CV

Leon Teale

West Yorkshire

England

 

E-mail: leonteale89[@]gmail.com

  • Facebook - Grey Circle
  • Twitter - Grey Circle
  • Google+ - Grey Circle
  • LinkedIn - Grey Circle
Professional info​

A valuable asset to any company, I am hardworking and confident in my ability. I am enthusiastic about technology as well as the skills listed below and in previous employment. I continuously strive to improve my skills and knowledge with self study. I always look to automated tasks things easier and quicker for myself and others. I run various security groups and information sharing with a combined member count of approx 400,000 people. My personal project has been https://pentest.training which is a free pentest training lab for anyone to use free of charge with access to a full networked lab with typical windows domain setup with servers for real world testing, which was picked up by netsparker who then became and official sponsor after gaining 250,000 visitors in the first 2 weeks of launch.  

Work experience
IT Governance - Senior Penetration Tester.

April 2015–Present

 

I am currently working for IT Governance as a senior penetration tester, my role is to lead penetration testing engagements from the beginning such as scoping (including PCI DSS) to completing the engagement with a written report and debrief/consultation. I am also responsible for helping train other staff members and provide a training resource and lab, similarly I also created and personally host services run by IT Governance such as their phishing portal.

 

My key areas for IT Governance are,

web app testing, internal and external pentesting, wireless testing, social engineering both physical access and phishing, PCI DSS testing and scoping and mobile application testing.

 

ECSC - Lead Consultant

Aug 2014 – Feb 2015

 

Previously working for ECSC I was responsible for performing infrastructure penetration tests and adequate training from ECSC this further lead to develop my web app testing skills. As a Lead Consultant I was responsible for managing the engagement from start to finish. i.e. introduction through to performing the penetration test giving the debrief at the end with the client and often senior management and then compiling a report for the client along with any follow up conversations regarding the assessment and results.

NCC Group - Security Consultant

Jan 2014 – Aug 2014

 

Working as a penetration tester for NCC group, one of the worlds largest pentest companies. Working alongside some infosec famous colleagues of which has helped me enhance my understanding in particular areas, specifically web application testing. My roles is to provide penetration tests for companies, covering all aspects of IT Health checks, such as web app testing, infrastructure, build reviews etc.. My role is similar to my previous job except working for higher profiled clients with a larger company who specifically help with personal development.

Randomstorm - Security Engineer

September 2012 – Jan 2014

 

My position on the Professional Services team at RandomStorm involved internal and external penetration tests for the public and private sector. I worked with highly privileged clients including councils and government servers. A full technical understanding of almost all Operating Systems is required and a good understanding of network infrastructure.

 

My duty was to perform active and passive reconnaissance against the target and use information i had gathered to launch specific attacks against the hosts within a given scope. Vulnerabilities will then be exploited in order to compromise systems and methodical attacks used to escalate further privileges within a network for Domain Admin level access or find specific business critical files. A report is written for each job undertaken with detailed information regarding the vulnerable target hosts, business impact and remediation advice. Proof of concept screenshots and evidence is also provided to the client to show exploitation is possible and is not just theoretical.

I undertook training by other team members to continually help improve my performance and work quality and keep up-to-date with new security threats and exploits through online infosec groups and partaking in security and pentesting conferences.

During my time here I achieved 'Rookie of the year' award issued by the company.

Republic - Systems Administrator

June 2012 – September 2012

 

A Systems Administrator for Republic. They are one of the leading competitors for modern fashion in retail. With a vastly expanding company and reputation they are investing in a multi-million pound Oracle integration. My Role as a Systems Administrator involved administering the internal Domain and systems including project work and testing for the Oracle integration. As i am the only other Linux user at the company other than the DBA, I find myself spending a lot of time working and helping configure and setup Oracle databases and creating and configuring the VM’s on Oracle Servers and installing new Blades. Since starting my position here i have implemented an internal monitoring solution and a PXE environment. I have also Setup an internal Wiki for the IT support team and implemented a new helpdesk system. I am involved in the creation of the new E-boutique system that will be put into the new store in Leeds on September the 14th.

