Apr 2025 – Oct 2025 · 6 mos · On-site

• Led a team of 4 to develop novel penetration testing methods to find malicious code in a large social media platform
• Developed an internal pentest intelligence tool to find insights across various data sources using AI
• Ran biweekly public speaking trainings to empower team members to share their findings with confidence

Oct 2024 – Apr 2025 · 6 mos · On-site

• Conducted mobile penetration tests on a social media application with over a billion users
• Performed secure code reviews to triage vulnerability alerts with Coverity and custom tooling
• Developed threat hunting procedures for uncovering covert channels in the application environment

Feb 2024 – Oct 2024 · 8 mos · Remote · Remote

• Conducted cloud application security penetration tests for a major cloud provider, specializing in GenAI, Web and API testing.
• Discovered vulnerabilities in client applications via code review, API testing, IAM policy review, DoS testing, and injection attacks
• Utilized ethical hacking tools such as BurpSuite, Semgrep, Nmap, and ScoutSuite and constructed reports with actionable remediation steps

Mar 2023 – Jan 2024 · 10 mos · Remote

• Led a team of 10 cybersecurity learning assistants to deliver quality assistance to students and meet performance goals
• Promoted to Senior Learning Assistant after demonstrating a record of surpassing program goals
• Top Performer Award: In the top 5 most highly rated staff members in the first half of 2023

Sep 2022 – Mar 2023 · 6 mos · Remote

• Resolve students’ cybersecurity questions for a bootcamp organization that supports 10,000 learners
• 2022 Top Performer Award: Perfect student feedback
• Gained knowledge to mitigate every common technical issue for penetration testing tools in Kali Linux, Ubuntu, and Azure

Jun 2022 – Aug 2022 · 2 mos · Denver, Colorado, United States · Hybrid

• Cyber Security Services Intern for KPMG's Cyber Defense Community at Ignition Denver
• Supported the development of OT ransomware awareness training materials for a Covid-19 vaccine manufacturer
• Created an internal presentation for firm-wide use on phishing training best practices
• Published a blog post on software supply chain security

May 2021 – Aug 2021 · 3 mos · Missoula, Montana, United States · Hybrid

• Conducted full web application security assessments for financial and legal consulting businesses
• Designed and implemented social engineering tests to obtain employee credentials and follow up with training
• Designed a bank vishing campaign with a 10% increase in employee credentials obtained
• Discovered 3 new high-risk vulnerabilities for a web app that had gone unreported in past security assessments

Jun 2017 – May 2021 · 3 yrs 11 mos · Remote · Remote

• Constructed websites for 7 small businesses to optimize growth with secure design principles
• Re-designed websites for educational institutions to better serve students and meet accessibility regulations
• Led the website preparations for the Mansfield Center to host a virtual talk with Dr. Fauci, Director of the NIAID at NIH
• Created a bilingual help site for the tech startup GatherBoard