2009 - Present: Pentest Ltd - IT Security Consultant
I work primarily as a penetration tester, performing infrastructure and web application reviews of client systems and applications. I obtained Tiger Senior Security Tester accreditation, demonstrating competence in this area. In addition to more traditional penetration testing I have performed on-site audits involving interviewing client employees and reviewing documentation. As well as performing tests I have been part of the sales process, including pre-sales meetings and proposals. I also helped develop the testing methodology.
I also acts as Information Security Manager for Pentest internal systems. I developed an Information Security Management System (ISMS) in line with ISO 27001 and continue to operate this. The system has been successfully audited, with Pentest gaining ISO 27001 certification.
2008 - 2009: Travelling Sabbatical
I took a one year career break to see the world. I rode through the Indian desert on camel back, explored Goa on a scooter and stayed in remote villages in Thailand, Cambodia and Vietnam. It was a wonderful experience that has shaped me profoundly.
2005 - 2008: HBOS Plc - Penetration Testing Manager
I had a varied role in Group Information & IT Risk, a group-wide operational risk function which specialises in information and IT risks. The team won the SC magazine "Best FS Information Security Team" in 2007. Primary responsibilities:
2002 - 2005: Westpoint Ltd - Internet Security Specialist
My primary responsibility is running automated vulnerability scans of large, remote customer networks, removing false positives and reporting the results in a customer-focused manner. I have gained experience in automated scanning software such as nmap, nessus and nikto as well as manual investigation tools such as netcat, stunnel, scapy and dig. I am able to communicate vulnerability information to both technicians and managers. I have also conducted penetration tests, which involve a higher level of detail and more manual effort.
I am responsible for continually improving the test set to incorporate new vulnerabilities and reduce false positives. I have contributed numerous improvements to nessus, which have been incorporated into the tool. I have also developed bespoke auditing tools, for example "icmpscan" which solicits various ICMP messages from remote hosts. These tools have been written in Perl, Python and NASL (Nessus Attack Scripting Language). I have conducted vulnerability research which has led to three CVE candidate numbers being assigned to vulnerabilities I discovered.
2001 - 2002: Effective IT - Systems Administrator and Developer
My major responsibilities were developing and maintaining a web hosting company and an ISP. I developed new features such as a domain renewal reminder and an ADSL number checker. This involved research, design, coding, testing and documentation, using Python, MySQL and Linux. I debugged the preexisting code and audited it for security problems. I found several vulnerabilities caused by design errors and insufficient input validation. I fixed the specific bugs and introduced designs that reduced the possibility of future bugs. I also reviewed the configuration of server software including Apache, BIND, Sendmail and Proftpd to ensure it was both secure and useful to customers.
I was also responsible for the security and availability of the office systems and served as an on-call engineer for our small business customers. This involved configuring small networks with Windows workstations and a Linux server to have web access, email, central file stores and shared printers. The technical knowledge of the customers varied considerably and all solutions had to be appropriate to their level.
2000 - 2001: World Online - Unix Systems Administrator
I worked in a busy NOC, responding to monitoring systems, serving as technical backup for customer services and identifying trouble spots before they became problems. I solved many day-to-day issues, which required continuous learning from manuals, web sources and other staff. This covered several operating systems: FreeBSD, Linux, Solaris, Windows NT and Cisco IOS, and much server software including: Apache, Zeus, Sendmail, Exim, Bind, Cistron Radius and Oracle. I passed on the knowledge I gained by producing documentation and answering questions when managers or other sys-admins came to me. I also developed new systems including tape backups and SMS alerting, using FreeBSD and Perl.
Proactively identifying problems involved using tools like nmap to map the little-documented network and explore it from an attacker's perspective. I also manually investigated the configuration of key systems. I discovered and resolved numerous security issues without affecting the customer experience. In some cases it was necessary to completely reinstall hosts and rewrite control scripts.
1998 - 1999: Data Connection - Software Developer
I worked in the "SNA for Unix" group, which produces a networking toolkit to connect legacy mainframes to TCP/IP networks. I developed various tools to assist with testing and debugging the product. These were primarily coded in C and compiled for AIX, SCO UnixWare, Solaris and HP-UX. My kernel dump analysis tool automated many manual tasks and significantly reduced time spent investigating customer crashes. My regression testing suite provided nightly user simulation testing of main product areas on all platforms.