Summary
Phil Sofia is an OSCP-certified security analyst and ethical hacker with a decade of experience blending offensive testing, code review, and web development to secure applications and infrastructure for clients from startups to Fortune 500s. At NCC Group he splits time between manual web application penetration testing and triaging crowdsourced vulnerability reports, producing high-quality technical write-ups and client-facing remediation guidance. Previously a security consultant at WithSecure/F-Secure, he scoped and delivered diverse assessments across web, cloud, mobile, and network environments, and has hands-on engineering chops from roles as a full‑stack developer and coding instructor. His interdisciplinary background in theatre and theology surfaces in clear technical communication and an unusually creative approach to threat modeling and human-centered security education.
10 years of coding experience
6 years of employment as a software developer
Master of Divinity - MDiv Practical Theology, Master of Divinity - MDiv Practical Theology at Regent University
Web Development, Web Development at Dev Bootcamp
OSCP, OSCP at Offensive Security
Bachelor of Fine Arts - BFA Theatre/Theater, Bachelor of Fine Arts - BFA Theatre/Theater at New York University
English