Conor Rynne - Penetration Tester

Education:

Sheffield Hallam University, Sheffield

Computer Security with Forensics - Graduated in 2016 Masters (MComp) 1st Class Honours

Certifications:

Offensive Security Certified Professional

Cyber Essentials + Assessor

Edx Verified Certificate Introduction to Linux 100%

Experience:

Current Position:

NATIONWIDE BUILDING SOCIETY, Swindon

Initial Role: Security Lead - January 2018 until August 2019 Promoted to: Security Consultant - August 2019 onwards

My work consists of testing critical financial systems for security weaknesses, assessing the threat posed by each finding and relaying this information to affected areas of the business. I have additionally created a number of tools to assist in the detection and reporting of various issues as well as the execution of various processes, using a variety of programming and scripting languages including C#, Python, Powershell and BASH. I also led a number of high profile engagements, including Red Team assignments and tests against sensitive, critical infrastructure.

From this role, I have been provided the opportunity to greatly broaden my technical skillset and approaches to testing, including the setting up and using Command and Control (C2) infrastructure, Android application debugging, custom payload creation as well as learning to use various C2 products including Cobalt Strike, Empire and PoSH.

This role requires me to be flexible in my approach to tasks and workloads, and has provided me with valuable insight into the workings of larger organisations. I have created detailedmethodologydocumentation in order to ease team members into various organisational processes. Additionally this role has allowed me to hone my skills in Python, C# and Powershell.

Previous Roles:

DIGITALXRAID, Doncaster

Penetration Tester - September 2016 until December 2017

Responsible for testing client systems for signs of weakness, assessing potential damages, and documenting findings in client reports. I was additionally responsible for the creation of numerous frameworks and automated toolkits to aid in the testing and reporting phases of assignments. This work required me to learn how to use many important tools bundled with Kali Linux when per- forming penetration tests, including Metasploit, Wireshark, OWASP ZAP, SQLmap, Nmap among many others. I also learned how to create custom Nmap plugins for the purposes of creating automation scripts. From this role, I learned about the importance of quality operational policies through the process of helping to create them. I also learned how to create detailed policy and methodology documentation for the purpose of compliance with external standards. Additionally this role allowed me to hone my skills in Python, BASH, LaTeX and Microsoft Visual Basic for Applications.

PTP CONSULTING LLP, Cambridge

Junior Forensic Analyst - July 2013 until August 2014

My work consisted of finding and examining evidence of breach on client computers, assessing the damage done and documenting such findings in a manner suitable for client review. I often performed off-site work of varying complexity as well as customer-facing work. My year in this organisation taught me the importance of time management and gave me experi- ence in various IT roles, as well as testing my multi-tasking capabilities. This position also provided me with valuable experience in using both Encase and Nuix forensic suites, both of which are industry standard toolkits.

Part Time:

Sheffield Hallam University, Sheffield

Part-Time Lecturer - September 2017 until December 2017

Bar Phoenix, Sheffield

Bar Staff - September 2014 until June 2015

UK Border Agency, Sheffield

Administrative Assistant - March 2013 until June 2013 Sheffield United FC, Sheffield

Matchday Staff - September 2012 until March 2013

Extracurricular Projects:

Android Free Forensic Toolkit (AFFT) - This is a forensic toolkit designed to assist in imaging Android devices and the extraction of data, particularly that pertaining to social media applications.