Between 2008 and 2012, I worked for Context Information Security‘s London office as a Security Consultant, conducting web application and external infrastructure penetration testing for a wide range of banks and commercial organisations. While there I gained experience in a number of other areas including auditing (e.g. BACS), internal infrastructure penetration testing and host reviews. I also lead development of Context’s web service testing methodology and developed tools for conducting cryptographic attacks against web applications. In April 2010, I returned to Melbourne, becoming the first member of Context’s growing Australian presence. I finished my time at Context with a 18 month secondment into the penetration testing team of a major Australian bank.