Fork me on GitHub

About Me

Steve Coward (OSCP, OSWP)

1

Email: steve@sugarstack.io

Phone: 757-839-4433

Experience

Penetration Tester, CSC Strikeforce (December 2014 - Present)

  • Currently performing Network and Web Application Penetration tests by utilizing open source and commercial tools along with custom scripting.
  • Currently performing Vulnerability Assessments by utilizing both automated tools and manual validation using penetration testing techniques.
  • Leading the effort to provide vulnerability management and penetration testing services for a long term contract for a top Fortune 500 company.
  • Built custom tools when needed in order to accomplish various post exploitation tasks during engagements.
  • Actively providing both high level and technical documentation to clients as well as conducting client facing meetings to discuss and explain findings, risks, and remediation.
  • Utilizing my depth of knowledge in software engineering to build tools to aid the StrikeForce team in areas such as report automation and document generation and custom tools for penetration testing engagements.
  • Actively contributing to open source projects (Lair Framework, Lair Drones, enumerator) related to information security and developing various additional features that are required by members of the StrikeForce team to perform tasks more efficiently.

Senior Software Engineer, 50onRed (November 2011 - December 2014)

  • Built RESTful APIs for advertisers to access and manage their products in our system.
  • Helped design and implement various architectural improvements to help scale services.
  • Has designed and is currently an advocate for implementing more thorough testing and documentation of code.
  • Performed substantial research and development on the practical application of data warehousing technology.
  • Currently optimizing our products to be created and deployed quicker and more efficiently.

Technologies used: Python, Java, MySQL, Amazon Technologies (EC2, S3, RDS, Redshift, SQS), Tableau, nginx, HTML, Javascript, CSS

Technology Manager, Insurance Quote Exchange (September 2010 - April 2011)

  • Worked as part of the company’s Executive Team, making decisions and planning all technology-related aspects of the company’s system.
  • Managed a staff of two internal resources, and nine external resources, which covered development, QA and business analyst roles.
  • Oversaw the development and testing of partner integrations, which was responsible for bringing in 75% of the company’s revenue.
  • Worked intensively with outside integration partners.

Project Manager / Senior Web Developer, Insurance Quote Exchange (April 2010 - September 2010)

  • Managed and planned projects for a team of four developers and two QA resources.
  • Created and implemented new project management procedures that greatly increased efficiency for both management and development teams.
  • Designed and implemented a unified development environment which allowed outsourced and internal development staff to stay in sync while working on projects.
  • Maintained legacy applications, as well as built new conceptual projects based on ideas gathered during meetings with executive staff.

Technologies used: PHP, Perl, MySQL, HTML, Javascript, CSS, Bash, Subversion

Senior Web Developer, Ascentive LLC (November 2008 - April 2010)

  • Developed several complex gateway applications to interface with various outsourced call centers and international sales vendors.
  • Interacted with outside clients to help develop features for proprietary CRM/ERP software.
  • Maintained legacy code, as well as developed new functionality.
  • Designed and executed test plans at the end of the development lifecycle for projects.

Technologies used: PHP, Perl, MySQL, HTML, Javascript, CSS, Bash, Subversion

Senior Web Developer / Database Administrator, Learning By Grace Inc. (March 2007 - November 2008)

  • Provided leadership to 5 fellow developers for a short time while working with the company’s owners to determine development priorities and to provide deliverables in a timely manner.
  • Lead the development of several large web applications that involved both the creation of new code as well as refactoring of legacy code.
  • Helped to eliminate slow queries from code and to increase overall performance from our backend MySQL servers.
  • Developed several Bash scripts to aid future DBA’s to accomplish necessary tasks in a quick and efficient manner.

Technologies used: PHP, MySQL, Perl, HTML, Javascript, CSS, Bash

Education

Offensive Security Certified Professional (OSCP)

Attained OSCP certification as of August 2014. Certificate validation available upon request.

Offensive Security Wireless Professional (OSWP)

Attained OSWP certification as of October 2014. Certificate validation available upon request.

Drexel University

BSc. Information Systems and Technology