I am a senior penetration tester with extensive hands-on experience with both blue and red team environments. My expertise goes beyond delivery of just findings and I am well-versed in both implementing short-term fixes as well as rolling out a long term end-to-end security programme.
I have a significant level of hands-on experience with legacy and fringe systems - unlike most application and system security consultants, I have real world experience with often inacessible technologies such as RPG, COBOL, IBM i, AIX and z/Arch. My knowledge goes beyond just the surface level of basic auditing; I have in-depth experience with PHYP and the SLIC nucleus, and my understanding on RPG/COBOL security is scoped all the way from the source code level through the MI, VOXLATOR, machine level and SLIC kernel interfaces.
In addition to my specialisation, I am well-versed in more standard technologies such as .NET, Mobile (Android/iOS), Web, Network/Infra/Cloud/Containerisation, which puts me in the unique position where I can deliver on more common technologies while maintaining a resident presence for deeply specialised deliverables.
I keep a blog where I regularly carry out a brain dump of my current activities to preserve the knowledge for future use. You can find it here.
Emergency Hotline: +44 20 3579 2708