Alijohn Ghassemlouei

A responsible, honest, and hard-working cyber security professional with experience in both the commercial and federal sectors in vulnerability assessments, penetration testing, vulnerability program management development.

Over the course of his career, each organization's security posture and program have been raised to new standards. Knowledge centralization, formalization of reporting, language clarification, management visibility, and user awareness are some of the programmatic or non-technical capabilities that are brought to the table.

With vulnerability assessments, running automated scans is only a single step in the assessment process. Interviewing administrators and developers, reviewing network and system architectures, as well as manually reading through configurations for running services provides a wider prospective and often reveals systemic issues across the enterprise which is then highlighted to executive management.

The penetration tests that are conducted are an evaluation of the security controls of an asset, system, or network through the emulation of malicious or unauthorized actors with limited knowledge. This is achieved by demonstrating the execution of the objective at a technical level which improves the effectiveness and efficiency of the existing security controls in place.

Within the first few days or weeks, on the technical side, assets are identified, the attack surface is established, systemic issues are flagged - all across the known enterprise. All of this information is then sanitized, prioritized, and presented to the proper executive stakeholders to ensure that changes can be made effectively from the top-down.

High standards, drive, and passion for not only technology and security but making a difference makes coming into the office each day to do what you love instead of just a job.