
Cloud Security Engineer
Send a job offer directly to this candidate
Aspiring Penetration Tester and Red Team Operator with hands-on experience in offensive security, vulnerability assessment, and cloud infrastructure exploitation. Actively developing red team skills through daily HackTheBox practice, PortSwigger Web Security Academy, and Active Directory attack simulation labs. Proficient in network reconnaissance, web application exploitation (OWASP Top 10), and post-exploitation methodology.
Currently pursuing eJPT certification with OSCP as the next target. Seeking a Penetration Tester or Red Team role to apply offensive skills in a professional environment.
CyberDojo — Cloud Security Engineer January 2025- Present ● Conducted penetration testing and vulnerability assessment on AWS cloud environments, identifying 15+ critical and medium severity vulnerabilities with CVSS scoring, exploitation documentation, and remediation guidance. ● Performed offensive security assessments targeting AWS IAM misconfigurations, overly permissive security groups, and exposed services — simulating attacker TTPs aligned with MITRE ATT&CK. ● Exploited insecure encryption controls and access management flaws across cloud workloads, producing detailed attack narratives and risk-based remediation reports for stakeholders. ● Deployed Wazuh SIEM for real-time threat detection and log analysis, then validated detections by simulating attack scenarios to test alerting fidelity ● Automated offensive security checks using Python scripting, reducing manual reconnaissance effort and improving vulnerability discovery coverage.
Coders — UI/UX Graphic Designer Intern June 2024 - July 2024 ● Designed responsive web interfaces with a focus on secure design principles, reducing user-related vulnerabilities and improving usability. ● Collaborated with developers to ensure secure and consistent implementation of frontend components. Null Class — Penetration testing Intern March 2024 - May2024 ● Performed penetration testing on live web applications, identifying and documenting critical vulnerabilities including SQL injection and authentication bypass. ● Executed vulnerability assessments using industry-standard tools, improving threat detection accuracy and reducing potential exploitability by 20%. ● Produced exploitation proof-of-concept reports with remediation recommendations, directly strengthening the application security posture.
Bachelor of Engineering in Computer Engineering – Sal Engineering and Technical Institute (2021-10 – 2025-07)