As a full-time bug bounty hunter, I have been able to help secure some of the biggest companies around the world. With the freedom that this role has provided, I have fine-tuned my offensive security skills finding vulneraries and building exploits for web applications, containers, thick clients, and APIs. Additionally, I have built custom fully-automated systems that run continuously to find vulnerabilities based on the security research that I am always performing. I have had over 300 reports accepted by over 50 programs across the world. The majority of my findings have been rated critical or high severity by the companies. As of now, I am ranked in the top 5 USA hackers on the 2024 Hackerone leaderboards.

As a Penetration Tester at X-Force Red, I performed penetration tests on web applications, thick-clients, and container technologies. I was apart of the whole process including scoping, preparation, testing, reporting, and delivering the results to the client. I found impactful vulnerabilities in a variety of applications and networks from numerous clients. I also took every opportunity to share my knowledge with my team through presentations, CTF events, and verbally.

As a Bug Bounty Hunter, mostly at Intigriti, I mainly focus on securing web applications. I have reported numerous valid bugs in many companies around the world. Some of the bug types I have found include XXE, IDORs, CSRF, CSTI, SQLi, Information Disclosure, Improper Access Control, all types of XSS, and more.--Profile: https://app.intigriti.com/researcher/profile/iqimpz--Interview/blog: https://blog.intigriti.com/2021/04/12/get-to-know-qimpz-one-of-intigritis-top-hackers/

As a Penetration Tester Intern at X-Force Red I researched the security of open source Learning Management Systems (LMS) by finding vulnerabilities in multiple different LMS. I also learned from experts in the field by participating in bootcamps covering topics including Web Hacking, Network Hacking, Mobile Hacking, OSINT, Social Engineering, and Password Cracking.

As a Cyber Security Specialist at Mainstream Technologies, my main duty is vulnerability management, which includes scanning, prioritizing, and remediating vulnerabilities on our assets. I also partake in network mapping, asset discovery, and some policy compliance.

As a team mentor for Analysis and Investigation through Cyber-based Scenarios camp (AICS), I helped my team, of 5 students (grades 10th-11th) and 2 teachers, stay on track when solving the current scenario that was given. I provided tips, materials, and insight when needed by the team as well as answering any questions they had.

As a Youth Specialist, my duties included supervising and guiding students (grades 1st-8th), ensuring their safety, and leading them on the path to success.