Devin McDonald
Cyber Risk Advisor
{
"name": "Devin McDonald",
"occupation": "Cyber Risk Advisor",
"hobbies": ["Lego", "Gaming", "Homelabbing"]
}
My Journey in Cybersecurity
Sir Sandford Fleming College
Computer Security and Investigations | Advanced Diploma
Analyst & Crime Analyst
V13 PoliceTech Accelerator & Cobourg Police Service
The Computer Security and Investigations (CSI) program provides students with the necessary knowledge and practical skills to land a job in the Cybersecurity field. Students complete over 250 labs which test their knowledge on content covered. List of covered subject matter:
Advanced Ethical Hacking
Incident Response
Vulnerability, Threat and Risk Analysis
Information Security
Advanced Computer Forensics
Internet and Hacking
Open Source Intelligence
The CSI program also provides the opportunity for students to complete a 350 hour placement which reinforces their knowledge in a practical way.
V13 Police Tech Accelerator (Analyst Intern): I analyzed piloted product data, provided feedback for design and market fit, and created reports, graphics, and logos for branding. I also organized events like workshops and the Pitch to the Chief™ competition and wrote press releases to showcase successes. Additionally, I scouted new technologies to enhance pilot programs.
Cobourg Police Service (Crime Analyst Intern): I analyzed over 100 hours of CCTV footage to support investigations, compiled crime statistics reports, and helped inventory new CCTV equipment, all while working alongside the V13 Policetech Accelerator.
After my successful internship working on the Policetech Accelerator program at NCFDC, I was recruited by the Chief Information Security Officer (CISO) and Strategic Project Manager to assist with the organization's certification process. My role involved a comprehensive set of responsibilities aimed at enhancing NCFDC's security posture and achieving certifications. In this capacity, I assisted the CISO with the implementation of multi-factor authentication (MFA) systems, specifically deploying Cisco Duo to ensure robust security for user access. I also played a key role in developing and refining password policies and guidelines to align with best practices and compliance requirements.
Cybersecurity Intern
Northumberland Community Futures Development Corporation
Cyber Threat Intelligence Consultant Co-op
KPMG LLP (Canada)
Cyber Risk Adviser with a focus in vulnerability and exposure management. Helping clients identify risks, keep threat actors away, and secure their operations.
In May, I joined KPMG’s Cyber Threat Intelligence (CTI) team full-time and was also recruited by the MDR service director to work as a SOC analyst for various clients. I investigated, drafted, and sent over 600 alerts based on intelligence collection plans and became the primary contact for incident response and purple teaming exercises. I compiled attack statistics and mapped threats across industries, highlighting common TTPs. My technical skills made me the lead consultant for tool configuration, troubleshooting, and implementation within the CTI program. Additionally, I contributed research to the KPMG Cyber Incidents and Intelligence: 2023 report.
For the KPMG SOC, I assisted an average of 3 days a week, handling incidents of all severities, documenting processes, building SOPs, running client meetings, and training L1 analysts. I managed and triaged over 700 alerts detected by security tools.
Cyber Threat Intelligence Consultant & SOC Analyst (Level 2)
KPMG LLP (Canada)
Vulnerability Management Specialist
LastPass
Worked on the Security Posture and Attack Surface Engineering & Research (SPASER) team at LastPass as a Vulnerability Management Specialist where identified and assessed vulnerabilities that may affect the operations of LastPass or their customers. The SPASER vulnerability management team also ensures treatment of identified and assessed vulnerabilities. During my time at LastPass I led projects to drive further automation into the VM program as well as increasing threat intelligence used during assessments. Achieved sustained vulnerability management effectiveness exceeding 99.8% and improved cloud security posture to a 100% score.
Cyber Risk Advisor
Sophos
My co-op at KPMG let me experience working on a team of consultants who specialized in Cyber Threat Intelligence (CTI), in my four (4) months in this position I was able to learn and eventually take over the alert reporting process for all CTI clients. With the technical background I gained throughout my education I quickly became the point of contact for all team members when it came to setting up, maintaining, or troubleshooting intelligence tools. My presentation skills allowed my to also be a primary CTI consultant for incident response engagements, explaining relevant intelligence relating to incidents to stakeholders. Finally, I gathered research which would be showcased in the KPMG Cyber Incidents and Intelligence: 2022 report.
What is in my digital toolbox?
Take a look at my skills/expertise as well as tooling I am experienced in
Elastic
Recorded Future
MS Defender
Threat Intelligence
SentinelOne
Azure
Azure Sentinel
Python
Wireshark
SNORT
Windows
Linux
Qualys
Nessus
NMAP
Volatility
Surricada
PowerShell
PERL
WIZ
With the goal of identifying how to set realistic remediation targets in Vulnerability Management, Balint and I enriched the CISA KEV catalog and analyzed the result in PowerBI.
A Python script which scrapes NVD via their API and saves all CVEs posted within the specified time-frame, check the EPSS if available and sorts in a .csv file.
In 2022 I participated in the PicoCTF event, developing write-ups for each of the challenges I solved.
Coming soon...
Check back soon to see what I have been working on!
Projects
What side quests have I been on recently?
Lets Talk!
Feel free to send me a message with any questions or comments. Always happy to discuss my journey into Cybersecurity.