Jonathan Mitchell
Red Oak
Summary
Resourceful cybersecurity professional with over 5 years of hands-on experience in penetration testing, ethical hacking, and vulnerability management. Proven track record of identifying and mitigating critical vulnerabilities across web, network, and application systems, delivering measurable security improvements for diverse clients. Skilled in scripting and automation (Python, Bash), with a growing focus on embedded systems security through self-directed projects and research. Actively pursuing DoD 8570 IAT/IAM Level II certification (CISSP) by Q3 2025 to meet program requirements. Eager to apply my expertise in threat analysis and risk mitigation to support Lockheed Martin’s mission of securing embedded DoD systems.
Overview
5
5
years of professional experience
Work History
Penetration Tester
Upwork
12.2022 - Current
- Conducted penetration tests for clients in tech, finance, and e-commerce, identifying and mitigating critical vulnerabilities (e.g., XSS, SQL Injection, privilege escalation)
- Developed custom Python and Bash scripts to automate reconnaissance and vulnerability scanning, reducing testing time by 40% and enabling more in-depth analysis
- Performed hybrid testing (manual and automated) to simulate advanced threats, delivering actionable countermeasures that reduced client risk exposure
- Analyzed network traffic and logs using Wireshark and Nmap to detect misconfigurations and insider threats, ensuring compliance with PCI DSS and HIPAA
- Authored detailed technical reports and executive summaries, earning a 100% client satisfaction rating across projects for clear communication and strategic insights
Ethical Hacker
Bugcrowd
02.2020 - 12.2022
- Executed vulnerability assessments and penetration tests on web, mobile, and IoT platforms, responsibly disclosing critical bugs, including high-impact vulnerabilities
- Specialized in manual exploitation of OWASP Top 10 and SANS Top 25 vulnerabilities, consistently identifying issues missed by automated tools and reducing remediation time by 25%
- Developed open-source Python tools for automated bug hunting and exploiting
- Collaborated with client security teams to validate fixes for reported vulnerabilities, ensuring compliance with industry standards and contributing to a improvement in client security posture
- Leveraged reconnaissance techniques (e.g., subdomain enumeration, OSINT, and fuzzing) to expand attack surfaces, identifying critical misconfigurations and API vulnerabilities that strengthened client systems against real-world threats
Education
Some College - Information Technology
Dallas College
Dallas, TXSkills
- Penetration Testing
- Ethical Hacking
- Vulnerability Management
- Risk Assessment
- Threat Modeling
- Countermeasure Implementation
- Python
- Embedded Systems Security
- Firmware Analysis
- Compliance Frameworks
- PCI DSS
- HIPAA
- NIST SP 800-53
- Kali Linux
- Technical Writing
- Problem-Solving
- Adaptability
- Teamwork
- Strategic Thinking
Security Clearance
Eligible for DoD Secret Security Clearance
Personal Information
Citizenship: U.S. Citizen
Timeline
Penetration Tester
Upwork
12.2022 - Current
Ethical Hacker
Bugcrowd
02.2020 - 12.2022
Some College - Information Technology
Dallas College
Similar Profiles
OLANIYI BELLOOLANIYI BELLO
Freelance Business Data Analyst at UpworkFreelance Business Data Analyst at Upwork
NODARI GENGASHVILINODARI GENGASHVILI
CSS Bug Fixing & Front-End Developer | Freelance at UpWorkCSS Bug Fixing & Front-End Developer | Freelance at UpWork
Narayan GiriNarayan Giri
Web developer at UpworkWeb developer at Upwork
Christa DorChrista Dor
Freelance Video Editor at UpworkFreelance Video Editor at Upwork
Cesar NdCesar Nd
Wage and Hour Investigator (WHI) - Series: 1849, Plan-Grade: GS – 11 at U.S. Department of Labor – Wage and Hour Division (WHD)Wage and Hour Investigator (WHI) - Series: 1849, Plan-Grade: GS – 11 at U.S. Department of Labor – Wage and Hour Division (WHD)