Curriculum Vitae of David Yates
(download PDF)

I am a versatile technical consultant with a wealth of experience in delivering security work for companies of all sizes. I have extensive experience in assessing the security of web applications, networks and cloud platforms. I’ve delivered high-level threat modelling and participated in large-scale red team exercises.

In addition to my technical skills, I am a capable writer for both specialised and general audiences. On an interpersonal level, I’m known for leading by example and being a patient mentor.

Experience


2020–
Senior Cyber Security Consultant at iosiro

My current role. I deliver technical security consulting for companies, particularly startups in the blockchain space.

2018–2020
Senior Information Security Consultant at F-Secure Consulting (formerly MWR InfoSecurity)

I delivered large-scale strategic cyber security projects and was responsible for quality and efficiency of work and deliverables across the South African consultancy team. I introduced a new reporting system that greatly increased the speed at which large reports were written.

2015–2018
Information Security Consultant at MWR InfoSecurity

I conducted client cyber security consulting engagements, from web application penetration tests to large adversary simulation projects.

2014
Computer Science 2 Tutor at Rhodes University

I tutored students during practical CS2 coursework.

2013–2014
Student IT Technician at Rhodes University

I provided technical support for student laptops.

Education


2014
BSc (Hons) Computer Science at Rhodes University

I completed a project about analysing internet background radiation and took courses in Artificial Intelligence, Distributed and Parallel Processing, Information Security, Image Processing, Mobile Development and Real-time Multimedia.

2011–2013
BSc (InfSys) at Rhodes University

I double majored in Computer Science and Information Systems, with additional courses in Mathematics, Economics, Management, Accounting and Electronics.

2006–2010
National Senior Certificate at St Dunstan’s College

My high school. In addition to standard school work, I took on Advanced Programme Mathematics and the English Olympiad.

Certifications

2016
OSCP (Licence OS-20891)

I completed the Penetration Testing with Kali Linux (PWK) course. This involved identifing vulnerabilities, exploiting and gaining access to systems, and performing privilege escalation across multiple operating systems.

Languages

  • English – native
  • Afrikaans – rudimentary

Programming

  • Ruby
  • Python
  • LaTeX
  • Lua
  • GML
  • JavaScript

Skills

  • Cyber security consulting
  • Penetration testing
  • Programming
  • Linux
  • Windows
  • Technical writing

Other activities & achievements

A few other things of interest that I’ve done.

HackFu

During my time at F-Secure Consulting/MWR InfoSecurity, I was instrumental in organising four HackFu events for our South African office. These were multi-day immersive hacking events, in which participants competed against each other to complete hacking challenges according to a storyline in a themed setting.

My part in organising these events involved coordinating challenges and challenge creators, coming up with themes and story-lines, and playing the role of a number of over-the-top characters, including a mad scientist and a dictator.

Our 2017 event received a writeup in htxt.

Projects

I have developed a number of games and game-adjacent things since I was in high-school, including a vulnerable VM that has been favourably compared to OSCP lab machines. I have also created and contributed to various open-source projects.

Skating

On weekends, I work as an instructor at Festival Mall Ice-Skating Academy, where I teach children and adults the basics of ice-skating.