Jason Ross

Information Security, Computer & Network Security

I'm Jason Ross, a senior cyber security consultant with over 15 years experience performing penetration testing and incident response.

Jason Ross's Bio:

Jason Ross is a Senior Consultant with NCC Group, a global information assurance specialist providing organizations with expert security consulting services. He has performed security research in web application security, mobile device & application security, and malware analysis. Jason is FEDRAMP certified, and leads the penetration testing activities of the NCC Group 3PAO service offering. Jason has given talks at many national and regional industry conferences, including Blackhat DC, BSides Las Vegas, DerbyCon, and DEF CON Skytalks. Most recently, he's presented on ways to merge security into devops processes. He has also developed and delivered training classes on topics such as advanced mobile penetration testing, Android forensics techniques, and enterprise malware analysis. He is currently focused on research around hacking Internet of Things and embedded devices.

Jason Ross's Experience:

  • Senior Consultant at NCC Group

    - Develop and lead the penetration testing team for the NCC Group FedRAMP practice. - Act as technical lead on multi-consultant engagements, managing project flow, work allocation, and client satisfaction. - Mentor other consultants in areas of skills expertise. - Work with sales team during the sales process, providing technical scoping requirement for upcoming projects. - Meet with prospective clients in a pre-sales capacity to explain service offerings and provide technical insight into testing methodologies. - Perform research on new security attack and defense methods. Participate in and present at security industry working groups, conferences, and organizations. - Perform penetration testing and security assessments of mobile applications and devices, web applications, and networks.

  • Senior Consultant at Intrepidus Group

    - Perform research on new security attack and defense methods. Participate in and present at security industry working groups, conferences, and organizations. - Perform penetration testing and security assessments of mobile applications and devices, web applications, and networks.

  • Senior Consultant at BT / INS

    - Performed web application, wireless, and internal/external network penetration testing. Document discovered vulnerabilities, categorize risk, and provide reproduction steps to clients. - Assessed network and host device configurations and policies to discover weak security settings. - Provided security guidance and strategies to client system architects and application developers.

Jason Ross's Education:

  • Finger Lakes Technical and Career Center

    2 year vocational degree
    Concentration: Graphic Arts

Jason Ross's Interests & Activities:

Hacking, IoT, Internet of Things, Mobile Security, Android security, Web App Penetration Test, Red Team, Cyber Security, Information Security, Purple Team, Computer Security, Rugged Devops, DevOpsSec, Adversary Emulation, Threat Emulation