Experience

Overflow Labs, Inc

• Software Development
• 1 - 100 Employee

• Wearer of Many Hats, Security Researcher

  • Jan 2021 - Present

  San Diego, California, United States Working with a dream team of engineers to help in the creation, management, and security of next generation virtual economies and monetization strategies.



Independent Security Evaluators

• United States
• Computer and Network Security
• 1 - 100 Employee

• Senior Security Analyst, Project Lead

  • Feb 2017 - Jan 2021

  Greater San Diego Area • Advised and performed hands on assessment work with various Fortune 100 clients on meeting security needs in a wide spectrum of software solutions ranging from blockchain trading systems to cloud based content management platforms. • Performed hands on security assessments and discovered over 300+ vulnerabilities of varying severity (from critical to low) on various software solutions, including: - Web Applications - Blockchain Implementations - Smart Contracts - Financial… Show more • Advised and performed hands on assessment work with various Fortune 100 clients on meeting security needs in a wide spectrum of software solutions ranging from blockchain trading systems to cloud based content management platforms. • Performed hands on security assessments and discovered over 300+ vulnerabilities of varying severity (from critical to low) on various software solutions, including: - Web Applications - Blockchain Implementations - Smart Contracts - Financial Software - DRM Implementations - Cloud Computing/Multi-tenant Implementations - Automated Security Software - Multiplayer Games - Password Managers • Developed proof of concepts for various discovered exploits. • Developed custom tools to help discover elusive exploits. • Managed security assessment teams, served as a technical mentor, and led assessment efforts on large projects. • Ensured scope coverage and technical accuracy on security assessments and delivered results to clients. • Led and published multiple research projects dealing with security and exploit development in popular software solutions. • Performed duties as a virtual CISO to help various companies with compliance and high level security needs. • Presented at DEF CON, RSA (2018, 2020). • Invited guest to several security podcasts and panels. Show less



Gold Outfit, LLC

• Software Engineer, Security Researcher

  • Jul 2011 - Feb 2017

  Greater San Diego Area • Research and development of Windows Kernel mode drivers to allow continuous low level process monitoring and provide automatic code flow analysis. • Research and development of low level tools to aid with Windows user mode process control and instrumentation. • Ongoing and continuous involvement in reverse engineering of Windows OS internals and user mode processes. • Developed applications to provide inventory management and access control of virtual commodities. • Developed… Show more • Research and development of Windows Kernel mode drivers to allow continuous low level process monitoring and provide automatic code flow analysis. • Research and development of low level tools to aid with Windows user mode process control and instrumentation. • Ongoing and continuous involvement in reverse engineering of Windows OS internals and user mode processes. • Developed applications to provide inventory management and access control of virtual commodities. • Developed methods to extend and enhance user mode application functionality for distributed computing and collaboration. Show less



Bednarek Consulting, Inc.

• Software Engineer, Security Researcher

  • Jun 2004 - Jul 2011

  Greater Atlanta Area • Research and development of an Intel hardware assisted type 1 bare metal hypervisor to allow proprietary and transparent instrumentation of the Windows OS and its guest processes. • Involved in the implementation and adaption of an open source TCP/IP stack to run in Windows kernel space on top of NDIS. • Developed tools to gather data on fast moving proprietary virtual commodities markets for later analysis and data mining. • Research and development of Windows interrupt dispatching… Show more • Research and development of an Intel hardware assisted type 1 bare metal hypervisor to allow proprietary and transparent instrumentation of the Windows OS and its guest processes. • Involved in the implementation and adaption of an open source TCP/IP stack to run in Windows kernel space on top of NDIS. • Developed tools to gather data on fast moving proprietary virtual commodities markets for later analysis and data mining. • Research and development of Windows interrupt dispatching internals and their use in aiding transparent process control and data instrumentation. Show less



City of Los Angeles

• United States
• Government Administration
• 700 & Above Employee

• Systems Developer

  • Mar 2002 - May 2004

  Greater Los Angeles Area • Took over the development and enhancement of a Cost Purchase Order system running on IIS written in C++/ISAPI with a custom implementation of RFC 765 (FTP) for proprietary automated backups. • Designed and developed a web based human resource management solution for the information systems and technology support department.