Summary
Richard Nelson is a Senior Penetration Tester with 11 years of cybersecurity experience, specializing in API and web application security and a strong software development background. He builds custom scanners and integrates SAST/DAST tooling into CI/CD, having automated OWASP API Top 10 testing and slashed manual test time while boosting detection speed on mission-critical systems. His hands-on experience spans manual pentesting with Burp Suite, GraphQL/REST assessment, malware analysis, SOC log-driven detection engineering, and adversary simulation. A former MITRE engineer and NSAP alumnus, he has delivered predictive detection models and automated intelligence pipelines that materially improved analyst efficiency. Based in Bristow, VA, he combines full-stack API development (FastAPI, Node.js) with offensive tooling and YARA-powered malware triage, bringing a rare blend of red-team creativity and engineering automation to reduce risk.
11 years of coding experience
4 years of employment as a software developer
Master of Science - MS, Cybersecurity, Master of Science - MS, Cybersecurity at University of Alabama at Birmingham
Graduate Certificate, Penetration Testing & Ethical Hacking, Graduate Certificate, Penetration Testing & Ethical Hacking at SANS Technology Institute