EXPERIENCE
Kim DeSimone joined TrustedSec in 2017 as an Employee Specialist after having worked with several TrustedSec employees at the DerbyCon conference. Prior to that, she worked as an oncology nurse in several areas, from inpatient care to clinical trials to infusion services, over the span of a decade. Kim has always had a passion for serving and helping others.
During her time at TrustedSec, Kim has helped hire and welcome over 120 employees and worked earnestly to represent TrustedSec’s culture while providing top-notch HR services, including benefits negotiation and administration, payroll coordination and administration, vendor contract negotiation, workforce improvements, talent management, employee engagement management, records management, organizational development, and conflict resolution.
EDUCATION & CERTIFICATIONS
- Society for Human Resource Management Certified Professional (SHRM-CP)
- Registered Nurse, State of Ohio
- Associate of Applied Science in Nursing, Cuyahoga Community College
PROFESIONAL AFFILIATIONS
- SHRM National Level and Akron Branch
- Gallagher Women’s Networking Group
INDUSTRY CONTRIBUTIONS
DerbyCon Organizer and Volunteer
PASSION FOR SECURITY
During her years organizing training for DerbyCon, Kim witnessed firsthand the importance and value of helping the security industry learn, develop, and grow to better serve clients, educate peers, and improve the industry as a whole. This passion is echoed through TrustedSec in many areas, from our mission, values, and vision to our culture and collaborative working environment.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
The Triforce of Initial Access
LootWhile Red Teamers love to discuss and almost poetically describe their C2 feature sets, EDR evasion capabilities, and fast weaponizing of N-day exploits,…
JS-Tap: Weaponizing JavaScript for Red Teams
How do you use malicious JavaScript to attack an application you know nothing about?Application penetration testers often create custom weaponized JavaScript…
A Hitch-hacker's Guide to DACL-Based Detections (Part 3)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionIn this third and final…
A Hitch-hacker's Guide to DACL-Based Detections (Part 2)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionThis is a continuation of A…
A Hitch-hacker's Guide to DACL-Based Detections (Part 1B)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionIn this continuation to our first…
A Hitch-hacker's Guide to DACL-Based Detections (Part 1A)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionIf you were to collectively ask any…
Basic Authentication Versus CSRF
I was recently involved in an engagement where access was controlled by Basic Authentication. One (1) of the findings I discovered was a Cross-Site Request…
Okta for Red Teamers
For a long time, Red Teamers have been preaching the mantra “Don’t make Domain Admin the goal of the assessment” and it appears that customers are listening.…
Creative Process Enumeration
Very often in engagements, you'll want to list out processes running on a host. One thing that is beneficial is to know is if the processes is a 64-bit or…
Crafting Emails with HTML Injection
Have you ever wanted to send an email from a domain you don’t have SMTP credentials for? With some HTML injection, we may be able to do just that. From time to…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
