As a Cyber Security Specialist with over five years of hands-on experience working for various globally recognized multinational corporations and over 7 years of experience in the training, mentoring, and building of Security Awareness.
As a Cyber Security Specialist with over five years of hands-on experience working for various globally recognized multinational corporations and over 7 years of experience in the training, mentoring, and building of Security Awareness, I have focused my entire career on analysing, mitigating and preventing some of the most serious threats to Cyber Security while also providing the appropriate security posture for organisations protecting their critical Digital Assets. I have been able to make connections between how real-world attackers use certain tactics and what organisations need to do to put in place effective Defensive Strategies to counteract these tactics. Through my understanding of Cyber Criminal Behavior and their attack methods, I can determine the vulnerabilities of an organisation's environment and take measures to harden their Digital Environments.
Some of the major areas of Cyber Security that I have worked within include: Vulnerability Assessment and Penetration Testing; Security Operations Centre (SOC) Monitoring; Threat Detection and Hunting; Malware Analysis; Incident Response; Digital Forensics; Network Security and Secure Infrastructure Design. Additionally, I help organisations achieve and maintain compliance with a variety of International Standards, including ISO 27001; PCI-DSS; HIPAA; and the General Data Protection Regulation (GDPR). I continuously monitor for Security Events in real time and respond quickly to incidents that may indicate a potential breach of Security. My expertise covers both on-premises Security as well as Hybrid and Cloud infrastructures (e.g. AWS, Microsoft Azure) Enterprise SaaS platforms and Large Scale Networks that require High Availability and Zero-Downtime. My background in Web Application Security has provided me with a wealth of Technical knowledge and experience with securing against all OWASP Top 10 vulnerabilities, performing API penetration testing, performing Configuration Audits, enforcing Access Controls, validating Cryptography and using Advanced Red Teaming methodologies.
