marksowell - Overview
Hi! I'm Mark
I am an experienced penetration tester and application security leader specializing in offensive security, security consulting, presales, and application security strategy across the following areas:
- Web applications
- Mobile applications (Android & iOS)
- Desktop applications
- APIs, SDKs, and Web Services
- Cloud and SaaS platforms
- Microservices and containerized applications
- Serverless and distributed applications
- AI-enabled platforms, integrations, and emerging technologies
Over the years, I have led application security initiatives, offensive security programs, and large-scale security assessments to strengthen security posture and reduce organizational risk.
Experience:
- Strategic Leadership: Defining methodologies, creating tooling and workflows, and establishing best practices across offensive security and application security programs.
- Security Consulting & Advisory: Principal-level application security leader and trusted advisor across web, mobile, cloud, API, AI, and enterprise security initiatives.
- Presales & Customer Engagement: Supporting engagements from discovery and scoping through technical strategy, executive communication, delivery, and long-term customer success.
- Team Leadership & Mentorship: Leading and mentoring penetration testers and security consultants through hiring, onboarding, escalations, technical enablement, and quality assurance across distributed teams.
- Application & Platform Security: Assessing APIs, OAuth integrations, SaaS platforms, cloud-native applications, AI-enabled workflows, and distributed architectures.
- AI & Emerging Technologies: Evaluating AI-enabled applications and integrations while helping organizations understand emerging attack surfaces and security risks.
- Comprehensive Security Assessments: Leading external, internal, application, cloud, red team, and physical security assessments including attack path analysis, remediation guidance, and executive reporting.
- Cross-Functional Collaboration: Partnering with engineering, product, architecture, operations, and security teams to improve remediation efforts and secure development practices across complex environments.
I focus on combining deep technical expertise with leadership to help organizations build scalable and effective security programs.
Here are some stats about the languages I use in my repositories:
Connect with me
Research platforms
Certifications
Bookshelf
