Kenzie's Place

senior security engineer with 6+ years in penetration testing, cloud security, and iot. i build security tools in rust, lead assessments for fortune 500s, mentor engineers, and present at defcon.

work

senior security engineer

security innovation · jan 2022 – jan 2026

lead penetration tests on web apps, cloud (aws/azure), and iot devices for fortune 500 clients
―
built rust-based static analysis tool for terraform that detects privilege escalation chains
―
created 'bluezer', a ble security tool with gatt connection management
―
design threat models, research and present novel vulnerabilities, and mentor junior engineers
―
onboarded company to ioxt alliance as authorized test lab

security engineer

security innovation · aug 2018 – jan 2022

executed penetration tests on web apps and cloud infrastructure
―
built python automation tooling for enterprise security testing
―
performed red team simulations and static/dynamic analysis

skills

security testing

burp suite, metasploit, wireshark, nmap, gdb, radare2, pwntools

programming

rust, python, c/c++, java, solidity

cloud

aws, azure, terraform, iac security

iot & embedded

ble/gatt, gatttool, firmware analysis

projects & talks

defcon: house of heap workshop

august 2021, 2022

co-facilitated hands-on workshop on heap exploitation for 100+ attendees

bluetooth low energy research

december 2021

independent security research on ble protocol weaknesses, discovered vulnerabilities in consumer iot devices

education

b.s. computer and information science

university of oregon · 2018 · security concentration