Jeremy Buis

Security engineer who breaks things for a living. 12+ years of penetration testing, red teaming, and vulnerability research.

skills

Skill Keywords
Offensive Security Penetration Testing Red Team Operations Purple Team Vulnerability Research Threat Modeling
Security Tooling Burp Suite Semgrep Nuclei nmap Kali Linux
Programming Ruby Python JavaScript Java
Platforms & Cloud Linux macOS GCP AWS Docker
AI & Automation LLM/AI agent development Security automation

employment

Senior Security Engineer, Red Team, Shopify

2024-01 — Present

Conducting red team operations and offensive security research to identify weaknesses in Shopify's security posture. Building offensive tooling, executing end-to-end attack simulations, and shipping defensive improvements.

  • Conduct red team operations to evaluate and improve organizational security posture.
  • Conduct purple team exercises to validate detection and response capabilities.
  • Perform offensive security research on emerging threat techniques.
  • Leverage AI to build security tooling and automate offensive workflows.
Red Team Operations Offensive Security Research Ruby Python macOS Security Cloud Security AI/LLM Security C2 Frameworks

Senior Application Security Engineer, Shopify

2022-04 — 2023-12

Performed security reviews and managed bug bounty operations across Shopify's platform.

  • Triaged, validated, and remediated vulnerabilities reported through Shopify's bug bounty program.
  • Conducted security reviews of new features and services across the platform.
Application Security Security Reviews Bug Bounty Ruby JavaScript Cloud Security

Senior Application Security Engineer, Software Secured

2018-03 — 2022-04

Performing web, network, and mobile penetration tests and secure code review for a variety of platforms and applications. Guiding clients in application security tasks like threat modelling, secure design and vulnerability remediation and scoring. Owning team resources like test plans, payload databases, and report QA. Mentoring and assisting team members in their approach to security testing. Delivering quality content for the company blog.

  • Reported multiple CVEs in products from Oracle, Elastic, JetBrains, and Elementor.
  • Delivered high quality reports to clients containing many high severity vulnerabilities for a diverse set of applications and products.
  • Advised client developer teams on threat modeling, secure design/architecture, and risk classification/remediation.
  • Performed quality control on outgoing client reports for the entire team.
  • Published security research on the company blog covering XSS, RCE, and authentication topics.
Penetration Testing Security Code Review Threat Modeling Secure Design/Architecture Vulnerability Remediation JavaScript Python Java Burp Suite OWASP ZAP

Application Security Engineer, Software Secured

2014-05 — 2018-03

A broad role covering both software development and application security tasks. Writing code focused around the Node.JS stack. Performing web application penetration tests and secure code review for a variety of platforms and applications.

  • Performed static, dynamic and hybrid security tests against a wide variety of web applications using Burp Suite, OWASP ZAP, nmap, Nessus, Checkmarx, Fortify, Brakeman, and Kali Linux.
  • Built full-stack web applications using Express, MongoDB, and Node.js.
Agile JavaScript Python Java MongoDB PostgreSQL Burp Suite git Linux Express Node.js

Web Application Developer, SecDev Cyber

2012-10 — 2014-05

Building internal tools in support of analytics and business requirements. Releasing visualizations for external consumption.

  • Created and launched multiple web visualizations to production.
  • Built to completion, internal statistics tracking web application.
JavaScript D3.js Express Python Backbone REST

Programmer Analyst, Canadian Medical Protection Association

2012-01 — 2012-06

Building internal tools and production websites using Java and Web Technologies.

  • Performed software development and upgrades for public doctor facing knowledge website.
Java JavaScript Maven Tomcat

education

Offensive Security Certified Professional (OSCP), Offensive Security

2017-05 — 2017-09

Completed the OSCP certification.

Computer Science, Honours, Co-operative Program, University of Waterloo

2006-09 — 2011-12

Completion of a Computer Science focused education.

Software Design and Architectures Distributed Systems Computer Networks Computer Security and Privacy Introduction to Artificial Intelligence Advanced Offerings in Computer Science - Machine Learning

writing

Exploiting Less.js to Achieve RCE, buis.ca

2021

Elementor Page Builder 2.9.8 Stored XSS, buis.ca

2020

JetBrains TeamCity Reflected XSS, buis.ca

2019

ImageMagick RCE Take 2, buis.ca

2018

Passwords Shouldn't Be Hard, Don't Cause Your Next Breach, buis.ca

2018

The Rise of JavaScript XSS and Practical Mitigation Techniques, buis.ca

2015

Setting Up a Secure Instance of Express JS, buis.ca

2015

Security Comparison: AngularJS vs Backbone.js vs Ember, buis.ca

2015

Secure Your Express Application, buis.ca

2015

recognition

CVE-2020-13864, CVE-2020-13865, Elementor

2020

Stored XSS in Elementor

CVE-2020-7015, Kibana

2020

Stored XSS in Kibana TSVB

CVE-2019-15848, JetBrains TeamCity

2019

Reflected XSS in JetBrains Teamcity

CVE-2018-2625, Oracle Weblogic

2018

XXE in Oracle Weblogic

Stored XSS in TSVB Visualizations Markdown Panel, Elastic

2020

Stored XSS in Kibana TSVB via HackerOne