Download PDF

Summary

Well-rounded offensive security expert with over 10 years of experience managing and conducting security assessments, street-smart innovative thinker with strong attention to details, good people and leadership skills, effective collaborator and a hands-on contributor, always exploring new research opportunities.

Specialties: Penetration Testing (Web/Net), Security Evaluation (OWASP/OSSTMM/NIST), RedTeam (by-all-means), War-Gaming (blue-team-shakedown), Social Engineering, APTing, Post Exploitation, Advanced D/DoS Simulation, Threat/Malware Analysis, OSINT/CYBINT, Cybercrime & Counterintelligence (Defensive/Offensive CCI).

Work History

Apr 2014Present

Sr. Red Teamer

Cisco

Sr. Performing network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments, effectively communicating findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel, and developing comprehensive and accurate reports and presentations for both technical and executive audiences. Recognizing and safely utilizing attacker tools, tactics, and procedures, developing scripts, tools, and methodologies to enhance red teaming processes, assisting with scoping prospective engagements, leading engagements from kickoff through remediation, mentoring less experienced staff, and provide technical leadership within the cyber security practice and help to grow Cisco's cyber security capabilities and offerings.

Jul 2011Apr 2014

Red Team Leader

CybeRisk Security Solutions

Leading and building a team that provides an advanced full-spectrum penetration testing services, managing project resources, staffing and recruiting, conducting personal and technical interviews, ctf challenges and training, ensuring personnel are fully trained and certified. Intensive research on the latest security trends and techniques, evaluation of new business and technical areas that will Improve and grow company's security capabilities and offerings, and strengthen the red-team and the company position on the market.

Mar 2010Jul 2011

Penetration Tester

CybeRisk Security Solutions
Penetration Tester Performing network penetration testing and manipulation of network infrastructure, mobile and/or web application assessments, email, phone, or physical social-engineering assessments, developing and maintaining security tools, techniques and procedures to facilitate security testing, vulnerability detection, validation and mitigation. 2BSecure
Mar 2009Mar 2010

Application Security Consultant

CybeRisk Security Solutions
2BSecure Application Security Consultant Conducting web application penetration testing by employing simulated adversarial threat-based approaches to expose and exploit vulnerabilities as a means to identify weaknesses and to improve the security posture and operational procedures, configuring web application firewall technology and incident response support handling.
Mar 2007Mar 2009

Malware Analyst

RSA, The Security Division of EMC
Malware Analyst Analysis of a variety of malware types, exploits and infection points, investigation on different types of cybercrime operations targeting financial institutions and supplying advanced analysis of variant threats, mentoring new trojan- analysts and constant maintaining of the reversing-lab.
Mar 2006Mar 2007

Intelligence Analyst

RSA, The Security Division of EMC
Intelligence Analyst Providing information and expertise on the latest threats and cybercrime trends, defending organizations against phishing, pharming, malware and mobile app-based attacks-from detection to shut down-and offer in-depth insight into the latest web threat and fraud intelligence. LANGUAGES English(Full professional proficiency) Hebrew(Native or bilingual proficiency) French(Professional working proficiency).