Leroyal Stevenson
Fairburn,GA
Summary
Adaptable professional with 10+ years of IT Security experience, knowledge of leadership, problem-solving skills, and workflow prioritization. I'm aiming to leverage my abilities to successfully obtain a rewarding career at your company
Overview
10
10
years of professional experience
1
1
Certification
Work History
Penetration Tester
Cognizant, Inc.
11.2022 - 09.2024
- Perform External Penetration Tests on Cognizant external endpoint
- Conduct vulnerability scanning regularly on external endpoints to monitor possible changes in the Cognizant attack surface
- Creating penetration testing reports
- Mentored junior team members in best practices for ethical hacking and penetration testing techniques, fostering professional growth among colleagues.
- Collaborated with external vendors to perform penetration tests on network devices, operating systems and databases.
- Created comprehensive documentation outlining test processes, results, and recommended actions for client review.
Lead Penetration Tester/Security Engineer
American Family Insurance
09.2020 - 11.2022
- Designed tests and tools to assess security-protected applications and networks to probe for vulnerabilities.
- Assisting with establishing TTPs and updating of processes and procedures
- Conducting PCI compliance assessments
- Continuously refined penetration testing methodologies in response to evolving threats and client feedback, ensuring ongoing relevance and effectiveness.
- Analyzed security policies for usefulness and value to suggest security policy improvements.
- Collaborated with development teams to integrate secure coding practices, improving overall application security.
- Provided detailed reports on findings and recommendations for improvement, guiding clients towards more secure systems.
Cyber Security Lead
Deloitte Digital
05.2020 - 09.2020
- Reviewed incident reports thoroughly, taking corrective actions where necessary to improve overall security performance.
- Collaborated with development teams to establish clear test objectives, ensuring alignment with project goals.
- Defined testing and acceptance strategies and determined quality assurance benchmarks.
- Established a culture of continuous improvement within the testing team, fostering professional growth and skill development.
- Updated ongoing testing procedures for software to account for changes resulting from post-release patches.
- Identified areas for process improvement within the testing lifecycle, leading to reduced time-to-market for products.
Senior Security Engineer III/Penetration Tester
Honeywell Inc.
03.2019 - 05.2020
- Conducted various assessment-types for systems, prior to release.
- Aided in recommendation for vulnerabilities discovered during engagements
- Assisting with the creation of team TTPs and guidelines, utilized by the broader team.
- Working with security architects to conduct threat modeling efforts.
- Held regular discussions with prominent stakeholders and management, pertaining to overall security controls for the broader organization.
- Conducted regular audits of IT infrastructure, ensuring compliance with industry standards and regulatory requirements.
- Evaluated emerging security technologies and made recommendations for implementation in alignment with company objectives.
Red Team Member / Penetration Tester
Equifax
05.2018 - 12.2018
- Utilized threat intelligence to uncover adversary tactics and motives, and to predict likelihood attack types.
- Evaluated the organization's security posture, including people, processes, and technology.
- Wrote detailed technical reports, as well as high-level executive reports for various assessments.
- Held "after-action" meetings demonstrating vulnerabilities and discussing remediation efforts and timelines.
- Helped to develop POCs for zero day vulnerabilities and scripts to aid operators with tasks that can be automated, thus making engagements more efficient.
- Conducted assessments on a variety of technologies, including thick-clients, thin-clients, web applications, wireless networks, and APIs.
