Aidan McDonagh

Full-Stack Software Engineer · DevSecOps Engineer · Ethical Hacker/Penetration Tester · Cyber Security Expert

Bishops Stortford, Hertfordshire · ·

A Certified Cyber-Security Professional who specialises in making applications, networks and systems more secure. I studied Software Engineering at University, in my final year my head of computing Dr Nick Savage taught me System Security and the basics of Ethical Hacking. Alongside of this I studied Reliable and Secure Systems, and Security & Cryptography. These gave me a strong foundation of my principles in trying to make the world a more secure place. Since then I've become certified in Security and Penetration Testing (Ethical Hacking). As well as winning a Generative AI competition with Google & Sky.

Experience

DevSecOps Engineer / Software Engineer (Security) & Team Lead

Sky UK

Job Summary

At Sky, I am currently a Tech Lead on multiple projects, leading a team of 12 people in developing multiple web applications, two of the main apps being wholesale ethernet across the UK for businesses. I was hired due to my background in security, and within the first two weeks of working at Sky, I identified numerous severe vulnerabilities in Wholesale Ethernet 1.0, which could have resulted in a potential fine of £14 million, as evaluated by the risk management team. Successfully mitigating these risks within my first year was a significant achievement in my career, reflecting my expertise in both software engineering and ethical hacking.

Additionally, I have won a Google Generative AI competition, which highlights my commitment to innovation and excellence. Beyond project responsibilities, I serve as the Vice. Chair of the Security Forums, where I actively motivate the cybersecurity team to engage more effectively with our section and contribute to making Sky a more secure company.

Alongside of this work I perform production data analytics and modify live data, liaise with the business team to understand project owner needs and future implementations as well as performing live app and service deployments for our microservices.

Duties Involve: Application Security, Application and Service Deployments, Production Data Management, Security Lifecycle Development and Implementation across the company, Company Security Awareness, Risk Management and Secure Application Development

Company Summary: Sky UK Limited is a British broadcaster and telecommunications company that provides television and broadband Internet services, fixed line and mobile telephone services to consumers and businesses in the United Kingdom. It is a subsidiary of Sky Group and from 2018 onwards - part of Comcast.

Technologies

Wholesale Ethernet 1.0: (Django 5/DRF, Postgresql, Rabbitmq, Redis, ReactJS) - Event Driven

Wholesale Ethernet 2.0: (Asyncio, Fastapi, Polars, PostgreSQL/Postgis, Redis, SQLAlchemy 2.0, JWT) - Request/Response

Security: Bandit/Semgrep (SAST), Trivy (Container OS/App Package Scanning)

DevOps/Cloud: Gitlab CI/CD, VMWare, Cloudfoundry/BOSH, Google Cloud, Docker, Docker Compose, Ansible

1 February 2022 - Present

1 Brick Lane
2 Quayside,
London,
E1 6PU

Software Engineer (Security)

Unipart Digital

Job Summary

At Unipart Digital I work as part of a team of 8, in an agile-sprint methodology to rotate on different projects and tasks in fortnightly sprints. I am constantly building and improving my skill set and knowledge by working on bespoke and novel pieces of code for different apps. We have daily standups every morning as a team and talk about what we have done and what will do and any issues if they have arisen, this has helped build my communication skills and interoperability with co-workers. We also do pair-programming which has built my speed reading skills and debugging of others' work as well as knowledge of my own workings.

I have built serveral systems with frontends using React, Material UI, Redux (Toolkit), Webpack, and Service Workers. For backend development I have become proficient with Django (DRF) and PostgreSQL for a database. I have also learnt CI (Continuous Integration) Development using Jenkins, Docker-Compose, Ansible for remote commanding (puppeteering) and OpenStack for computer networks.

I have developed device authentication systems, barcode scanners (+ qr scanners) for systems in production. Alongside of this I have reduced output bundle sizes for multiple applications through updating legacy code, and indentified, tested and mitigated against race conditions as well as enhance security for current and future applications through the use of my pen testing skills.

Duties Involve: Research & Development, Engineering Applications for internal and external use, Executive Reporting, Travelling to sites and presenting work to digitise the warehouse logistics.

Company Summary: Unipart Group is a multinational logistics, supply chain, manufacturing and consultancy company which crosses a variety of sectors that include automotive, retail, technology and rail. Unipart Digital is a subsidiary company of the Unipart Group which specialises in the every growing technologies of the world. Unipart Digital has clients such as the NHS, Jaguar and Land Rover.

