Projects

Description

A full risk and cybersecurity management assessment carried out for a case-study organisation. The work applies industry-standard frameworks to identify, evaluate and treat risks, then translates the findings into a practical control roadmap aligned to ISO 27001.

• Identified 28 distinct risks using ISO/IEC 27005 and NIST SP 800-30, scored by likelihood and impact.
• Recommended an ISO 27001-aligned ISMS, privileged access management and a Cyber-Security Incident Response Plan (CSIRP).
• Cut projected aggregate risk exposure by an estimated 54% through the proposed controls.

Description

A complete digital presence for St. John’s Pharmacy & Medical Centre in Malta. Designed and developed as part of their digital transformation, the website introduces the pharmacy's services, team and contact details to patients online for the first time.

• Designed a clean, accessible layout tuned for older visitors and mobile-first browsing.
• Built reusable sections for services, opening hours, location and contact to simplify future updates.
• Established the pharmacy's first professional online identity, improving discoverability and trust.

Description

An iOS appointment-booking app delivered over two Agile sprints by a five-person team. I owned the security side of the project — hardening user credentials, safely integrating the Google Calendar API and supporting the wider planning and quality work that keeps an Agile team shipping.

• Implemented secure password hashing and credential handling for user accounts.
• Integrated the Google Calendar API to keep bookings in sync between the app and users' calendars.
• Contributed to the team's risk assessment, test planning and Git-based version control workflow.

Description

An end-to-end forensic investigation of a compromised Linux host. The work follows the evidence from acquisition through analysis to an expert report, aligned to NIST SP 800-86 methodology and ACPO chain-of-custody principles so it could stand up to scrutiny.

• Recovered evidence of privilege escalation by cracking the /etc/shadow hash with John the Ripper.
• Reconstructed user activity and prohibited actions in Autopsy and OSForensics from filesystem artefacts, logs and metadata.
• Documented findings in a court-admissible expert report suitable for non-technical stakeholders.

Description

Offensive security work spanning the BSc ethical-hacking lab series at Wolverhampton and the Security Testing module at King's College London. The work runs the full offensive lifecycle — from OSINT reconnaissance through to exploitation, post-exploitation and write-up.

• Captured all 10 flags in a web-application pentest challenge by exploiting XSS, UNION-based SQL injection, OS command injection and IDOR, then escalating to Java applet decompilation and binary reverse engineering with objdump and a custom Python XOR decryptor.
• Completed a ten-part ethical hacking lab covering Nmap enumeration, Metasploit exploitation and post-exploitation, web exploitation (SQLi / XSS / CSRF), social-engineering simulation, and privilege escalation on Linux and Windows hosts.
• Used Burp Suite Repeater and Intruder throughout to craft, replay and tune attack payloads against intentionally vulnerable applications.

Description

A body of network engineering and security work spanning my BSc at Wolverhampton and MSc Network Security at King's College London. It covers both sides of the wire — designing and hardening enterprise networks, then attacking and defending them in controlled lab environments.

• Simulated ICMP and TCP SYN floods with hping3 (including IP spoofing) against a Mininet network, then mitigated them with iptables — blocking ~56M malicious packets and dropping attacker traffic reaching the server to 0%, verified in Wireshark.
• Built and configured enterprise networks across a dozen Cisco Packet Tracer labs covering IPv6, VLAN trunking, GRE tunnelling, DHCPv4 and inter-AS routing.
• Layered defensive controls including router hardening, a zone-based policy firewall, Linux iptables / Netfilter rules and Snort intrusion detection on critical servers.

Description

A standardised Windows deployment image built during my time at RSM Malta. The image bundled the company's required apps, security policies and configuration so any new device could be provisioned in a fraction of the previous time, freeing up the IT team to focus on higher-value work.

• Cut new-employee device onboarding from 2.5 hours to 45 minutes per machine — a ~70% reduction.
• Baked in Sophos endpoint protection, domain join and baseline Group Policy out-of-the-box.
• Documented the build process so the IT team could rebuild and update the image with confidence.

Description

marksaviour.io — the portfolio you're currently browsing. A fully custom-built personal website designed to present my experience, research and projects clearly, with an emphasis on accessible, fast and mobile-friendly UX.

• Designed and built from scratch with semantic HTML, custom CSS and vanilla JavaScript on a Bootstrap base.
• Layered in snap-scroll sections, Fancybox modals, scroll-triggered reveals and a responsive grid for a polished feel.
• Structured every section to be modular so new projects, roles and research can drop in without rework.