Maxwell Zhou, CISSP, CISM

Experience

• 

  Mosaic Sales Solutions

  Feb 2015 - Nov 2015

  Dell Campus Ambassador

  - Surpassed 10% gain goal by achieving over 72% before program end, over $60,000. Created over 392% increase in sales within one quarter- Most demos performed in all of the West coast region at over 2,000 interactions, despite being a rookie. Graduated at top of program- Involved with infield demonstrations with consumers to educate consumers about new products and features and promote the brand- Developed time management, communication, event planning, and presentation skills with small groups up to five Show less

• 

  NewSky Security LLC

  Jun 2015 - Jun 2016

  Penetration Tester

  • Worked with Microsoft to research Facebook Single Sign On vulnerabilities• Lead group of 7 in initial penetration testing on Android applications, creating reports for researchers• Present significance of findings to both technical and non-technical departments• Quickly promoted within 3 months because of ability to learn quickly• Researched cyber security vulnerabilities in android applications

• 

  University of Washington

  Sept 2015 - Jun 2017

  • Automated all repetitive human processes using Python and PhantomJS, saving over 80 manual hours a week • Optimized management of JIRA dashboards and task delegation for team of over 30 application testers• Developed various tools to provide customized JIRA reports and ensure data integrity in Excel databases • Attained ISRM certificate and assisted with CISSP certification content, network security and IT management• Guided master-level students with technical issues in penetration testing and course content

  • Technical Student Assistant

    Jan 2017 - Jun 2017

  • Information Security & Risk Management TA

    Sept 2015 - Jun 2017
• 

  Nordstrom

  Jun 2016 - Sept 2016

  Penetration Tester, Vulnerability Management

  • Conducted invasive penetration tests on production and test systems on Nordstrom internal and external networks• Exploited cross-site scripting, SQL injection, remote command execution, and other vulnerabilities• Utilized Nessus security scanner and Kali Linux tools and formally documented testing results• Lead tester on Windows 10 system, creatively escaping restricted environment and performed privilege escalation

• 

  PwC

  Jun 2017 - Aug 2017

  Cybersecurity & Privacy

  •Helped conduct full PCI readiness assessment on a Fortune 20 client in preparation for PCI audit• Offered variety of security recommendations and remediated issues based on business risk and level-of-effort • Utilized various enterprise tools, such as Nipper, Splunk, Balabit, Citrix, and TrendMicro• Automated a series of internal tasks to allow team to add more value to client interactions

• 

  T-Mobile

  Oct 2017 - Jun 2018

  Cybersecurity

  • Identified areas of improvement in cybersecurity program with data analytics on in-house ticketing system• Provided executive board with cybersecurity dashboard to identify potential risk factors and malicious threats• Improved efficiency with the creation of a Self-Service Qualys Scanning Portal

• 

  Visa

  Aug 2018 - Oct 2019

  Associate Information Security Analyst

  • Performed invasive penetration testing on all in-house & 3rd party mobile applications and SDKs• Conduct research and create PoC of exploitation for IoT, such as Smart POS systems• Actively assisted and consulted development teams in remediation efforts• Developed mobile security Capture-the-Flag training to train product development teams on secure-coding practices

• 

  Certus Cybersecurity

  Oct 2019 - Feb 2022

  Senior Cybersecurity Consultant
• 

  Greenlight

  Mar 2022 - now

  • Staff Security Engineer, Product Security

    Aug 2022 - now

  • Senior Security Engineer, Product Security

    Mar 2022 - Aug 2022