Péter Veres - Cyber Security Consultant, Freelance

Feedback from Péter’s ex-colleagues

Let me see

Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app

Work Background

Self-employedPenetration Tester

Jun. 2024Hungary · Hybrid

DeloitteSenior Specialist Lead

Sep. 2022 - May. 2024Budapest, HungaryI was promoted to Senior Specialist Lead to focus on Red Team and its services. Thus my project delivery capabilities are lowered. I’m actively participating in project delivery as a supervisor to ensure the project’s technical quality and share my experiences. I’m leading two teams now, the ICS/OT Penetration Testing team and Red Team teams. • Building and designing our C2 infrastructure, where the redirectors are hosted on cloud instances, and we are using our internal infrastructure over a site2site VPN tunnel to store confidential data on a per-project basis. • Based on my guidance, my team created a Threat Hunting Lab in our internal infrastructure, which we can use to develop our knowledge about the defence side and improve our red team skills to stay under the radar during engagements. • I’m working on integrating our member firms to build a Red Team in Central Europe. • We are working on internal tool developments for Red Team projects, e.g. internal development of Stage 1 tool for reliable operation during our engagements

DeloitteSpecialist Lead

Sep. 2018 - Aug. 2022Budapest, HungaryIn 2018, I was promoted to Manager and started building an ICS/OT penetration testing team. As a team leader, I primarily focused on the project’s technical quality and knowledge sharing with my team. A bit later, I switched to the Specialist Lead pathway, which emphasised the technical part of our services and the technical leading of my team. • I started building a new team and knowledge for Red Teaming and Purple Teaming services. • I’m the team leader of the ICS/OT Penetration Testing staff and Red Team. • I’m working on the technical part of our services and participating in technical delivery as I did earlier.

DeloitteSenior Consultant

Apr. 2015 - Sep. 2018Budapest, HungaryI joined Deloitte as a senior consultant in 2015. Deloitte was one of the leading consulting companies in cyber security. They had a big team of penetration testers, and I was curious about what can I learn at a consulting company. According to my position, I was responsible for technical leading the penetration testing projects and teaching the junior colleagues during the ongoing projects. We provide penetration testing services to clients all around the world. • I performed remote penetration testing of web applications and on-site testing of internally hosted web applications. • I performed binary application-level penetration tests of managed (e.g. C#, VB) and unmanaged applications (e.g. C/C++). • I participated in and performed hardware-level penetration tests of embedded/IoT/automotive devices, including reverse engineering device firmware and firmware extraction from hardware components. • I performed internal and external infrastructure-level penetration testing for, e.g. financial clients to retain their PCI-DSS certificate. • I performed penetration tests on critical infrastructures, like car and food manufacturing, chemical, energy, and oil and gas industries. To test their SCADA/DCS network and production lines. • I participated in incident handling, forensics, and malware analysis projects.

Arkon Zrt.IT Security Engineer

Jan. 2014 - Apr. 2015Budapest, HungaryI was the first member of the internal blue team at Arkon. Therefore, my primary objective was to evaluate the security posture of the external perimeter. The secondary goal was to create an internal intrusion detection system. At the same time, I can test it by performing penetration tests on the external network and applications.

Docler Holding BudapestSenior IT Security Engineer

Nov. 2008 - Jan. 2014Budapest, HungaryI joined the internal blue team of the company as a full-time job. At the time, the company was the first in online video streaming worldwide. My primary objective was performing continuous penetration testing of the entire company network infrastructure, internally developed web applications, and using third party technologies. • I participated in internal and external infrastructure-level penetration testing of our credit card data processing companies for obtaining and retaining the PCI-DSS certification. I was honoured by the company two times for gaining and holding the PCI-DSS certificate. • I performed several research activities (e.g. fuzz testing) against the used technologies (e.g. PHP language, streaming solutions) to identify 0-day vulnerabilities. • I participated in the designing and implementing robust 10Gbit/s Intrusion Detection and Prevention Systems (IDS/IPS) and firewall (including WAF) solutions based on open source tools. • I participated in the investigation of potential internal security incidents. • I did internal training to raise the security awareness of the employees. • I participated in designing a secure and well-segregated company network infrastructure.