Khalim Cisse
Willowboro
Summary
Dynamic cybersecurity professional with a proven track record at HackerOne, excelling in vulnerability remediation and risk assessment. Skilled in Python and Burp Suite, I automate security processes and enhance team collaboration. Passionate about driving impactful security improvements, I leverage my expertise to protect systems and empower organizations against threats.
Overview
3
3
years of professional experience
1
1
Certification
Work History
Product Security Analyst
HackerOne
12.2023 - Current
- Triaged and reproduced vulnerabilities, assessing severity and risk using CVSS metrics and threat modeling.
- Coordinated with engineering teams to drive vulnerability remediation and ensure adherence to SLAs.
- Wrote detailed technical assessments and reports to support remediation efforts and program performance.
- Utilized AppSec tools including Burp Suite, Frida, and Ikido for static and dynamic security testing (SAST/DAST).
- Automated reporting workflows and risk metrics using Python and SQL for improved triage visibility.
- Supported operational tracking of security incidents and contributed to process improvement initiatives.
Bug Bounty Researcher
Self-Employed: Hackerone/Bugcrowd
01.2022 - Current
- Discovered and reported web vulnerabilities including XSS, SQLi, CSRF, SSRF, and LFI through responsible disclosure.
- Practiced secure coding principles and refined workflows for vulnerability identification using Burp Suite and custom tools.
- Built automation scripts to streamline reconnaissance and payload testing.
- Continuously improved understanding of OWASP Top 10, attack vectors, and bug bounty methodologies.
Associate Cybersecurity Penetration Tester
CliftonLarsonAllen (CLA)
06.2022 - 07.2023
- Performed internal and external penetration testing, vulnerability assessments, and social engineering simulations.
- Executed phishing campaigns using Gophish, uncovering user-based vulnerabilities.
- Conducted Windows Active Directory attacks including Kerberoasting, ADCS abuse, and privilege escalation.
- Produced CVE-based reporting and coordinated remediation planning with clients.
- Delivered consultative insight into cybersecurity gaps using CVSS and NVD frameworks.
- Improved vulnerability tracking processes using Nessus and scripting automation techniques.
Education
Master of Science - Cybersecurity and Information Assurance
Western Governors University
04.2026
Bachelor of Science - Cybersecurity and Networks
University of New Haven
05.2021
Skills
- Python
- SQL
- Vulnerability Remediation
- SLA Tracking
- OWASP Top 10
- CVSS
- SAST/DAST
- Nessus
- Burp Suite
- Metasploit
- Penetration Testing
- Frida
- Network Security
- GitHub Security
- Security Automation
- Risk Metrics
- Linux/Kali
- Wireshark
- Snort
- ExploitDB
- Bash
- AppSec
- Gophish
- Security Reporting
Certification
- Certified in Cybersecurity (CC) by ISC2 July 2024
- PENTEST+ by COMPTIA. April 2023
Timeline
Product Security Analyst
HackerOne
12.2023 - Current
Associate Cybersecurity Penetration Tester
CliftonLarsonAllen (CLA)
06.2022 - 07.2023
Bug Bounty Researcher
Self-Employed: Hackerone/Bugcrowd
01.2022 - Current
Master of Science - Cybersecurity and Information Assurance
Western Governors University
Bachelor of Science - Cybersecurity and Networks
University of New Haven
Similar Profiles
Khalim CisséKhalim Cissé
Product Security Analyst at HackerOneProduct Security Analyst at HackerOne
Alyona VysotskaAlyona Vysotska
Senior Product Manager at HackerOneSenior Product Manager at HackerOne
ORI LEVIORI LEVI
Bug Hunter at HackerOneBug Hunter at HackerOne
Linda SmallLinda Small
Night Auditor & Front Desk Associate at Courtyard by MarriottNight Auditor & Front Desk Associate at Courtyard by Marriott
Daniel Di CarloDaniel Di Carlo
Product Security Analyst at Early Warning ServicesProduct Security Analyst at Early Warning Services