Zachary King, B.S. Cybersecurity
----------------------------------------------
About

I'm a cybersecurity professional with a passion for tackling tough technical projects and always improving my skills. I have experience in Linux systems administration and penetration testing, with a focus on network security.

Outside of work, I stay active in the cybersecurity community by participating in and organizing conferences and workshops, always learning and networking with others.

Certifications

Here is a list of my certifications:

Contact Information

You can reach me via the following methods:

WORK EXPERIENCE
1. Penetration Tester at Apple
September 2024 - Present
  • Conducts deep-dive manual penetration tests against Appleā€™s Online Store, Apple Store App, Retail systems, and backend payment platforms.
  • Reviews and analyzes source code for web, mobile, and cloud-based applications to detect security flaws in workflows.
  • Executes mobile application security testing, leveraging tools and methodologies to assess iOS app security, data storage, and API interactions.
  • Serves as a security advisor for product teams, guiding them in incorporating secure coding practices and architectural design improvements.
2. Penetration Tester at A-LIGN
July 2024 - September 2024
  • Conducted thorough internal, external, and web application penetration tests, identifying critical vulnerabilities across diverse client environments.
  • Performed cloud and API penetration tests, uncovering key security flaws and providing actionable remediation recommendations.
  • Executed comprehensive vulnerability assessments, using tools like Nessus and Burp Suite, to help clients improve their overall security posture.
  • Authored detailed reports outlining findings, risks, and mitigation strategies tailored for both technical teams and executive-level stakeholders.
3. Penetration Tester at Centric Consulting
September 2022 - June 2024
  • Led penetration tests, including internal and external network, web, API, social engineering, and wireless exploitation.
  • Developed and presented detailed reports outlining findings, risks, and recommendations to technical and non-technical stakeholders.
  • Orchestrated the entire penetration testing process, from initial scoping discussions to final delivery, ensuring a seamless and effective engagement.
  • Supported the vCISO and audit teams in delivering customized and comprehensive recommendations to clients.
4. Security Engineer at Sweetwater
May 2021 - September 2022
  • Managed various security-related technologies, leading to a 40% increase in EDR coverage across the environment.
  • Designed and implemented Bash, Powershell, Ansible, and Expect scripts to automate risk monitoring and environment security.
  • Collaborated with different departments and stakeholders to ensure compliance with the PCI-DSS standards.
  • Orchestrated patch management of over 3,000 devices using Jamf Pro, resulting in an 80% improvement in patch coverage.
5. Security Engineer at King Realty, LLC
May 2020 - May 2021
  • Recommended, installed, and configured networking equipment and server hardware for a new office location.
  • Deployed, administered, and configured network services, including IPS, OpenVPN, LDAP, and RADIUS, within the environment.
  • Created and managed a secure, segmented network file server for business records, supporting data digitization.
  • Developed and implemented technical policies, documented assets, and established standard operating procedures for IT resources.
INDUSTRY CONTRIBUTIONS
1. Red Team Member at National Collegiate Cyber Defense Competition
August 2023 - Present
  • Participated in WRCCDC, MWCCDC, and MACCDC as a member of the red team, simulating cyber-attacks to test the defenses of teams.
  • Developed and executed strategies for network penetration testing and post-exploitation tasks in a competitive environment.
  • Collaborated with a team of cybersecurity experts to create realistic threat scenarios, enhancing the learning experience for blue team participants.
  • Utilized a variety of tools and techniques for ethical hacking, including network scanning and scripting custom attack vectors.
2. Cybersecurity Speaker at Churubusco Chamber of Commerce
June 2023 - September 2023
  • Two-time speaker at The Churubusco Chamber of Commerce, educating business leaders on cybersecurity best practices.
  • Engaged in fruitful discussions with attendees, providing tailored insights to enhance organizations' cybersecurity posture.
3. Organizer | Lead CTF Architect
October 2021 - Present
  • Led team in the creation and documentation of CTF challenges for the annually recurring BSides Fort Wayne CTF.
  • Coordinated with organizers leading up to the event to architect and design the BSides Fort Wayne conference.
  • Built recurring offensive security labs and learning meetups, serving as a mentor on penetration testing and CTFs.
4. Team Captain | Linux Lead at Indiana Tech Cyber Warriors
September 2019 - April 2023
  • Managed a 20-member team in diverse specializations, including Linux, penetration testing, Windows, networking, and GRC.
  • Prepared for and participated in various cyber defense competitions, such as CPTC, CyberForce, Hivestorm, NCL, and CCDC.
  • Oversaw the development of training materials for team members, including Linux labs and CTF challenges.
  • Engaged in semi-monthly 8-hour-long purple team events to ensure robust penetration testing and hardening abilities.
  • Designed and deployed complex 25+ server network topologies with diverse Windows, Linux, and ESXi services to practice within.
  • Achieved four consecutive Indiana CCDC State Championship titles, with multiple second-place finishes at National Qualifiers.
  • Led team to global finals for Collegiate Penetration Testing Competition, competing against prominent universities such as Stanford and RIT.


------------------------------------------------

 Completed in 0.01s