I am looking for an Application Security analyst role
Qwesi Vybez
@romeoyeboah
Certified Ethical Hacker (CEH) and Practical Web Pentesting Professional with hands-on penetration testing experience across web applications
What I'm looking for
Certified Ethical Hacker (CEH) and Practical Web Pentesting Professional with hands-on penetration testing experience across web applications, RESTful APIs, and authentication systems. Expert in manually identifying and exploiting high-impact vulnerabilities, including SQL Injection, Cross-Site Scripting (XSS), IDOR/BOLA, Mass Assignment privilege escalation, NoSQL Injection, Race Conditions, and authentication bypass without reliance on automated tools. Proficient in Burp Suite, OWASP ZAP, Nmap, SQLMap, and Invicti. Strong written and oral communication skills; experienced in translating complex technical findings into clear, risk-rated penetration testing reports with PoC evidence, OWASP Top 10 mapping, and developer-focused remediation guidance. Actively researching offensive security and adversarial attack chains against enterprise-grade application architectures
Experience
Work history, roles, and key accomplishments
Application Security Researcher
Independent / TCM Security PWPP
Jan 2025 - Present (1 year 6 months)
Conducted end-to-end manual penetration testing across web applications and APIs, including reconnaissance through post-exploitation reporting aligned to OWASP Top 10 standards. Identified and demonstrated high-impact vulnerabilities such as SQL injection, XSS, IDOR/BOLA, mass assignment privilege escalation, race conditions, NoSQL injection, and authentication bypass.
Conduct end-to-end penetration testing engagements in enterprise-simulation environments, mirroring real-world attack scenarios against web applications and APIs.
• Manually executed SQL Injection and Cross-Site Scripting (XSS) attacks without tool assistance, demonstrating ability to simulate attacks as required in manual ethical hacking assessments.
• Performed full penetration testing lifecyc
Manage logistics for the prospective students program, including enrollment, scheduling, and resource allocation.
Troubleshoot and resolve technical issues faced by students in their lab and during Classes
Application Security Support
Educ8Africa Ghana
Feb 2023 - Present (3 years 5 months)
Supported cybersecurity training environments and lab-based ethical hacking cohorts. Contributed to hands-on lab troubleshooting and operational readiness of security training programs.
• Supported cybersecurity training environments and lab-based ethical hacking cohorts. • Contributed to foundational cybersecurity education, hands-on lab troubleshooting, and operational readiness of security training programs.
• Delivered cybersecurity awareness training on phishing, password security, social engineering, and cyber hygiene to students and staff.
• Translated technical security risks (authentication threats, social engineering) into practical, real-world safety guidance for non-technical audiences, mirroring the SME knowledge-sharing responsibilities of an ethical hacker role.
Web Application Penetration Testing
PWPP – TCM Security Framework
Jan 2025 - Jan 2026 (1 year)
Performed full penetration testing on a structured web application environment, identifying vulnerabilities including authentication bypass, mass assignment privilege escalation, IDOR, race condition exploitation, and NoSQL injection. Produced a report with exploitation evidence, risk ratings, and remediation strategy.
Secure API Development (ASP.NET Core)
Independent Project
Jan 2024 - Jan 2025 (1 year)
Built RESTful APIs with authentication, role-based access control (RBAC), and secure data handling. Implemented a secure voting system enforcing transactional integrity and developed an AI-based job recommendation backend with secure authentication layers.
Cyber Safety Educator
Nkrankwanta Senior High School
Jan 2026 - Present (6 months)
Delivered cybersecurity awareness training for students and staff, focusing on practical guidance for phishing, password security, social engineering, and cyber hygiene.
Education
Degrees, certifications, and relevant coursework
Palm University College
Bachelor of Science, Computer Science
2023 -
Pursuing a BSc in Computer Science at Palm University College (Jul 2023–Jul 2027).
Availability
Location
Authorized to work in
Portfolio
medium.com/@yeboahromeo44Salary expectations
Social media
Job categories
Skills
Interested in hiring Qwesi?
You can contact Qwesi and 90k+ other talented remote workers on Himalayas.
Message QwesiGet matched with your dream remote job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
