RESEARCH DIRECTOR
Desertclouds.com
مجموع سنوات الخبرة :6 years, 8 أشهر
• Spearheaded the analysis of 50+ ransomware strains (e.g. Ryuk, HelloKitty, WannaCry) in sandbox environ ments, selectively testing specific strains in live exercises against company IT assets.
• Architected and deployed an Elasticsearch stack (ELK), achieving monitoring of 25+ internal KPIs, auto mated alerts on system issues, and a unified NOC dashboard.
• Designed the security policies and procedures for the company's GitHub organisation.
• Discovered 2 low risk vulnerabilities in a webapp penetration test against the company website.
• Designed core technical documentation: architecture diagrams (layer 1 to layer 7), operation manuals, and reference material.
• Coded a user management solution (involving OAuth tokens and the Microsoft Graph API) to reduce li censing cost of the company's lab-as-a-service by more than 30%.
• Handpicked among a select few by top management to transition midway from an active red team assign-
ment to an urgent Cisco project to remediate operational challenges.
• Led and delivered expert security consultation to multiple operation teams during 2 major security audits.
• Reverse engineered missing deployment architecture diagrams (layer 3 and layer 7) from packet captures,
firewall hits, Cisco documentation, and other sources.
• Coded a JavaScript client checker to preempt user issues via 10 automated tests, solving a key pain point.
Discovered a critical vulnerability in BIOS affecting 30, 000+ company laptops as part of a penetration test.
• Coded a proof-of-concept Java ransomware that highlighted a flaw in the endpoint security controls.
• Coded a 2FA phishing website that was pivotal for a department-wide red team assessment.
• Performed purple team exercises on company services involving brute forcing and password spraying.
• Streamlined developer collaboration and unified the frontend codebase of 12 NOC centre dashboards.
• Mentored a colleague in Python to develop a unique 1, 000 line telephony registration parser.
• Coded a firewall parser and analyser based on algebraic factorisation and graph theory, leading to the dis-
covery of 100+ unnecessary firewall ACLs.
• Coded an automated security baseline compliance checker for 20 Linux/Solaris servers, speeding up com-
pliance checking from 8 hours to 2 minutes.
• Mentored an intern for 8 weeks, resulting in developing telephony reporting tools in Python.
• Coded scripts to decrease the time taken to configure switches and routers by more than 50%.
• Coded a Q&A webapp in Python/Django that for a significant company event of 3, 000 attendee.
• Mentored a summer student for 8 weeks, resulting in developing Bash scripts that check system health.
• Lead the annual IT committee as vice-chairman to successfully host a 300 attendee event.
2:1 honours (UK System)
