Place of residence: Vienna, Austria

Position: Cyber Security Engineer & Penetration Tester | CEO of Titanium Cyber Security Solutions

Please describe a day in your life

The day begins with a review of the current project, ensuring all objectives and timelines are clearly understood. A brief meeting with the team is held to discuss ongoing testing, share updates, and address any challenges from the previous day. Penetration testers typically work within a structured framework, so part of the morning is spent reviewing the scope of work, which may involve identifying the systems, applications, or networks to be tested. 

Once the scope is confirmed, the pen tester begins the first phase of the penetration test: reconnaissance. This involves gathering publicly available information about the target system, such as domain names, IP addresses, and any other data that could aid in identifying potential attack vectors. Tools like Nmap, Burp Suite, and various open-source intelligence (OSINT) methods are employed to map out the environment. 

After that, I do more in-depth technical work, such as exploiting the identified vulnerabilities. This includes activities like network scanning, web application testing, and attempting to bypass security defenses (e.g., firewalls, intrusion detection systems). At this stage, ethical hacking tools like Metasploit, Nessus, or custom scripts are commonly used to simulate cyber-attacks on the target system. The goal is to gain unauthorized access and demonstrate the security flaws present. 

In the final moments of the workday, the penetration tester may attend a debriefing meeting with the client or project lead to discuss initial findings. This provides an opportunity to clarify any questions and align on the next steps. The day ends with a review of the progress made and planning for the next set of tests. 

How many projects are you currently working on? Please describe them

As a cybersecurity engineer and penetration tester, I am currently engaged in multiple projects across various industries, including construction, banking, government entities, and private enterprises. These projects primarily focus on identifying vulnerabilities in IT infrastructures, conducting penetration testing, and providing risk assessments to strengthen cybersecurity defences. My work involves assessing web applications, internal and external network infrastructures, mobile applications, Active Directory. The objective is to uncover security gaps before they can be exploited by malicious actors and provide organizations with actionable recommendations to enhance their overall security posture.

In your opinion, who is the most influential person or company in technology today, and if you could choose one app, product, or project to have been involved in, which would it be and why?

The technology landscape is constantly evolving, with numerous influential figures and companies driving innovation in cybersecurity, artificial intelligence, and digital transformation. If I had the opportunity to be involved in any project, I would choose one focused on advancing cybersecurity for critical infrastructure and enterprise security solutions. Specifically, contributing to the development of cutting-edge security frameworks, penetration testing tools, or AI-driven threat detection systems would be highly impactful. These technologies play a crucial role in safeguarding organizations against sophisticated cyber threats, ensuring business continuity, and protecting sensitive data from malicious attacks.

What is your next goal?

My primary objective is to advance my expertise as a Penetration Tester and Red Team specialist by acquiring deeper technical knowledge and refining my skills in offensive security. I aim to enhance my proficiency in advanced adversarial simulation, social engineering tactics, and post-exploitation techniques to better assess and strengthen the security posture of organizations.

To achieve this, I am actively working towards completing several industry-recognized certifications that will further validate my expertise in ethical hacking, red teaming, and security assessments. These certifications will equip me with the necessary methodologies to conduct comprehensive security evaluations, simulate real-world cyberattacks, and help organizations build robust defence mechanisms against sophisticated threats.

Ultimately, my goal is to leverage this expertise in my role as a cybersecurity consultant, providing organizations across various sectors, including construction, banking, government, and private enterprises, with strategic security recommendations and proactive defence strategies. By mastering the full scope of red teaming, I aspire to lead and execute large-scale security engagements that not only identify vulnerabilities but also enhance organizations’ ability to detect, respond to, and mitigate cyber threats effectively.

If you could speak to your younger self, what advice would you give, and how does it relate to the dreams you had as a child about creating, inventing, or doing something special?

If I could speak to my younger self, I would emphasize the importance of persistence, curiosity, and continuous learning in the field of cybersecurity, especially in penetration testing. I would advise starting with a strong foundation in networking, operating systems, and programming, as these are the building blocks of ethical hacking. Understanding how systems work is crucial before attempting to break them ethically.

Additionally, I would encourage my younger self to take advantage of free online resources, labs, and Capture The Flag (CTF) challenges to develop practical skills. Platforms like Hack The Box and TryHackMe provide hands-on experience, allowing aspiring security professionals to simulate real-world attack scenarios and improve their problem-solving abilities.

Another key piece of advice would be to obtain industry-recognized certifications such as OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or PNPT (Practical Network Penetration Tester) early on. These not only validate technical expertise but also open doors to career opportunities.

Most importantly, I would stress the significance of ethical responsibility in cybersecurity. The goal is not just to identify vulnerabilities but to help organizations secure their systems before real attackers exploit them. Cybersecurity is not just a job; it’s a mission to protect businesses, individuals, and critical infrastructure.

By following this path, I would assure my younger self that achieving a fulfilling career in penetration testing and red teaming is possible, and the journey of learning never stops.

Which famous person would you like to have dinner with and why?

If I had the opportunity to have dinner with a famous person, I would choose Cristiano Ronaldo. Beyond his extraordinary achievements in football, he possesses a relentless work ethic, a strong mindset, and an unwavering commitment to excellence. His discipline, resilience, and ability to overcome challenges make him an inspiring figure not only in sports but in any field that requires dedication and continuous improvement.

In cybersecurity, much like in professional sports, success demands persistence, adaptability, and a constant pursuit of knowledge. Ronaldo’s mindset—his refusal to settle for mediocrity and his ability to stay at the top of his game for decades, mirrors the qualities necessary for a cybersecurity professional, especially in penetration testing and red teaming. His attitude toward self-improvement, overcoming failures, and maintaining a champion’s mentality would provide valuable lessons applicable to both personal and professional growth.

Where would you like to travel next?

I’d love to travel to Maldives. It seems like the perfect spot to unwind and enjoy the warm weather. The town looks so peaceful, with charming cobblestone streets and cosy cafes where I can sit outside and soak up the sun. I imagine the air is fresh with a light breeze coming from the nearby coast, and the flowers are in full bloom, adding colour to every corner.

The canals look so serene, and I picture myself strolling along them, watching boats drift by. There’s something about the vibe that makes it feel like time slows down, and I can just enjoy the simple things, like fresh produce at a local market or a relaxing afternoon at the park or beach. As the sun sets, the sky turns shades of orange and pink, creating the perfect end to a perfect day.

What tips do you have for people wanting to start in the tech world?

For those looking to enter the tech industry, especially cybersecurity and penetration testing, the key is continuous learning and hands-on practice. Start by building a strong foundation in networking, operating systems, and programming. Gain practical experience through labs, Capture the Flag (CTF) challenges, and security certifications like OSCP or CEH. Stay updated with the latest trends, contribute to open-source projects, and network with professionals in the field. Most importantly, to maintain curiosity and persistence, cybersecurity is an evolving domain that requires constant adaptation and problem-solving.