Senior Red Team Operator
IIT Corporation Services LTD
11.2016 - 05.2018
- Tasked as a SME for penetration testing and vulnerability analysis and conducting adversarial assessment and against various technologies
- Updated TTPs, assist in revamping of policies and procedures, and giving expert opinion on each matter
- Conducted code review and vetting new solutions for Red Teams to use
- Identified new threat tactics, techniques and procedures used by cyber threat actors
- Communicated vulnerability information to key stakeholders and upper management
Product Penetration Tester
Hewlett Packard Enterprise Security
02.2016 - 10.2016
- Create test cases of exploited products, in order to present to development teams
- Conduct (SCA) Static Code Analysis on products to highlight possible vulnerabilities in code, prior to penetration testing
- Conduct round-table discussions with product teams, in order to plan mitigation of discovered vulnerabilities in HPE products
- Wrote audit reports to communicate technical and procedural findings and recommended solutions
- Updated corporate policies to improve cyber security
Security Analyst
MetroSystemsInc. (Supporting Homeland Security)
10.2015 - 02.2016
- Reviewing and triaging events in real time
- Investigating suspicious network events for possible system breaches or policy violations
- Conducting regular reports and demonstrating evidence to the team lead and the CISCO
- Configuring host-based tools (I.e
- Virus software, vulnerability management software, etc.) to properly detect and block possible attacks, as part of defense in depth
- Research of attack vectors, threat tactics, and attacker techniques in order to thwart possible attacks
- Continually test DMZ network to ensure that external threats cannot compromise it
Security/Network Administrator II
Bowhead Corporation (Supporting the US Army)
08.2014 - 10.2015
- Utilize ACAS Vulnerability Scanner for the purpose of resolving network vulnerabilities and reporting them to the security team
- Patch and Update Systems, based on CVEs reported by Vulnerability Scanners
- Install and configured various host network and software applications, including Office apps, antivirus, and general applications
- Configure Active Directory OUs to reflect the necessary permissions and roles as needed for end-users
- Physical troubleshooting of laptops, desktops, printers, and servers
- Imaging hosts and utilizing (STIG) Security Technical Implementation Guides to harden network hosts/devices
Education
Bachelor of Science -
ITT Technical Institute
03.2015
Skills
- Bloodhound
- Information Systems Security
- Kali Linux
- Regulatory Compliance
- Writing
- Bash (Scripting Language)
- Metasploit
- Linux
- Social Engineering
- Consulting
- Secret Clearance
- Amazon Web Services
- Python (Programming Language)
- Information Systems
- Offensive Security
- Burp Suite
- Active Directory
- Code Review
- Demilitarized Zones (DMZ)
- Vulnerability Assessments
- Imaging
- Research
- Vulnerability Scanning
- Management
- Information Technology
- Phishing
- Presentations
- Mitigation
- Troubleshooting (Problem Solving)
- Vulnerability
- Peripheral Component Interconnect (PCI)
- SonarQube
- Security Controls
- Cyber Security
- Penetration Testing
- Web Applications
- Vulnerability Management
- Application Programming Interface (API)
Certification
- 02/18, (OSCP) Offensive Security Certified Professional
- 11/19, (CISSP) Certified Information Systems Security Professional
- 02/24, (CAP) Certified AppSec Practitioner
- 05/23, (AZ-900) Microsoft Certified Azure Fundamentals
- 04/23, Amazon Web Services Cloud Practitioner
Timeline
Penetration Tester
Cognizant, Inc.
11.2022 - 09.2024
Lead Penetration Tester/Security Engineer
American Family Insurance
09.2020 - 11.2022
Cyber Security Lead
Deloitte Digital
05.2020 - 09.2020
Senior Security Engineer III/Penetration Tester
Honeywell Inc.
03.2019 - 05.2020
Red Team Member / Penetration Tester
Equifax
05.2018 - 12.2018
Senior Red Team Operator
IIT Corporation Services LTD
11.2016 - 05.2018
Product Penetration Tester
Hewlett Packard Enterprise Security
02.2016 - 10.2016
Security Analyst
MetroSystemsInc. (Supporting Homeland Security)
10.2015 - 02.2016
Security/Network Administrator II
Bowhead Corporation (Supporting the US Army)
08.2014 - 10.2015
Bachelor of Science -
ITT Technical Institute
Similar Profiles
Janardhanan PerumalsamyJanardhanan Perumalsamy
Sr. Executive Support at Cognizant technology Solutions, Cognizant Technology SolutionsSr. Executive Support at Cognizant technology Solutions, Cognizant Technology Solutions
Prathyusha DamarlaPrathyusha Damarla
Associate at Cognizant Technologies SolutionsAssociate at Cognizant Technologies Solutions
UMANG SHROFFUMANG SHROFF
Senior Process Executive - Data at Cognizant Technology SolutionsSenior Process Executive - Data at Cognizant Technology Solutions
Brandi WalkerBrandi Walker
Sr. Human Resources Manager at DP WorldSr. Human Resources Manager at DP World
JESSICA WINGJESSICA WING
Courier at FedEx ExpressCourier at FedEx Express