the sales teams to successfully deliver on the Sales Life Cycle by providing advice and guidance on current technical markets and trends