Technologies

Asset Management Tracking Software with Analytics: (Django/DRF, Postgresql, Webpack, Redis, ReactJS)

Device Authentication and Authorisation: (Django/DRF, Postgresql, Webpack, Redis, ReactJS, JWT)

Security: Bandit/Semgrep (SAST), Trivy (Container OS/App Package Scanning)

DevOps/Cloud: OpenStack, Ansible, Jenkins, Docker, Docker Compose

16th Novemeber 2020 - December 2021

Unipart Digital
2 Quayside,
Cambridge,
CB5 8AB

DevSecOps Engineer / Pen Tester.

KHIPU Networks Ltd.

Job Summary

At KHIPU Networks, I served as the principal software engineer, being the first to join the company in this role, and I had the freedom to select the technologies I deemed best.During my time there, I developed a SIEM service for monitoring Access Points (APs) and Switches, alerting customers if a device went offline or was compromised. Additionally, I created a template generator for technical engineer documents, significantly improving the speed of report delivery. I also provided analytics for Greenbone OpenVAS vulnerability scans and developed numerous landing pages for shopping centers across the UK to showcase our secure Switches and Access Points. Moreover, I trained as an Ethical Hacker, applying these skills internally to enhance the security of KHIPU's software.

Duties Involve: The creation of any type of scripts, websites & software by whatever language I choose! And the starting up of a Penetration Testing Team for the company.

Company Summary: A Cyber-Security Network Company, which is royally appointed by the Queen and has held this appointment for five years prior and has had it renewed for another 5 years for meeting quality industry standards. They have also completed projects in Buckingham Palace! This company has successfully worked with many Universities and Companies both in the public and private sector.

Technologies

SIEM Real-Time Monitoring Service for Access Points and Switches: (Node.js (Fastify), Angular, Typescript, SCSS, Socket.io (Websockets))

Technical Engineers Document Generator: Deno.js, Typescript, Microsoft Docx

Greenbone OpenVAS Scanner Data Science Analytics Script (Python)

Internal Software Tester / Ethical Hacker

DevOps/Cloud: RancherOS, Docker, Docker Compose

09th January 2019 - 09th November 2020

KHIPU, Fleet27,
Rye Close,
Fleet,
Hampshire,
GU51 2UH

Projects

Web Developer

Laura McDonagh Illustrations

Job Summary: This responsive portfolio website was created using my front-end skills (HTML5/CSS3/SCSS/JS/Bootstrap 5) and my development skills using Node.js (Gulp and Yarn). I also implemented lazy-loading/deferred image loading and media src-sets as well as automated image responsiveness and next-gen image format use.

Duties Involved: Freelance creation of a single page website to showcase the clients illustrative projects as a portfolio website.

Company Summary: This client specialises in the creation of artistic pieces.

July 2020 - August 2020

Hertfordshire / Portsmouth

Web Developer

Westport Car Parks

Job Summary: This responsive portfolio website was created using my front-end skills (HTML5/CSS3/SCSS/JS/Bootstrap 5) and my dev skills using Node.js (Gulp and Yarn).

Duties Involved: Freelance creation of a single page website to showcase the company's portfolio of work.

Company Summary: This company specialises in property and land remediation, development and sale.

July 2018 - August 2018

Suite 11,
Berkeley House,
Barnet Road,
London Colney,
St. Albans,
AL2 1BG

Education

University of Portsmouth

Bachelor of Science - Software Engineering

Software Engineering

High 2:1 / GPA: 3.25

Uni: September 2014 - June 2018
Graduation Date: 19 July 2018

University House,
Winston Churchill Ave,
Portsmouth,
Hampshire,
PO1 2UP

Aldenham School

A-Levels - Maths (Edexcel), ICT (AQA) & Economics (OCR)

UCAS Points: 220

A-Levels: September 2012 - June 2014

Aldenham Rd,
Radlett,
Elstree,
Hertfordshire,
WD6 3AJ

GCSEs - 11 A*-C

Maths, Statistics, Physics, Chemistry, Biology, ICT, German, DT (Resistant Materials), Geography, English & RS (Short Course),

GCSEs: September 2010 - June 2012

Skills

General Software, CI/CD & Tools

Operating Systems & Languages

Programming Languages, Frameworks & Tools

Web Programming Languages, Frameworks & Tools

Code Testing Tools

Database Languages & Tools

Interests

Skills & Interests - Computing

I am currently enrolled in different courses on Udacity, Udemy, Sololearn and a few IBM online courses (Quantum, Bitcoin and Security courses), which keep me engaged with my computing knowledge outside of work time. I also complete skill sets and learn new skills in security related specifics on TryHackMe. I also like to learn new programming languages on SoloLean ss I like to broaden my programming language knowledge and try to complete programming challenges on HackerRank and Euler's math problems in various languages.

