Candidate name

Cybersecurity Consultant

Philippines

Summary

• Delivered Vulnerability Assessment and Penetration Testing (VAPT) engagements across web applications, mobile platforms, and
enterprise infrastructure for large local and multinational clients, supporting Technology Risk and Cybersecurity service offerings.
• Performed web application penetration testing for a global banking client, identifying OWASP Top 10, access control, and business logic
vulnerabilities through a combination of automated tooling and manual testing.
• Conducted mobile application security assessments for an international life and medical insurance organization, evaluating authentication
mechanisms, API security, data handling, and transport security in line with industry best practices.
• Executed web application and infrastructure vulnerability assessments for a large enterprise property developer, identifying
misconfigurations, exposed services, and privilege escalation risks within complex corporate environments.
• Applied structured testing methodologies tailored to each client’s architecture, regulatory environment, and threat landscape, ensuring
assessment activities aligned with business objectives and risk tolerance.
• Engineered customized exploitation techniques and proof-of-concept demonstrations for high-impact vulnerabilities, equipping clients with
actionable remediation guidance aligned to organizational risk exposure and compliance obligations.
• Developed clear, professional client deliverables, including detailed technical findings and executive-level summaries, translating technical
issues into business-relevant risk insights for management and stakeholders.
• Supported pre-engagement and bid activities by helping design and implement a DevSecOps demo/prototype for a proposed source code
analyzer solution for a large government institution, showcasing the integration of Static Application Security Testing (SAST), Dynamic
Application Security Testing (DAST), and open-source dependency vulnerability scanning within a CI/CD pipeline to demonstrate
automated, shift-left security controls.

Work experience

28/07/2025

Technology Consulting - Penetration Tester

28/01/2025
01/05/2025

Cybersecurity Intern

Education & certifications

01/08/2021
01/06/2025

Bachelor's Degree

Information Technology

Open to relocate

Skills

Cybersecurity Information Security Penetration Testing Vulnerability Assessment Incident Response Risk Management Compliance Identity and Access Management (IAM) Cloud Security Security Operations Center (SOC) Security Awareness Training Nmap DevSecOps Security Risk Assessment Security Compliance Audits Security Incident Management Vulnerability Management Security Risk Management Security Compliance Security Awareness Risk Assessment Security Training & Awareness Security Incident Analysis CI/CD Security Problem Solving Team Collaboration API Security Testing Test Driven Development CI/CD pipelines

You need to log in as an employer to view full candidate details.