I'm a Penetration Tester who performed more than 60 penetration tests across web, API, network, and mobile applications, leading around 20 full-scope engagements and identifying high-impact vulnerabilities such as cross-site scripting, business logic flaws, broken access control, and others included in the OWASP Top 10 and beyond.
I'm involved in the entire penetration testing process:
gathering all the technical information needed for the assessment
making sure that access, test accounts, and documentation are ready before testing begins
performing the actual test or leading the engagement, depending on the project
staying in touch with the client throughout the test to keep them informed about progress and important findings
writing clear and detailed findings, explaining the impact of each issue, and providing remediation guidance
verifying that vulnerabilities have been fixed and that new defenses are working as intended
Performing penetration tests across various industries, including fintech, healthcare, automotive, and management platforms, tailoring assessments to each sector's specific risks and compliance requirements.
Payment systems & financial platforms
Medical systems & patient data
Connected vehicles & systems
Enterprise platforms & tools
I also take part in internal ISO 27001 audits, reviewing clauses and controls to ensure they meet defined requirements and compliance objectives.
In addition to penetration testing, I work as a Pentester Trainer & Mentor at a non-profit organization called The Free Security, where I help others develop their technical skills, understand testing methodologies, and grow within the cybersecurity field.
Web Application Penetration Tester eXtreme
Mobile Application Penetration Tester
Certified Web Exploitation Specialist
Practical Mobile Pentest Associate
APIsec Certified Practitioner
My teammates say I'm the kind of person who doesn't wait to be told what to do, when something needs fixing or improving, I just jump in and get it done. They've noticed I have this habit of spotting ways to make things run smoother, whether it's streamlining our testing process or finding more efficient ways to handle projects.
What seems to stand out to people is that I actually care about the work. I'm not just checking boxes, I'm trying to understand how everything fits together so we can build something better. When there's a complex security assessment or a tricky vulnerability to figure out, I'm the one who gets excited about digging into the details.
Basically, if you need someone who'll take ownership, figure things out quickly, and actually make your team's life easier rather than harder, that's what people say I bring to the table.
When I'm not hunting for vulnerabilities or writing reports, you'll find me exploring new places, getting lost in a good book, or listening to podcasts. I also make time for the gym to stay balanced.
Away from the screen, I value disconnecting, whether that's through travel, quality time with friends, or trying to explain to my family what I actually do for work. It's all about finding that sweet spot between deep focus and genuine downtime.