Seamus O'Reilly

Contracted by our client to provide End User Training to a select group of senior board members on sphere phishing and whaling attacks.

Deliverables included active classroom sessions and real-world exploits highlighting how attackers use phishing and social engineering tactics to gain access and control over devices and information.

Post-training, A two week controlled sphere phishing campaign, using custom python payloads, was undertaken to assess the effectiveness of the… Show more

Contracted by our client to provide End User Training to a select group of senior board members on sphere phishing and whaling attacks.

Deliverables included active classroom sessions and real-world exploits highlighting how attackers use phishing and social engineering tactics to gain access and control over devices and information.

Post-training, A two week controlled sphere phishing campaign, using custom python payloads, was undertaken to assess the effectiveness of the engagement and remedial training and follow up exercises were conducted to fill knowledge gaps.

With the success of the initial pilot, we have been contracted to supply a soft-skills training program to incorporate the company as a whole and develop policy around End User Training and Information Security Compliance.
Show less

Consultant, Security Architect reporting to the IT Manager, supporting and contributing to the implementation of wide area network, linking Belfast branch office to corporate head office in London, UK.

Responsible for establishing strategic orientation and roadmap in the area of cybersecurity and developing SOC boards using innovative technologies and methodologies to target, trap and secure enterprise network from Malware and zero-day threats.

Working closely with the Business… Show more

Consultant, Security Architect reporting to the IT Manager, supporting and contributing to the implementation of wide area network, linking Belfast branch office to corporate head office in London, UK.

Responsible for establishing strategic orientation and roadmap in the area of cybersecurity and developing SOC boards using innovative technologies and methodologies to target, trap and secure enterprise network from Malware and zero-day threats.

Working closely with the Business, Service Managers and the Project Manager, I lead a subproject in reviewing SOC and Trace logs. The results supported my claim that traffic analysis was not correctly identifying encrypted traffic and analyse of data streams showed gaps in coverage.

I pioneered a non-encryption zone offloading to middle boxes with a focus on inspecting proper certificate validation, using correct cyphers and Advanced Encrypted Management, the results were correctly identified SSL/TLS traffic, regardless of port or applications used. Show less

Red Team engagement with the responsibility for ensuring visibility of threats and attacks to the confidentiality, integrity, and availability of government restricted Data Centre vaults. Primarily identifying events requiring investigation and determining the impact as well as educating Blue Team responders. Final report briefing to "C"​ level executives, detailing the threat landscape and training needs and escalation paths for members of the cyber defence teams.

Documentation and… Show more

Red Team engagement with the responsibility for ensuring visibility of threats and attacks to the confidentiality, integrity, and availability of government restricted Data Centre vaults. Primarily identifying events requiring investigation and determining the impact as well as educating Blue Team responders. Final report briefing to "C"​ level executives, detailing the threat landscape and training needs and escalation paths for members of the cyber defence teams.

Documentation and reporting to government exacting standards for both ISO 27001 and NIST.
Tools included the use of, Social Engineering, Custom Python Scripting, Metasploit Pro, Nessus, Burp, Kali Linux.
Show less