Security Analyst
April 2026Confidential
- Conducted a web application security assessment on a scheduling and field operations platform serving utility infrastructure
- Identified broken authentication chains across multiple token tiers
- Discovered cross-account data access via IDOR and BOLA vulnerabilities
- Found unauthenticated write access to internal services
- Reported sensitive operational configuration disclosure on production