Description

I’m a Senior Offensive Security Consultant with over 10 years of hands-on experience in penetration testing and security consulting.

I started my career in network security, working on secure architectures and Cisco-based environments, which gave me a strong foundation in secure infrastructure and defensive controls. Over time, I transitioned fully into offensive security, where I’ve spent the last several years focusing on end-to-end penetration testing across web applications, APIs, and enterprise infrastructure.

Languages

Romanian
Native or bilingual
English
Fluent

Workplace preferences

Remote only

Primarily works remotely

Raiffeisen Bank
Penetration Tester
July 2022 - Today (3 years and 11 months)
Independently deliver comprehensive offensive security services across multiple technology stacks, providing attack surface visibility and risk mitigation strategies for critical banking infrastructure.

Key Achievements &
• • Conduct independent penetration tests across web applications, client applications, and infrastructure using black-box, gray-box methodologies
• • Perform attack surface discovery and monitoring, identifying exposed assets and
tracking changes in security posture over time
• • Assess and prioritize vulnerabilities based on exploitability, business impact, and threat
intelligence
• • Deliver detailed penetration testing reports with clear technical risk assessments, attack
paths, and actionable remediation guidance
• • Present complex security findings to management and technical stakeholders, translating vulnerabilities into business risk
• • Provide hands-on technical consulting to development teams on vulnerability remediation and secure coding practices
• • Validate remediation efforts through structured re-testing and confirmation of security control effectiveness Technical Impact:
• • Successfully identified and documented critical vulnerabilities across diverse technology environments
• • Established repeatable testing methodologies for consistent engagement delivery
• • Built strong collaborative relationships with engineering teams for effective remediation
Penetration Testing Cybersecurity IT-Security Vulenrability Management
SecureWorks
Penetration Tester
July 2018 - July 2022 (4 years)
Services

Delivered end-to-end offensive security services for multiple enterprise clients, focusing on application and network security assessments with emphasis on attack surface management and continuous vulnerability tracking.

Key Achievements & Responsibilities:
• • Planned and executed internal/external penetration tests independently, managing full
engagement lifecycle from scoping to delivery
• • Conducted comprehensive web application testing identifying vulnerabilities including XSS, SQL injection, directory traversal, and command injection.
• • Performed API security assessments, discovering exposed endpoints and testing authentication mechanisms
• • Utilized both automated scanning tools and manual testing techniques to identify security vulnerabilities across diverse attack surfaces
• • Discovered and inventoried external-facing assets, tracking exposure changes and identifying unmanaged infrastructure
• • Documented vulnerabilities with detailed technical analysis, attack scenarios, and supported asset owners in defining corrective actions
• • Reviewed and analyzed vulnerability scan data to identify true positives, reduce false positives, and assess real-world exploitability
• • Classified, prioritized, and tracked vulnerabilities, focusing on business risk and
exploitability
• • Provided ongoing technical consulting to development teams on secure design principles, platform security choices, and remediation strategies
• • Communicated complex security risks and remediation approaches to both technical and non-technical audiences
• • Developed custom automation scripts to streamline vulnerability discovery, asset
inventory, and reporting processes
Technical Impact:
• • Managed multiple concurrent client engagements with consistent quality and timely delivery
• • Built reusable testing frameworks and automation tools adopted across security team
• • Reduced false positive rates through systematic vulnerability validation processes
Penetration testerr IT-Security Cybersecurity
T-Mobile / BMW
Penetration Tester
July 2020 - December 2023 (3 years and 5 months)
Specialized engagement delivering in-depth security assessments across complex environments, with particular focus on SharePoint platforms and custom application security.

Key Achievements & Responsibilities:
• • Performed specialized security testing across diverse systems including SharePoint, web applications, .NET and Java client applications, and infrastructure components
• • Conducted gray-box assessments with source code review and architecture analysis
• • Assessed vulnerabilities in complex enterprise applications and recommended appropriate security controls and remediation measures
• • Prepared comprehensive penetration testing reports with clear attack paths, technical risk assessments, and prioritized remediation guidance
• • Presented findings to management and technical stakeholders, facilitating understanding of security implications
• • Provided expert technical consulting to engineering teams on vulnerability remediation
strategies and secure development practices
• • Validated remediation efforts through thorough re-testing and confirmation of security improvements Technical Impact:
• • Successfully operated in long-term contract capacity, demonstrating reliability and consistent delivery quality
• • Identified critical vulnerabilities in custom enterprise applications preventing potential data breaches
Penetration Testing IT-Security Application Security