Oscar Damico
Summary
Penetration Tester with 3 years of experience recommending long-term solutions to gaps in software defenses. Collaborative and analytical team player with a breadth of knowledge in various information security domains.
Overview
4
4
years of professional experience
Work History
Information Security Consultant
DigitalDefence
Toronto, ON
07.2021 - Current
- Performed penetration tests on networks and web applications to identifying critical security flaws. Also delivered recommendations for enhancements to IT security environments to prevent any identified attacks.
- Participate in post-testing review sessions with key personnel to present test results and findings.
- Identified and resolved a wide range of technical issues for clients, demonstrating strong problem-solving skills and a client-centric approach.
- Provided technical guidance to other team members on various aspects of information security testing techniques.
Junior Systems Security Analyst
TMX Group
Toronto, ON
05.2020 - 08.2020
- Analyzed results from Nexpose to provide meaningful data to the Security Operations Centre (SOC)
- Designed and executed phishing tests across multiple sites to assess the organization's security awareness
- Later presented all findings to key stakeholders and documented results in order to facilitate further testing
- Provided key metrics to review the organization's security posture as a whole during the security maturity assessment.
Education
Honours Bachelor of Informatics And Security -
Seneca College
Toronto05.2021
Skills
- Penetration Testing
- Network Security
- Mitre ATT&CK Framework
- Virtualization
- Best Practices Implementation
- Regulatory Compliance
- Linux Server
- Risk Mitigation
- Reporting and Documentation
Skills And Services
- Penetration testing and vulnerability assessments using Kali Linux, Nessus, Burp Suite.
- Scripting and automation using Python, Bash, and Powershell.
- Cloud security assessments of AWS IAM, and Microsoft 365.
- Creation, and management of cloud servers, particularly to aid in security testing activities.
- Extensive experience with both bare metal and software-based hypervisors, including: VMware Workstation/ESXi, Proxmox VE, Hyper-V, QEMU. Leveraged Docker and LXC for containerization.
- Knowledge of TCP/IP protocols such as HTTP, HTTPS, DNS, ICMP, etc., Analyzing network traffic with Wireshark, Tcpdump, and Tshark. Common networking applications such as Putty, RDP, Active Directory, SQL Server.
- Worked with network and host-based IDS, XDR, antivirus, firewall, SIEM, and WAF products.
- Knowledge of vulnerability assessment frameworks such as Mitre ATT&CK, OWASP Top 10, and ISO 27002.
- Certified eJPT, currently pursuing Offensive Security Certified Professional (OSCP).
Languages
English
Native/ Bilingual
Spanish
Native/ Bilingual
Timeline
Information Security Consultant
DigitalDefence
07.2021 - Current
Junior Systems Security Analyst
TMX Group
05.2020 - 08.2020
Honours Bachelor of Informatics And Security -
Seneca College
Similar Profiles
YASH SHUKLAYASH SHUKLA
Information Security Consultant at StickmanCyberInformation Security Consultant at StickmanCyber
Gavin WheelerGavin Wheeler
Information Security Consultant at Morning ConsultInformation Security Consultant at Morning Consult
RAMASUBRAHMANYAM SODASANIRAMASUBRAHMANYAM SODASANI
INFORMATION SECURITY CONSULTANT at COGNIZANT TECHNOLOGY SOLUTIONSINFORMATION SECURITY CONSULTANT at COGNIZANT TECHNOLOGY SOLUTIONS