For the better part of the last decade I have been involved in software security. I graduated from Abertay University with a BSc (Hons) in Ethical Hacking and Countermeasures. In parallel with my studies, I started out my professional career as a web developer with some joint security responsibilities at an amazing Scottish web design studio, MTC Media. Upon my graduation, I moved to London to become a full time security consultant at Cigital, later acquired by Synopsys Software Integrity Group. After 6 years there, I moved to the security research team at NowSecure.
My primary domain is reverse engineering and understanding low-level things. This includes IoT, embedded devices and Android. I maintain multiple virtualized environments for lab/work purposes, which means I constantly jump around between Ubuntu, Windows and a variety of Linux/BSD derivatives. No Solaris though, sorry to disappoint the UK government.
As a consultant, I frequently got involved in penetration testing of all possible flavours, architecture risk assessments and teaching security courses. I am a holder of the CREST Registered Penetration Tester (CRT PEN) certification.
Currently I help build best-in-class mobile application security testing products.
You can get in touch via LinkedIn.
I do have accounts on GitHub/GitLab, but due to corporate IP clauses most of the code I write never ends up being published. The little that did go public is listed on the corresponding page.
Some years ago I spoke at B-Sides London and got voted rookie of the year. Sadly, I haven’t had the time to do so again after entering the industry - too much work :)