Welcome to my academic website! Here you can find updates on my academic work, information security research, and blog articles. I'm currently a graduate student at Georgetown University in the Security Studies Program (SSP) at the Walsh School of Foreign Service (SFS). My academic interests are on the intersection of emerging technology and national security, with a specific focus on state-sponsored cyber network operations and cyber operations policy. In addition to my SSP coursework, I'm working towards a certificate in Eurasian, Russian and East European Studies as part of the CERES certification program. Prior to studying at Georgetown, I obtained my undergraduate degree in Security and Risk Analysis at The Pennsylvania State University, where I focused on cyber risk management.
Information Security In Practice
In my professional career I've helped to secure client networks as a cyber risk consultant and penetration tester in Deloitte's Government & Public Services (GPS) practice, and to build modern information systems as a mainframe application developer in Deloitte's Application Modernization (AppMod) practice. In my free time, I develop my vulnerability discovery and exploit development skills through freelance security research and bug bounty programs. Since 2018, I've engaged dozens of software vendors in responsible disclosures for vulnerabilities in open-source projects, web applications, IoT and embedded devices, culminating in being credited with discovery of several common vulnerabilities and exposures (CVEs). Some of my most recent research includes CVE-2021-38701, CVE-2021-3441, and CVE-2021-35956. In 2021, I started the Internet Observatory Project (Obsrva) to coordinate the disclosure of vulnerabilities in IoT and Embedded devices used in critical infrastructure. More of my vulnerability research can be found on my Github.