During my studies at university I became fond of my unit 'System Security' where I was taught Ethical Hacking and Penetration Testing. I was taught to use Kali Linux and it's OS tools for ethical hacking whilst using the PTES standard (Penetration Testing Execution Standard). Alongside of that I learn to use NISTs NVD and OWASP top 10 vulnerabilities to find current exploits and ways of mitigation against these exploits. I had prior Python knowledge and expanded it with my learning of python exploitation and also memory exploitation in C/C++. Since then I have put myself out to broaden my knowledge in penetration testing by competing in things such as the UK Cyber Security challenge, Vulnhub challenges, HackTheBox challenges and am currently completing my OSCP Pen-Testing Testing Certification and will then complete my CREST Accreditation shortly after. I have also achieved two CompTIA Certifications in penetration testing and security to widen my knowledge.

Cyber Security Engineering/Ethical Hacking Workflow:

Threat Analysis - Current knowledge of ongoing/new threats, trends and solutions. With help of OWASP top 10, NIST's NVD, The CVD
Penetration Testing - Experience in testing Apps, Websites & Infrastructure
Security Testing Tools - Handson experience with use of tools in both Kali Linux and others such as Burp Suite, SQLMap, Metasploit, NMap
Virtual Machine use - VMWare/Virtual Box/Virtual Machine Manager
Offence vs. Defence (Internal), Penetration Testing Standard (External) & Red Team Hacking (External)

Skills & Interests - Sports

I like to keep in good condition and try to keep both my body and mind healthy by working out regularly. I enjoy playing squash and was in the school squash team, I have also participated in playing golf which I have done since I was young and have achieved many qualifications for my skills and knowledge. I have also played American Football for Portsmouth University and my experience as a player has taught me effective teamwork, communication skills and enhanced my drive to succeed. For the past two years, I have focused on self-defence sports to keep me fit and able to protect myself and others. In doing so I have achieved an orange belt in kickboxing and am trying to achieve a red belt further from that. I have also taken up Brazilian Jiu-Jitsu and have recently achieved a blue belt and am now striving for my purple belt.

Courses, Awards & Certifications

BSc (Hons) Software Engineering - University of Portsmouth
- First Year Units:
  - Introduction To Programming (INTPROG)
  - Introduction To Programming - Maths (MATHS)
  - Introduction To Database Design and Development (INDADD)
  - Network Fundamentals (NETFUN)
  - Web Foundation (WEBFUN)
  - Computer Architecture (CAR)
- Second Year Units:
  - Introduction To Software Engineering (INSE)
  - Advanced Programming Concepts (ADPROC)
  - Data Structures And Algorithms (DSALG)
  - Discrete And Functional Programming (MATHFUN)
  - Getting Usability Into Development Environments (GUDE)
  - Webscript Programming (WEBSCRP)
- Third Year Units:
  - Advanced Software Engineering (ASE)
  - Distributed Mobile Systems (DISMOB)
  - Security And Cryptography (SECRYPT)
  - System Security (SYSSEC) & Reliable And Secure Systems (RASS)
  - Dissertation: 'The HandyMan: A Bartenders Encyclopedia' (DISSO)
IBM

Sololearn
- HTML5 - Certificate
- CSS3 - Certificate
- JS (ES Next) - Certificate
- jQuery - Certificate
- Python Core - Certificate
- C++ - Certificate
- Java - Certificate
- Swift 4 - Certificate
- PHP - Certificate
- SQL - Certificate
- Ruby - Certificate
- C - Certificate
- C# - Certificate
- Angular/Nest.js Stack - Certificate
- React + Redux - Certificate
- Data Science - Certificate
- Go - Certificate
CompTIA
- PenTest+ - Achieved: 14th May 2022 (14/05/2022) - Certificate
- Security+ - Achieved: 26th June 2022 (26/06/2022) - Certificate