Summary
Overview
Work History
Education
Certification
Software
Work Availability
Timeline
Projects
Generic
Elliot P. A. Killick

Elliot P. A. Killick

Security Engineer & Researcher
Toronto,ON

Summary

Professional software engineer and information security specialist with 4+ years of experience in designing and programming secure computer systems. Software engineer and cybersecurity experience, including Royal Bank of Canada, University of Toronto and Questrade. Competent in designing proactively secure software collectively earning 1000+ stars on GitHub. Well-versed in swiftly examining tens of thousands of security events from 8000+ of endpoints nationally. Extremely passionate about the application security field with multiple successful open source projects, high quality security research, and a technical blog. A talk (in Europe) was presented in dedication to one of the open source projects I created. Successfully discovered and exploited critical (CVSS 10.0) RCE zero day vulnerabilities in real applications receiving 10K+ CAD in bounties on HackerOne. Some of a bachelor's degree (Honours) in Networking & Information Technology Security. Passed the CISSP exam earning the Associate of ISC2 certificate. Enjoys problem solving and working with others.

.

GitHub: https://github.com/ElliotKillick

Technical Blog: https://www.elliotkillick.com

Overview

4
4
years of professional experience
2
2
Certificates

Work History

Application Security Consultant

Royal Bank Of Canada (RBC)
09.2023 - Current
  • Leading RBC in securing their open source dependencies and supply chain as the second member of this new platform
  • Collaborating with my immediate operational team members and worldwide as part of the Global Cyber Security (GCS) team at Canada's #1 largest bank to provide application security expertise
  • Supporting organizational stakeholders, including executives, project managers, developers, and technicians, with finding the best solution to securing their applications
  • Delivering outstanding service to enterprise clients to maintain and extend relationships for future business opportunities
  • Leveraging my combined application security and penetration testing experience to discover two critical vulnerabilities in internal RBC applications and then reporting them with the recommended fix and defense in depth mitigations to bolster RBC's security posture

Software Engineer, Security

Open Source
07.2019 - Current
  • Programming new systems with a secure design philosophy that eliminate entire classes of vulnerabilities at a time to help maintain Qubes OS's reputation as the #1 most secure personal computer operating system
  • Writing highly maintainable, solid code for Linux and Windows systems forming core framework the quality and conciseness of which has been the praise of other experienced developers (including Google, Microsoft, Meta, and Let's Encrypt employees)
  • Preforming reverse engineering on Windows components in order to develop innovative new projects
  • Creating automation software that's collectively saved many people countless hours of invaluable time

Teaching Assistant - SCS Cybersecurity Boot Camp

University of Toronto
02.2021 - 03.2022
  • Teaching skills applicable to certifications such as the CompTIA Security+, Network+, Linux+, Server+, Cloud+ and Certified Ethical Hacker (CEH)
  • Arming students with experience on a host of popular security and penetration testing tools such as Burp Suite, Metasploit, Nessus, Wireshark, Splunk, Kali Linux and more
  • Empowering a class of 24+ students by teaching them scripting languages for them to go off and make their own tools with
  • Equipping learners with knowledge of system administration and security hardening techniques for Windows (e.g. server configuration, Active Directory and Kerberos) and Linux systems
  • Educating students about principles of secure network design and cloud security as well as how to implement them in practice
  • Familiarizing students with tactics and methodologies for finding vulnerabilities in real world settings as part of their offensive security training

Security Analyst (Contract)

Questrade
09.2021 - 12.2021
  • Remediating tens of thousands of vulnerabilities across thousands of Questrade endpoints all across Canada
  • Analyzing, reporting, and acting upon suspicious findings and incidents gathered from the organization's Trend Micro Apex One EDR, Palo Alto NGFW, Rapid7 InsightVM network vulnerability scanner, and more
  • Searching the Questrade technological landscape for blind spots in detection and patching them in order to better secure Canada's #1 largest discount broker

