乔·莱昂
验证专家 in 工程
软件开发人员
乔 currently oversees application security assessments for a small offensive security firm and manages product development and DevOps for a new cybersecurity tool his organization is about to release. 除了, 乔 has provided security training and talks at several major cybersecurity conferences, 尤其是在美国黑帽公司. As a technical problem solver with outstanding communication skills, he is passionate about bridging technical and non-technical audiences.
Portfolio
Experience
Availability
首选的环境
松弛, Python 3, 网络安全, Linux, MacOS, Sublime Text, Bash, GitHub
最神奇的...
...thing I've achieved was founding a SaaS company and selling it. Also, I've delivered training at some of the largest InfoSec conferences throughout the world.
工作Experience
首席应用安全工程师
FortyNorth安全
- Led product development for a new cybersecurity SaaS product. Oversaw a team of three engineers and external consultants while designing the application's architecture and DevOps processes.
- Managed application security assessments and worked on various penetration tests, 包括红队评估, 社会工程活动, 网络渗透测试.
- Developed offensive security training courses and delivered content at security conferences like Black Hat USA/Asia and Wild West Hackin' Fest.
首席技术官
LeadWash
- Developed and built a 瓶-based SaaS business designed to clean CRM data.
- Managed all aspects of product design, development, and marketing.
- Grew the business and gained sufficient market share to demonstrate product value, 导致成功退出.
Experience
LeadWash
Conference Talks and Training Sessions
x33fcon, 2021年5月:什么f#?
GrayHat Con, October 2020: A Practical Introduction to Bypassing Application Whitelisting
Black Hat Asia, September 2020: Intrusion Operations
Wild West Hackin' Cast, September 2020: Offensive MalDocs in 2020
DERPCON, May 2020: Bypassing Application Whitelisting
Pancakes Con, March 2020: Living Off the Land with a Side of Bubble Tea
WW Wild West Hackin' Fest, March 2020: An Introduction to Developing Phishing Malware
Black Hat USA, August 2019: Intrusion Operations
Delivered 网络安全 Training at Black Hat USA
Built Graduate-level Course on Social 工程 and IT安全
课程论文:
All organizations confront social engineering, and most major cyberattacks start with a social engineering infection vector. Any serious cybersecurity professional must understand how social engineering works (on a psychological and technological level) and its fundamental role in network security.
主要学习目标:
Explore the role of trust in society and how social engineers deceive that trust.
Identify how the nature of the internet has enabled social engineering to flourish.
Describe what “human vulnerabilities” allow for social engineering attacks to succeed.
Identify the fundamental psychological principles used by attackers.
Learn how to design effective 社会工程活动.
Study the major social engineering use cases (financial, national security, and political).
Explore how automatic detection of social engineering works.
Identify ways to defend against social engineering (both active and passive).
Predict future social engineering trends.
Skills
工具
松弛, GitHub, Git, Sublime Text, Celery
范例
渗透测试,DevOps
其他
网络安全, App 保护, 国际事务中, 网络, 信息安全, 隐私, Static App 保护 Testing (SAST), IT安全, 安全, 客户关系管理(CRM), Web应用程序, 课程开发 & Delivery, Social 工程, Public Speaking
语言
Python 3, Bash, JavaScript
框架
Django,瓶
平台
Linux, MacOS, Burp Suite, 卡莉Linux, Heroku
行业专业知识
网络安全
库/ api
SQLAlchemy
教育
Master's Degree in 信息安全
纽约大学-纽约,纽约州
Bachelor's Degree in International Relations
Georgetown University - Washington, DC
认证
穿透测试+
前年
进攻的安全 Experienced Penetration Tester
进攻的安全
认证道德黑客
欧洲委员会
进攻的安全 Certified Professional
进攻的安全
安全+
前年
如何使用Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
分享你的需求
选择你的才能
开始你的无风险人才试验
对顶尖人才的需求很大.
开始招聘