Webfusion - Senior Dedicated Server Engineer

January 2010 – June 2012

 

I was a member of the Senior Engineer team for Webfusion who are a leader in the European Hosting industry. They provide a wide range of hosting platforms ranging from simple websites to cloud hosting environments. As a second line engineer I am currently responsible for dealing with escalated issues which other staff are unable to resolve. My support scope covers dedicated servers, shared hosting and Virtual Private Servers. I am responsible for providing the support for primarily dedicated servers for “123-reg” “xcalibre” “Donhost” and “Webfusion”

As working as part of such a diverse role I am required to have an in-depth understanding of many key areas to both Linux and Windows OS in regards to dedicated servers and web servers. Many of these are listed below;

 

  • A complete understanding of DNS

  • Apache, Qmail, SSH, MYSQL, FTP, Unix Commands, Unix Software e.g. denyhosts, IPTables, Plesk

  • IIS, FTP, MYSQL, Windows Features and Roles, RDP, Firewalls, Mail-Enable,

  • Plesk, MSSQL

  • Cisco Firewalls

  • Server Diagnostics and Log evaluation both on Linux and Windows servers.

  • Understanding Server networking in a datacentre environment and VLAN's as well as IPMI power adapters.

  • Nagios Monitoring.

  • Load balancers for custom solutions and setting up this in a working environment

  • Using backup services and creating backup scripts with rolling volumes on external servers.

  • The Operating Systems I am required to know are:

  • Centos, Ubuntu 6-10, Fedora, Redhat, Windows 2003 Web-Std-Ent, Windows 2008 Web-Std-Ent

Pantheon Financial - Systems and Network Administrator

August 2008 – March 2009

I worked for Pantheon financial as a systems administrator working alongside the IT manager. Pantheon is a large financial organization encompassing 7 sites across the UK with 10 servers and 150 users.

 

Below are some of the day to day jobs that were involved in my role:

  • Supporting a 7 site Active Directory

  • Citrix Server Installation & Management

  • Providing desk side user support

  • Providing Telephone / Remote Support

  • Windows Server 2008 – I installed and managed a new 2008 server on our network

  • Network Cabling Installation

  • Hardware installation/Fault finding

  • Hardware Procurement

I have detailed below some of the technologies and I worked with in this role:

  • Exchange Server 2003

  • Windows 2003

  • Citrix Server

  • SQL Server

  • Blackberry Enterprise Server

  • Windows 2003/2008 Active Directory

    • Bespoke Accounts Software

Systemnet - IT Technician (Apprenticeship)

December 2007 – July 2008

Systemnet are an IT outsourcing company which encompass supporting a large parent company, and multiple external clients. They also provide CCTV, networking and door access installation services. As part of my position here I was working with the Senior IT technicians supporting the parent company and working on customer sites fitting networks, CCTV and Interactive Whiteboards.

Below are some of the responsibilities I had whilst working here;

 

  • Installing Interactive Whiteboards

  • Installing CCTV

  • Installing Door Access

  • Networking

  • Windows 2003/2000 Server support and management

  • Desk side support for users

  • Supporting clients by assessing their IT needs

  • Following through the full order process from site surveying, ordering equipment through to installing servers, cabling, Operating Systems, Domains and Support

 

Supporting following technologies:

  • Windows Server 2003 – Administration, Installation & Configuration of Windows Domains and Active Directory

  • Databases

  • Exchange Server 2003

  • Switches/Routers/Networking Infrastructure installation.

  • Laptop and PC Repairs – Hardware repairs and component replacements

  • Telephone and Remote Support – VNC, Remote Desktop

Languages

HTML/CSS

BASH

PYTHON

Skills

Internal Penetration Testing

External Penetration Testing

Web Application Testing

Social Engineering

Windows OS / Server

Linux

Web servers

DNS

Databases

Networking

Virtualisation

Customer support

Education​
Qualifications

Certified Ethical Instructor (CEI)                                                 2019                                        

Certified Ethical Hacker (CEH)                                                   2019

Crest CPSA                                                                                 2015

Crest CRT                                                                                   2015

Parallels Plesk Certification – basic and Advanced                   2010

CISCO Advanced Security                                                         2007

BTEC Advanced Award IT Practitioners                                     2007

NVQ 2 IT Practitioners - DISTINCTION                                       2007

NVQ 2 IT Professional - Merit                                                      2007

Queensbury School

2001-2006

7 GCSE’s at Grade C and Above 2006

IT GNVQ 2006

© 2018 by Leon Teale

  • Facebook - Grey Circle
  • Twitter - Grey Circle
  • Google+ - Grey Circle
  • LinkedIn - Grey Circle