Nick Jones
Cloud Security Specialist · Global Head of Research @ Reversec · Copenhagen, Denmark
At Reversec
- Lead Reversec's security researchOwning our conference talks, blog posts and open source tools.
- Drive Reversec's AI adoptionLeading adoption to support both consultancy delivery and internal business and process improvements.
- Deliver offensive security assessmentsFocusing on on fast moving, cloud-native, devops-enabled environments.
- Previous Experience
- Led Reversec's cloud security consulting team for 5 years, tripling revenue in the process.
- Designed and led an internship program for 3 years, which won the UK's Princess Royal Training Awards (as MWR Infosecurity)
In The Community
- Content lead for fwd:cloudsec EuropeRunninig the call for papers and manage the selection process, support the rest of the organising committee in delivering a high-quality event.
- Review board member for fwd:cloudsec USReviewing submissions, supporting the talk selection process.
- fwd:cloudsec speaker mentoring program leaderDelivering private speaker coaching and talk development sessions to accepted speakers at both events.
- fwd:cloudsec Technical Oversight Committee memberOverseeing open source projects under the fwd:cloudsec umbrella, including Granted.
- AWS Community Builder since 2020.
What I do
Research & Offensive Security
Offensive security testing in cloud-native environments, attack simulation, and advancing the state of the art in cloud offense and defense.
Conference Speaking
Presenting at conferences including RSA, DEF CON Cloud Village, fwd:cloudsec, Disobey, Blue Team Con, and AWS Community Days around the world.
Open Source Tooling
Building tools like Leonidas — a framework for automating the simulation of cloud attacker TTPs — to enable organisations to better develop their cloud security capabilities.
Writing & Education
Writing about cloud security strategy, penetration testing programmes, and how to break into the field, to help the community level up.
Recent writing
All posts →-
A Consultant's Opinionated Notes on Traveling
In my decade as a consultant, I've done my fair share of local and international travel. This post sums up many of the things I've learned the hard way over the years.
-
I Reviewed 500+ fwd:cloudsec Submissions, These Are My Key Takeaways
As a reviewer for both fwd:cloudsec events, I get to see a wide range of conference submissions every year. These are my key takeaways from reviewing 500+ submissions.
-
On AWS Penetration Testing
This post covers what the point of a penetration test against an AWS workload is, what a penetration testing program should look like, and how to make it a success.