IT Security Services

I'm looking for new challenges in information security both permanent and project based.

Understanding of both the attack (red team) and defense (blue team) aspects of ICT security. Wide experience in red team (penetration testing and remote real-life attack simulation) and blue team (cyber threat hunting and DFIRdigital forensics and incident response) with background in Linux administration.

Work experience:

  • 05.2016 - 03.2017 – Senior Cyber Security Consultant, Deloitte
    • Web application penetration testing (OWASP methodology)
    • Red Team Deloitte
    • Digital forensics and incident response (DFIR)
  • 11.2014 - 12.2015 – Penetration Testing Specialist, Royal Bank of Scotland
    • Web application penetration testing (OWASP methodology)
    • Infrastructure penetration testing (PTES methodology)
  • 04.2013 - 10.2014 – IT Security Specialist, ComCERT
    • Computer Security Incident Response Team (CSIRT)
    • Threat hunting i.a. Cyber Threat Intelligence (CTI)
    • Author of an automatic threat intelligence system i.a. underground monitoring
    • Digital forensics and incident response (DFIR)
  • 02.2012 - 01.2013 – Computer Forensics Specialist, ProCertiv
    • Digital forensics and incident response (DFIR)
    • IT Expert Witness
  • 05.2011 - 09.2011 – First Line System Administrator,
    • Linux systems administration (top 200 global in 2011)

I meet the requirements for Threat Hunter (Tier 3, Security Expert).

CV available upon request (

Career Profile

Adam has been in the IT security field for over a dozen years, both working in IT related positions and extending his knowledge and experience as part of his after-work activities. Currently working as an IT security freelancer with services such as penetration testing, red teaming, cyber threat hunting i.a. intelligence (CTI), computer forensics and incident response (DFIR).

During his infosec career he made expert opinions for law enforcement and justice authorities, worked as an ICT security specialist at a CSIRT (aka CERT) team where he actively tracked cybercrime activity focusing on preventing attacks on government and critical infrastructure, and moreover, worked as a full time penetration tester for one of the world's largest banking groups, as well as performed penetration tests for other financial institutions (i.a. international banks, payment card issuer) and well known e-commerce companies.

Adam co-authored training materials for CERT teams in cooperation with European Network and Information Security Agency (ENISA) i.a. “Digital forensics” (Sep 2013; task 1-2) and “Identifying and handling cybercrime traces” (Sep 2013; task 1-2, appendix 1-3). He also took part in Cyber Europe 2014 exercise (in which over 100 teams from all around Europe participated), where his team scored first place.

He is a frequent speaker (every year since 2014) at international scientific conference on “Technical aspects of ICT crime” (TAPT) organized by Police Academy in Szczytno, as well as an IT Expert Witness (court expert) in the field of computer science at the District Court in Warsaw, with emphasis on general computer forensics, forensic analysis on Linux, hacking and cybercrime.

After work Adam is a successful bug hunter, who received acknowledgment and thanks from dozens of institutions and companies all around the world, i.a. and not only such as Adobe (2014), Apple (2012), BlackBerry (2013), Deutsche Telekom, eBay, Github, Harvard University (i.a. SSRF 0day in GeoNode), HBO, Heroku, LastPass, MyBB (CVE-2015-2149), Netflix (2013), Nokia (2013), OTRS (CVE-2014-1695 PoC, CVE-2014-2554), Prezi, Reddit, SoundCloud, VMware, Yahoo, Yandex (2013), as well as the Polish ones – Onet, Interia, Wirtualna Polska, Empik, Gadu-Gadu, Nasza-Klasa, and much more. [bug bounty URLs accessed 13 Aug 2016]

beyondsecurity-com.jpg bluebox-com.jpg freelancer-com.jpg harvard-edu.jpg helion-pl_2.jpg helion-pl.jpg ifixit-com.jpg mailchimp-com.jpg ncsc-nl.jpg pagerduty-com.jpg paymill-com.jpg risk-io.jpg schubergphilis-com.jpg soundcloud-com.jpg wp-pl_2.jpg wp-pl.jpg zendesk-com.jpg

He also holds several certificates of practical knowledge in ethical hacking such as Offensive Security Certified Professional (OSCP, May 2015), Offensive Security Wireless Professional (OSWP, Feb 2016), eLearnSecurity Web application Penetration Tester (eWPT, Jan 2016) and practical knowledge in computer forensics such as X-Ways Forensics (Mar 2012).

Adam is a member of MMD non-profit association of security professionals.

His experience and knowledge grants him an excellent understanding of both the attacking and defending sides of ICT security.