Skills
About me
Contact

Devin McDonald

Projects

{

"name": "Devin McDonald",

"occupation": "Vulnerability Management Specialist",

"hobbies": ["Lego", "Gaming", "Pet-care"]

}

My Journey to Cyber

Sir Sandford Fleming College

Computer Security and Investigations | Advanced Diploma

Analyst & Crime Analyst

V13 PoliceTech Accelerator & Cobourg Police Service

About me

  • The Computer Security and Investigations (CSI) program provides students with the necessary knowledge and practical skills to land a job in the Cybersecurity field. Students complete over 250 labs which test their knowledge on content covered. List of covered subject matter:

    • Advanced Ethical Hacking

    • Incident Response

    • Vulnerability, Threat and Risk Analysis

    • Information Security

    • Advanced Computer Forensics

    • Internet and Hacking

    • Open Source Intelligence

  • The CSI program also provides the opportunity for students to complete a 350 hour placement which reinforces their knowledge in a practical way.

  • V13 Police Tech Accelerator (Analyst Intern): I analyzed piloted product data, provided feedback for design and market fit, and created reports, graphics, and logos for branding. I also organized events like workshops and the Pitch to the Chief™ competition and wrote press releases to showcase successes. Additionally, I scouted new technologies to enhance pilot programs.

    Cobourg Police Service (Crime Analyst Intern): I analyzed over 100 hours of CCTV footage to support investigations, compiled crime statistics reports, and helped inventory new CCTV equipment, all while working alongside the V13 Policetech Accelerator.

  • After my successful internship working on the Policetech Accelerator program at NCFDC, I was recruited by the Chief Information Security Officer (CISO) and Strategic Project Manager to assist with the organization's certification process. My role involved a comprehensive set of responsibilities aimed at enhancing NCFDC's security posture and achieving certifications. In this capacity, I assisted the CISO with the implementation of multi-factor authentication (MFA) systems, specifically deploying Cisco Duo to ensure robust security for user access. I also played a key role in developing and refining password policies and guidelines to align with best practices and compliance requirements.

Cybersecurity Intern

Northumberland Community Futures Development Corporation

Cyber Threat Intelligence Consultant Co-op

KPMG LLP (Canada)

  • My co-op at KPMG let me experience working on a team of consultants who specialized in Cyber Threat Intelligence (CTI), in my four (4) months in this position I was able to learn and eventually take over the alert reporting process for all CTI clients. With the technical background I gained throughout my education I quickly became the point of contact for all team members when it came to setting up, maintaining, or troubleshooting intelligence tools. My presentation skills allowed my to also be a primary CTI consultant for incident response engagements, explaining relevant intelligence relating to incidents to stakeholders. Finally, I gathered research which would be showcased in the KPMG Cyber Incidents and Intelligence: 2022 report.

  • In May, I joined KPMG’s Cyber Threat Intelligence (CTI) team full-time and was also recruited by the MDR service director to work as a SOC analyst for various clients. I investigated, drafted, and sent over 600 alerts based on intelligence collection plans and became the primary contact for incident response and purple teaming exercises. I compiled attack statistics and mapped threats across industries, highlighting common TTPs. My technical skills made me the lead consultant for tool configuration, troubleshooting, and implementation within the CTI program. Additionally, I contributed research to the KPMG Cyber Incidents and Intelligence: 2023 report.

    For the KPMG SOC, I assisted an average of 3 days a week, handling incidents of all severities, documenting processes, building SOPs, running client meetings, and training L1 analysts. I managed and triaged over 700 alerts detected by security tools.

Cyber Threat Intelligence Consultant & SOC Analyst (Level 2)

KPMG LLP (Canada)

Vulnerability Management Specialist

LastPass

  • Working on the Security Posture and Attack Surface Engineering & Research (SPASER) team at LastPass as a Vulnerability Management Specialist where I identify and assess vulnerabilities that may affect the operations of LastPass or their customers. The SPASER vulnerability management team also ensures treatment of identified and assessed vulnerabilities.

About Me

From a young age, I was drawn to the idea of helping others and found a deep-seated fascination with technology. This unique blend of interests led me to a fulfilling career in cybersecurity, where I can combine my passion for technology with my desire to make a difference. My journey began at Sir Sanford Fleming College in Peterborough, Ontario, where I pursued an advanced diploma in Computer Security and Investigations (CSI). I excelled academically, consistently making the Dean’s List and graduating with a strong foundation in cybersecurity principles and practices.

During my final year, I undertook a work placement at KPMG Canada, where I joined their Cyber Threat Intelligence (CTI) team. My role quickly evolved, and I became the main point of contact for technical elements such as tool testing, configuration, setup, data analysis, and attack mapping. This experience was pivotal, leading to a full-time position upon graduation. In addition to my responsibilities on the CTI team, I was also brought on part-time as an L1 SOC analyst, focusing on alert triaging and escalation. Balancing both roles, I managed the demands of the CTI team while concurrently handling SOC duties.

My commitment and skills in both areas led to a promotion to L2 SOC analyst, where I took on additional responsibilities, including training L1 analysts, creating process documentation, and leading workshops for stakeholders. I continued to contribute to the CTI team, managing client communications, alert reporting, and conducting technical research. This dual role allowed me to develop a broad range of skills and gain valuable experience across both the CTI and SOC functions simultaneously.

Currently, I am in a new role as a Vulnerability Management Specialist on the SPASER team at LastPass. This position allows me to leverage my experience and skills in a new context, contributing to the security of the organization in relation to their vulnerability landscape and corresponding attack surface.

My professional journey is showcased on my website, which serves as a digital business card where visitors can explore my career path, experiences, and projects.

What is in my digital toolbox?

Take a look at my skills/expertise as well as tooling I am experienced in

Elastic
Recorded Future
MS Defender
Threat Intelligence
SentinelOne
Azure
Azure Sentinel
Python
Wireshark
SNORT
Windows
Linux
Qualys
Nessus
NMAP
Volatility
Surricada
PowerShell
PERL

Skills

WIZ
CISA KEV Analysis

With the goal of identifying how to set realistic remediation targets in Vulnerability Management, Balint and I enriched the CISA KEV catalog and analyzed the result in PowerBI.

CVE-Alerts.py

A Python script which scrapes NVD via their API and saves all CVEs posted within the specified time-frame, check the EPSS if available and sorts in a .csv file.

a black and white photo of a sign that says coming soon
a black and white photo of a sign that says coming soon
CTP Write-ups

In 2022 I participated in the PicoCTF event, developing write-ups for each of the challenges I solved.

Coming soon...

Check back soon to see what I have been working on!

Projects

Lets Talk!

Feel free to send me a message with any questions or comments. Always happy to discuss my journey into Cybersecurity.