Hi! I'm Mark

I am an experienced penetration tester and application security leader specializing in offensive security, security consulting, presales, and application security strategy across the following areas:

• Web applications
• Mobile applications (Android & iOS)
• Desktop applications
• APIs, SDKs, and Web Services
• Cloud and SaaS platforms
• Microservices and containerized applications
• Serverless and distributed applications
• AI-enabled platforms, integrations, and emerging technologies

Over the years, I have led application security initiatives, offensive security programs, and large-scale security assessments to strengthen security posture and reduce organizational risk.

Experience:

• Strategic Leadership: Defining methodologies, creating tooling and workflows, and establishing best practices across offensive security and application security programs.
• Security Consulting & Advisory: Principal-level application security leader and trusted advisor across web, mobile, cloud, API, AI, and enterprise security initiatives.
• Presales & Customer Engagement: Supporting engagements from discovery and scoping through technical strategy, executive communication, delivery, and long-term customer success.
• Team Leadership & Mentorship: Leading and mentoring penetration testers and security consultants through hiring, onboarding, escalations, technical enablement, and quality assurance across distributed teams.
• Application & Platform Security: Assessing APIs, OAuth integrations, SaaS platforms, cloud-native applications, AI-enabled workflows, and distributed architectures.
• AI & Emerging Technologies: Evaluating AI-enabled applications and integrations while helping organizations understand emerging attack surfaces and security risks.
• Comprehensive Security Assessments: Leading external, internal, application, cloud, red team, and physical security assessments including attack path analysis, remediation guidance, and executive reporting.
• Cross-Functional Collaboration: Partnering with engineering, product, architecture, operations, and security teams to improve remediation efforts and secure development practices across complex environments.

I focus on combining deep technical expertise with leadership to help organizations build scalable and effective security programs.

Here are some stats about the languages I use in my repositories: