Aug 2025 – Jan 2026 · 5 mos

Jan 2021 – Aug 2025 · 4 yrs 7 mos

• At Manchester Metropolitan University, I have taught and led a range of courses across BSc, MSc, and degree apprenticeship pathways in Cyber Security. My teaching portfolio includes ethical hacking, web application security, penetration testing, and foundational cyber security. In addition to supervising final-year and master's research projects, I served as the Programme Lead for the BSc in Cyber Security. I have successfully managed and guided students in research projects, helping them explore their interests in cyber security and develop genuine solutions to real problems.
• I am deeply passionate about innovation in teaching and assessment, continuously seeking new ways to enhance student engagement and learning outcomes. I believe that education extends beyond the classroom and that my role as a mentor does not end at graduation. By taking a holistic approach to education, I strive to support and inspire students throughout their careers, fostering lifelong learning and professional growth.
• I have also secured UK government funding and led research initiatives in cyber security, contributing to advancements in the field.

Jul 2025 – Present · 9 mos · England, United Kingdom · Remote

• As a Staff Security Advocate at Semgrep, I act as a key technical partner for both customers and our internal teams. My role is focused on driving customer success and sales enablement by:
• Partnering with the sales team on early-stage opportunities and strategic deals, providing deep technical expertise to prospective customers.
• Delivering specialized training sessions to help new and existing customers engage their development teams in security practices.
• Creating impactful technical content, including blog posts, webinars, and documentation, to educate the market and demonstrate product capabilities.
• Representing Semgrep at major industry events and conferences as a public speaker.
• Engaging directly with our user community to gather feedback and foster a strong, collaborative ecosystem.

Mar 2025 – Jul 2025 · 4 mos · London Area, United Kingdom · Remote

• AppSec team: Traceable by Harness. Still making and breaking web APIs then writing about how I did it.

Nov 2024 – Mar 2025 · 4 mos · Remote

• As a Principal Security Researcher at Traceable, I co-lead the ASPEN research team, driving cutting-edge research in API security. I work to uncover and disclose critical API vulnerabilities, contributing to the broader security community and enhancing industry awareness of emerging threats.
• I play a key role in managing the vulnerability disclosure process, collaborating with leadership and legal teams to ensure responsible disclosure practices. I also help researchers get their work published in conferences, amplifying Traceable’s thought leadership in API security.
• In addition to research, I actively share insights with the security community, speaking at conferences and engaging in discussions on API security trends and best practices.

Oct 2023 – Nov 2024 · 1 yr 1 mo · Remote

• Traceable is an API security platform designed to help security teams better understand and protect their API attack surface. As a subject matter expert in API security, I worked across the organization to provide guidance on APIs and API security, delivering training sessions for both internal teams and external customers.
• I played a key role in driving and nurturing leads by leading technical content creation within the marketing team. I developed blog posts, webinars, white papers, internal sales enablement materials, and conference talks tailored to a technical security audience. I also advised on product positioning and marketing strategies from a technical customer perspective, working with both demand generation and product marketing.
• Beyond content creation, I consulted directly with customers and prospects to understand their security challenges and help them maximize their product use. I played a key role in analyst relations, leading technical demos to showcase product capabilities. Additionally, I spearheaded marketing and positioning efforts for a cybersecurity research lab, ensuring high-quality, impactful content received the recognition it deserved.
• I also served as an internal expert on compliance and regulatory frameworks, helping teams navigate evolving security and data protection standards. I guided how Traceable’s solutions align with industry regulations such as GDPR, PCI-DSS, and SOC 2, ensuring our messaging and product capabilities resonated with security-conscious organizations.
• As an internal expert, I contributed to various aspects of technical marketing and sales, helping bridge the gap between security professionals and business decision-makers. My role extended to being a public-facing voice for the company, contributing to media articles on hacking, cybersecurity, and web security, and offering technical insights in an accessible way.

Aug 2021 – Nov 2021 · 3 mos

• As a Technical Community Manager at Bugcrowd, I was key in fostering and growing the hacker community. I planned and delivered technical content to educate and empower security researchers, helping them sharpen their skills and maximize their impact within the platform.
• In addition to content creation, I led community development initiatives to attract and retain top hacking talent, ensuring an engaged and thriving researcher ecosystem. I also collaborated with sales teams and prospects across EMEA, providing technical insights to help position Bugcrowd’s platform effectively for large organizations.
• By bridging the gap between hackers, customers, and internal teams, I strengthened Bugcrowd’s reputation as a leader in crowdsourced security.

