Jacob Diamond

Pentester, OSCP

Education

Certificate in Cybersecurity of Computer Networks

Polytechnique Montréal
2020 - 2022

AEC in Mobile Application Development

Bristol University
2019 - 2020

Languages

  • English (Professional)
  • French (Native)

Interests

  • Hacking
  • Video Games

Career Profile

I am an experienced penetration tester with a strong focus on various aspects of cybersecurity. My career includes roles at multiple organizations, most recently at Yack, where I am currently employed as a Penetration Tester. Before joining Yack, I spent over a year at Hitachi Systems Security Inc., where I specialized in web, API, mobile, internal, and WiFi penetration testing.

Prior to Hitachi, I worked at Cyberswat Group, where I expanded my skills in web application testing, internal Active Directory pentests, OSINT/Dark Web research, and internal tool development. My experience also includes software development, having worked as a Software Developer at PTC, and as a developer intern.

Throughout my career, I have earned numerous certifications, including OSCP, various Hack The Box ProLab certifications, and specialist credentials in API security, AppSec, and cloud security. My expertise is supported by a cybersecurity certificate from Polytechnique Montréal and an ACS in mobile application programming.

Experiences

Penetration Tester

Aug 2024 - Present
Yack, Remote

At Yack, I perform penetration tests on web applications, APIs, mobile platforms, and internal network. My work focuses on identifying and exploiting security vulnerabilities to enhance overall security posture.

  • Conducted web application penetration tests.
  • Performed API and mobile security assessments.
  • Performed Active Directory and Internal pentest.
  • Work on the company’s internal security as well as on the red team infrastructure.

Penetration Tester

May 2023 - Aug 2024
Hitachi Systems Security Inc., Remote

During my time at Hitachi Systems Security, I was responsible for performing penetration tests across various domains, including web, API, mobile, internal networks, and WiFi systems.

  • Conducted internal penetration tests for Active Directory environments.
  • Led social engineering research efforts to identify potential threats for our clients.

Penetration Tester

Jun 2021 - May 2023
Cyberswat Group, Remote

At Cyberswat Group, I focused on web application pentests, internal Active Directory pentests, OSINT research, and internal tool development.

  • Conducted web application penetration tests.
  • Performed API security assessments.
  • Performed Active Directory and Internal pentest.
  • Developed internal tools to enhance pentesting capabilities.

Software Developer

Aug 2020 - Jun 2021
PTC, Remote
  • As a Software Developer at PTC, I contributed to various development projects and provided technical support for the client.
  • Developed a custom web interface.
  • Worked with the ThingWorx platform.
  • Provided technical support and maintenance for existing applications.

Certifications & Trainning

OSCP (Offensive Security Certified Professional)

Nov 2022
OffSec (https://www.credential.net/080c7d61-b7c3-46ed-a355-40988c9c1efb#gs.jvbfjv)

Certified AppSec Pentester (CAPEN)

Apr 2024
The SecOps Group (8576471)

Certified AppSec Practitioner (CAP)

Apr 2024
The SecOps Group (8561103)

Certified API Security Analyst (CASA)

Apr 2024
APIsec University (cb75aebf-a4e2-4b50-95e1-4cca1ef00498)

Multi-Cloud Red Teaming Analyst (MCRTA)

Apr 2024
CyberWarFare Labs (662da17ae14e70c9c1e6d6ef)

ProLab - Offshore

Jul 2024
Hack The Box (HTBCERT-7A7BC2A2DD)

ProLab - Zephyr

Nov 2023
Hack The Box (HTBCERT-2C20718845)

ProLab - Genesis

Aug 2023
Hack The Box (HTBCERT-DC47800791)

ProLab - Dante

Sep 2022
Hack The Box (HTBCERT-3B83DC6D38)

C2 Development in C#

Aug 2023
Zero-Point Security Ltd (sghifx0pjf)

DevOps for Pentesters

Aug 2023
Zero-Point Security Ltd (fv2rbwh4py)

PCEP - Certified Entry-Level Python Programmer

Mar 2022
Python Developer (VoY2.Carj.tP7V)

Throwback

Jan 2022
TryHackMe (THM-H9VLFXVSWACredential ID)

eJPT (eLearnSecurity Junior Penetration Tester)

Jul 2021
INE Security (FKA eLearnSecurity) (6497586)

Skills & Proficiency

Web Application Pentesting

API Pentesting

Mobile Pentesting

Internal Network Pentesting & Active Directory

OSINT, Dark Web Research & Social Engineering

Python & Bash Scripting

Javascript

Go

Effective Use of Generative AI