About

About Jiva

Founder & Principal Security Consultant, Jiva Security

Jiva — Founder, Jiva Security

Jiva — Founder & Principal Security Consultant

Offensive Security Researcher & Consultant

Jiva is an offensive security researcher and consultant with deep expertise across web application security, hardware and embedded systems, and vulnerability research. Jiva Security was built on the principle that the best security assessments come from people who think like attackers — and who have the technical depth to find what automated tools miss.

Every engagement at Jiva Security is performed personally. There are no subcontractors, no junior analysts delivering your report. When you engage Jiva Security, you are working directly with a senior practitioner who has hands-on experience across the full offensive security stack.

With nearly two decades of experience in offensive security, Jiva's background spans the full depth of the field — from vulnerability research at Tripwire's Vulnerability and Exposure Research Team (VERT) and four years as a Senior Penetration Tester at Mailchimp, to lead product security consulting at Praetorian and, most recently, Senior Offensive Security Engineer at SiriusXM, where the focus spans red team operations, hardware hacking, and embedded systems security. Jiva holds a Master of Computer Science from the University of Georgia (GPA: 4.0), with thesis research focused on addressing the shortcomings of black-box web vulnerability scanners.

Those offensive instincts were forged in part through nearly two decades of Capture the Flag competition — one of the most demanding proving grounds in the field. As a member of team disekt, Jiva earned top finishes at Defcon Quals, Codegate Finals (competing on-site in Seoul), Ghost in the Shellcode, and dozens of other international events, and organized and hosted the OpenCTF competition at DEFCON 30, building a custom scoreboard platform and original challenges from scratch.

Jiva's research has focused on vulnerability discovery across embedded devices, hardware security, and web and API security. This research-driven background informs every consulting engagement — assessments are grounded in real-world attacker techniques, not checklists.

Areas of Expertise

Penetration Testing Red Team Operations Vulnerability Research Hardware Security Firmware Analysis Embedded Systems IoT Security Web Application Security API Security Cloud Security Exploit Development Reverse Engineering Protocol Analysis Source Code Review
Work With Jiva View Research
Approach

How Jiva Security Works

01 — Depth

Depth Over Scale

Jiva Security takes on a limited number of engagements to ensure every assessment receives the full attention it deserves. You get senior expertise, not a commoditized service.

02 — Direct

No Middlemen

Every engagement is scoped, executed, and delivered directly by Jiva. You always know exactly who is doing the work.

03 — Research-Driven

Attacker Mindset

Assessments are grounded in active vulnerability research and real-world exploitation techniques — not templated outputs from automated scanners.