Dr. Pamela O’Shea is an experienced penetration tester and security consultant with a software engineering and professional research background. Her area of expertise is in penetration testing (web, mobile and network) with a strong passion for addressing the root causes of security issues.
Pamela received her Ph.D. in Computer Science from the University of Limerick, Ireland in 2006 and her Bachelors in Telecommunications in 2002.
Pamela has previously worked for Accenture, Deloitte, Securus Global, BAE Systems and SEEK. After transitioning from software engineering and research roles, Pamela has worked as a security consultant for eleven years. Nine of which have been as a full-time penetration tester for some of Australia’s largest companies across the financial, government, media, resources and telecommunications sectors.
In addition to her work, Pamela is actively involved in the technical security community with some of her activities including:
- Review board member for Black Hat USA
- Review board member for Black Hat Asia
- Review board member for BSides Canberra
- Review board member for BSides Singapore
- Speaker coach for Black Hat USA, Black Hat Asia, and Black Hat Europe
- Programme chair for the OWASP Melbourne conference
- University lecturer for the RMIT master’s in cyber security (practical ethical hacking module – INTE2102)
- Conference trainer for conferences such as OWASP Melbourne and 0xCC
- Conference speaker and workshop presenter at security conferences including: Black Hat Asia, BSides Canberra, Ruxcon, OWASP AppSecDay and Platypuscon
- Founder of Cyberspectrum Melbourne, a meetup with a focus on software defined radio (SDR) and security of the airwaves
- Founder of haXX, a group dedicated to teaching technical security testing skills to women who wish to break into the security field covering penetration testing, network forensics, reverse engineering and Python
- Pamela has also been featured in the Sydney Morning Herald and The Age newspapers for careers in cyber security, as well as being interviewed on the Risky Business security podcast on web application security