Programming Tutor (Volunteer)

Durham Catholic District School Board
11.2019 - 01.2020
  • Performed one-on-one programming mentoring of a third-year student after school in cooperation with a guidance counselor and two teachers including the teacher for the Introduction to Computer Science course the student was taking
  • Learned to breakdown programming and computer science concepts into fundamental bite-sized components to ease student comprehension

Education

Bachelor's Degree Information Technology (Honours) - Networking And Information Technology Security

Ontario Tech University
Oshawa, ON
2020.09 - 12.2021

Certification

Associate of ISC2, ISC2

Software

Cybersecurity

Software Development

Computer Networking

Threat Modeling

Static Application Security Testing (SAST) / Dynamic Application Security Testing (DAST)

Security Information and Event Management (SIEM)

Splunk

Reverse Engineering (IDA, Ghidra, WinDbg & GDB)

Digital Forensics and Incident Response (DFIR)

Trend Micro Apex One Endpoint Detection and Response (EDR)

Palo Alto Next-Generation Firewall (NGFW)

Rapid7 InsightVM Network Vulnerability Scanner

Wireshark

GNU/Linux and Unix Operating Systems

Windows and Windows Server

OpenBSD

Amazon Web Services (AWS)

Microsoft Azure

Cisco Routers

Agile Methodologies

Object-Oriented Programming (OOP)

C

Rust

C

Python

Java

NET

Bash

PowerShell

Git

Docker

SQL Databases

DevOps

Continuous Integration and Continuous Delivery (CI/CD)

Chess (Hobby)

Work Availability

monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Timeline

Application Security Consultant

Royal Bank Of Canada (RBC)
09.2023 - Current

Associate of ISC2, ISC2

08-2023

Certified Information Systems Security Professional (CISSP) Training Course, Cybrary

09-2022

Security Analyst (Contract)

Questrade
09.2021 - 12.2021

Teaching Assistant - SCS Cybersecurity Boot Camp

University of Toronto
02.2021 - 03.2022

Programming Tutor (Volunteer)

Durham Catholic District School Board
11.2019 - 01.2020

Software Engineer, Security

Open Source
07.2019 - Current

Bachelor's Degree Information Technology (Honours) - Networking And Information Technology Security

Ontario Tech University
2020.09 - 12.2021

Projects

I program and maintain multiple successful open source projects on GitHub.


LdrLockLiberator

  • A first of its kind offensive security project for performing clean & universal DLL hijacking

Mido

  • Fully automated and secure Microsoft Windows Downloader that works using Microsoft's reverse engineered downloading API
  • The first implementation of this tool built for Unix platforms
  • Used by some of the top companies including Big Tech as a helpful gadget in their CI/CD pipelines

Qvm-Create-Windows-Qube

  • Brings unattended Windows installation to Qubes OS similar to what VMWare Workstation Pro has with the Windows "Easy Install" feature but open source and freely available
  • Emphasizes correctness, security and treating Windows as an untrusted guest operating system
  • Very well received by the small but passionate Qubes OS community gaining contribution from senior and core developers within Qubes OS
  • Proudly ranked in the top 10 on the front page of Hacker News as well as 1st place for Show HN

Qubes Video Companion

  • Securely stream webcams and share screens across virtual machines
  • A talk about this project was given in Qubes OS Summit 2022 (Europe): https://cfp.3mdeb.com/qubes-os-summit-2022/talk/JKWNGD/

Security Research

  • Discoveries I've made through my security research have amassed lots of popularity on X/Twitter (many thousands of Likes and Retweets overall) from respected individuals and organizations in the information security scene

Hacking Challenges

  • Solved many highly regarded hacking challenges in the information security scene including Nebula and Protostar from Exploit Education, hard difficulty VulnHub VMs, and more
  • See my LinkedIn for more details

Similar Profiles

CREATE PROFILE
Elliot P. A. KillickSecurity Engineer & Researcher