Skip to main content

New Chapter: Advisory Red Co-op at Security Risk Advisors

This summer I started as an Advisory Red Co-op with Security Risk Advisors (SRA) in Philadelphia — my first role fully on the offensive side in industry.

I’m on SRA’s Advisory Red team contributing to penetration testing, web and application security assessments, and other red team engagements alongside people who do this for a living every day. It’s a different pace than a CCDC weekend or a CPTC report deadline — the scope is bigger, the clients are real, and the stakes for getting a finding right (and explaining it clearly) are higher. So far that’s exactly the adjustment I was hoping for.

This is running alongside my ongoing DevSecOps work at Penn State’s Applied Research Laboratory, where I’ve spent the last year and a half helping build secure, automated infrastructure for HPC environments. Between the two, I’m getting to see security from the build-it-securely side and the break-it side in the same year, which has already made me better at both.

Grateful to everyone who helped get me here, and looking forward to spending the summer in Philly building on everything CCSO has taught me. More updates as the season continues.