Mar 2021 – Aug 2021 · 5 mos

• At Bugcrowd, I played a key role in the security operations team, working closely with both ethical hackers and customers to ensure the success of vulnerability disclosure and bug bounty programs. My responsibilities included triaging security reports, verifying and classifying hacker submissions, and mediating between researchers and clients to ensure both sides remained productive and satisfied.
• Beyond triage, I worked directly with customers to identify and resolve operational challenges within their security programs. I also performed quality assurance on the work of other triagers, maintaining high standards of accuracy and efficiency. Additionally, I developed internal documentation and processes for handling security incidents, such as unauthorized disclosures, to ensure consistent and effective responses.
• As an expert in Burp Suite and common web application vulnerabilities, I provided deep technical insights into security findings, flagging high-severity reports directly with clients to facilitate rapid remediation. I also represented Bugcrowd at industry events, engaging with the security community and strengthening the company’s external presence.

Jun 2021 – Aug 2025 · 4 yrs 2 mos

• As a member of the Secure Smart Infrastructure Research Group at Manchester Metropolitan University, I contributed to research focused on the intersection of cybersecurity and smart infrastructure. My work involved exploring innovative approaches to securing interconnected systems and advancing the understanding of cybersecurity challenges in the context of smart cities, IoT, and critical infrastructure.

Jun 2019 – Present · 6 yrs 10 mos · Worldwide

• Named as an upcoming ethical hacker to watch. In my free time I develop my cyber security knowledge and experience by performing penetration testing on websites and apps, including the American Department of Defense and large organisations such as Verizon Media.
• Having been fortunate to be accepted to HackerOne's mentorship program during their London live hacking event, I found my first security vulnerabilities. Since I have been invited to 3 live hacking events, in locations such as Vancouver, Las Vegas and Los Angeles.
• I am also an active mentor within cybersecurity, running a successful Youtube channel teaching others about security, and on Twitter where I answer DMs and give tailored advice.
• In addition, I have been an invited speaker twice relaying my experience so far in the industry and inspiring others to get into Cyber Security. Commended for my passion and energy, my inspirational/motivational presentations, my knowledge and experience and my story regarding my particularly motivational hamster. I have brought my skills developed during my degrees into the information security industry and made a real impact making software more secure.

Feb 2018 – Feb 2021 · 3 yrs · Oxfordshire, United Kingdom

• Investigating insider threats with natural language processing
• Insiders can be a significant threat to an organisation, people who have privileged access to an organisation's sensitive information and internal systems.
• Using NLP techniques we will be able to automatically explore a large corpus of reports of insider attacks, extracting key actors, tools, techniques, events and outcomes. Over a corpus we will be able to build a model of insider threat from the unstructured textual reports of attacks.
• As new attacks are perpetrated, the proposed system will be able to analyse new reports to identify and alert security professionals to evolving methods. Using an interface with visualisation tools, the system will allow non-experts to understand how insider threats are being perpetrated and the potential risk to their organisation.

Jun 2017 – Apr 2018 · 10 mos · Manchester, United Kingdom

• Official job title: Front End Developer (with a bit of Data Science) converted to a Data Scientist (with a bit of front end development).
• I've been involved with a range of data activities including implementing a data warehousing solution using MySQL, custom Apache NiFi processors for ETL and PHP to produce a front end. In addition to a data warehousing solution I was working on creating interactive reports using Qlik, using R to help data understanding and visualisation and implementing machine learning techniques to improve performance metrics. Creating valuable insights into the customer base within the business Utility sector (energy, electricity, water and gas market) improving sales and creating new customer bases and segments.
• On the web development side I was involved with the continual development of a customer facing WordPress website, a bespoke customer portal and the continual development of the internal CRM.

Sep 2016 – May 2017 · 8 mos

• After my success in running student led mentoring session, I was the first undergraduate to be offered a teaching assistant role at the University. I was directly involved in supporting first year undergraduate students with Java, including answering questions, talking through problems and assisting with assignments. In addition due to my success as a pilot for the program it has since been extended and more undergraduate students have been given this opportunity at Salford.

Jun 2016 – Sep 2016 · 3 mos

• EPSRC Funded Research Studentship with Lancaster Management School.
• Title: E-learning user modelling and segmentation
• Abstract: With many people learning to program for many different reasons, such as wanting to change careers, wanting to start their own business or make themselves more marketable, a large business of e-learning resources such as courses, podcasts and other supplementary material has appeared. This project aims to find these distinct groups using data mining techniques to better understand the types of people learning to improve the overall quality of these resources and suggest appropriate resources to new learners.

Sep 2013 – Aug 2015 · 1 yr 11 mos · Manchester Area, United Kingdom

• Creating websites in HTML, JavaScript, CSS and PHP.