Sep 2020 – Mar 2022 · 1 yr 6 mos · Auckland, New Zealand

Jan 2020 – Dec 2025 · 5 yrs 11 mos · Claymont, Delaware, United States · Remote

• Syn Cubes is a US-based IT security vendor delivering Pentesting as a Service that goes beyond merely highlighting security issues.
• We're recognized for our unique approach in executing:
• Cloud Red Teaming
• Assumed Breach Adversarial Emulation
• Ransomware Emulation
• Application Security (AppSec)
• LLMs / AI Adversarial Testing
• Infrastructure Testing
• IoT / Robotics Pentesting
• Cloud Advisory and Hands-on Remediation Services
• Vision:
• Syn Cubes empowers digital-native companies to secure their exposed digital landscape and products, accelerating growth and help preventing potential security breaches.
• Mission:
• Our mission is to equip organizations with a robust cybersecurity posture through cutting-edge pentesting services. We aim to uncover and remediate real vulnerabilities, enabling our clients to operate confidently in an increasingly complex digital landscape.
• We strive to be a trusted partner in our clients' cybersecurity journey, fostering a proactive security culture that aligns with their business objectives and supports their growth in the face of ever-evolving digital risks.

Aug 2019 – Jul 2020 · 11 mos · United States

• Quality Assurance and Reporting
• Served as the primary quality gatekeeper for all deliverables, ensuring impeccable English grammar, technical accuracy, clear risk articulation, and practical remediation guidance.
• Continuously improved security metrics and reporting templates, pushing the boundaries of traditional reporting to enhance the company's penetration test reports.
• Strategic Vision and Market Insight
• Acted as an ideas challenger and business strategy visionary, providing valuable intelligence to stakeholders regarding IT security market trends.
• Project Management and Customer Satisfaction
• Monitored active penetration tests from kickoff to report delivery and retest, ensuring both customer and researcher needs were met.
• Swiftly addressed and resolved obstacles during testing, maintaining smooth operations and high customer satisfaction.
• Team Leadership and Resource Optimization
• Assembled and scheduled high-performing teams from the company's core pool to deliver scalable, high-value penetration testing engagements.

Jan 2019 – Dec 2019 · 11 mos · United States

Nov 2017 – May 2024 · 6 yrs 6 mos · New Zealand

• Security Hubs Limited was a privately held IT cybersecurity company located in New Zealand.

Apr 2015 – Dec 2018 · 3 yrs 8 mos · New Zealand

• Web / API / Infrastructure Penetration testing.

Mar 2014 – Mar 2015 · 1 yr · Bucharest, Romania

• Conducted comprehensive firewall reviews and testing to identify vulnerabilities and reduce the attack surface. This process involved implementing key firewall best practices, including proper configuration, regular protocol updates, and access control reviews.
• Performed web application penetration testing aligned with the Open Web Application Security Project (OWASP) Top 10 framework.
• The testing methodology encompassed:
• Scope validation to define testing boundaries
• Automated scanning to identify potential vulnerabilities
• Manual verification of discovered issues
• Multi-stage testing process to simulate real-world attack scenarios
• Privilege escalation attempts to assess vertical and horizontal access controls
• Evaluation of business logic flaws to uncover application-specific vulnerabilities
• This approach ensured a thorough assessment of web application security, covering critical areas such as broken access control, cryptographic failures, injection flaws, and security misconfigurations.
• The testing process adhered to industry-standard practices and guidelines as outlined in the OWASP Web Security Testing Guide, providing a comprehensive evaluation of the application's security posture.

Dec 2010 – Feb 2014 · 3 yrs 2 mos · Bucharest, Romania

• Conducted vulnerability assessments and provided security remediation consultancy for incorrectly configured services.
• Executed network scanning (both internal and external) and delivered IT vulnerability remediation assistance for various US-based clients across multiple business sectors, including healthcare, financial, and aeronautical industries.

Sep 2003 – Dec 2009 · 6 yrs 3 mos · Bucharest, Romania

• Responsible for managing internal banking computer systems with a focus on security systems to ensure all protocols were effective and provided a high level of protection to the group's network.
• Updated existing systems and implemented new ones as required to remain at the forefront of modern cybercrime prevention.
• Acted as a technical lead, actively engaging in solution design, review, and implementation of the internal anti-virus architecture, centralized alerting system application, and the entire Internet access point infrastructure (including web filtering, anti-spam solution, access proxy, and firewalls). This project's scope was to actively protect 500 servers and 9,000 workstations using various operating systems such as Microsoft, Linux, and UNIX.