Engineer

• Experience in Information security and penetration testing in creation and deployment of solutions protecting applica-tions, networks, systems and information assets for diverse companies and organization.

• Experience in the areas of Risk Analysis, SIEM, Endpoint Security, DLP, Network Security, Email Security, Web Gateway, Vulnerability Assessment, Pen testing, Windows Server, Domain technology, and Antivirus servers.

• Understanding of Software development Life cycle (SDLC) to ensure security controls are in place.

• Experience in Threat Modeling during Requirement gathering and Design phases.

• Experience and good understanding on web, cloud, mobile and network environments.

• Extensive knowledge on OWASP vulnerabilities and remediations.

• Conduct vulnerability assessments on both SAST and DAST.

• Hands-on experience conducting vulnerability assessments of web, mobile, cloud-based applications, and web services.

• Experience conducting vulnerability assessments on web, cloud applications.

• Followed OWASP, SANS 25 guidelines using variety of security testing tools like Burp Suite, Dir Buster, OWASP ZAP Proxy, Nmap, Nessus, Kali Linux, Metasploit, HP Web inspect, HP fortify, IBM App scan, Veracode, checkmarx, synopsys.

• Experience Conducting Vulnerability assessments on mobile-based applications. Followed mobile OWASP guidelines using variety of security tools like burpsuite pro, MobSF, Clangs ios Analyser, Frida, Apktool.

#LI-NS2