.jpg)
Senior Penetration Tester
Sam is a security-focused engineer and consultant with a hacker mindset, shaped by a lifelong curiosity for systems, problem-solving, and adversarial thinking. With over 16 years in the industry — and 21 years exploring technology as a hobbyist — he has worked across technical support, operational leadership, cyber security consulting, and penetration testing, helping organisations strengthen their security posture, establish attack surface management programmes, and building high-performing penetration testing teams.
At the day job, Sam is a Senior Penetration Tester managing internal and external testing for a large, well-known security based organisation, while also acting as an SME to the wider security team, running internal tabletops and engineering of penetration testing tooling. He focuses on strengthening the organisations’ defensive capabilities while helping bridge the gap between an increasingly complex security landscape and practical understanding — making security, its importance, and its necessity more accessible to people.
Sam’s knowledge and understanding of IT and security developed from an early age, shaped by a curiosity about how systems function and how they can be both exploited and protected. During his school and college years, he spent significant time exploring system architecture, security concepts, and practical attack and defence techniques, often through hands-on experimentation and study of real-world scenarios.
He developed a strong interest in the history and culture of cybersecurity, drawing inspiration from early hacking communities such as those associated with MIT, the Legion of Doom (LoD), Cult of the Dead Cow, and the pioneering phone phreakers. This early exposure helped solidify his enduring passion for information security and ethical system testing.
Although Sam does not heavily rely on traditional industry certifications, his expertise is largely self-directed and driven by sustained personal interest in ethical hacking and security research. Over the years, he has completed numerous courses covering web application penetration testing, Active Directory and Azure security and red teaming, and he also holds certifications in several well-known vendor technologies. More recently, he has undertaken JHaddix’s Attacking AI course and is currently working towards the Certified Red Team Operator (CRTO) certification.
.jpg)
Sam's Cyber exploration doesn't just stay in work, for many years he has been present around several of the UK Bsides Conferences and participated in CTF's with his team "Netflux & Chill".
Making acquaintances in the community is one of the best things you can do in Cyber Security. Not only can you meet like-minded individuals that share the same passion, it can accelerate your career by learning from others, or, meeting owners that may be willing to offer you a role. This is actually how Sam landed his current role, starting with consulting for the organisation for two years, before taking a full time role as their lead tester.
When he’s not buried in Burp, a terminal, or deep in security work, Sam likes to switch things up by spending time with his family, volunteering as a marshal for the UK Drift League (often looking like a high-vis traffic cone while keeping drivers and the track safe), and getting out on the track to drift himself. Having that kind of outlet is a great way to step away from the endless packets that come with working in cyber security.