Seasoned security professional with 13+ years of demonstrated experience both building and breaking applications, networks and clouds seeking a challenging engagement. Core technical competencies include application security architecture, web application and thick client penetration testing, reverse engineering, network penetration testing, and threat modeling, DevSecOps, SSDLC Implemtor, SAST, DAST, IAST, OSINT with a keen eye for business value and growth.
1. Application Penetration Testing with the recommendation for remediation against OWASP Top 10, SANS 24 etc.
2. Complete security assessment of Application with the recommendation for remediation with HIPAA, ISO 27001, DISA STIG, OWASP ASVS, PCI DSS WASC Threat Classification
3. Cloud (AWS) infrastructure complete vulnerability assessment, security & penetration testing with the recommendation for remediation HIPAA, PCI DSS
4. Static and Dynamic code analysis (SAST & DAST) with the recommendation for remediation as a part of SSDLC
5. Reconnaissance - Open Source Intelligence (OSINT) using Datasploit, Spiderfoot, foca pro, Buscador, Maltego, Recon-ng, Shodan, theHarvester etc.
6. API Security
7. Malware, Phishing, Breach, data leakage detection
8. Firewall audit and configure
9. Security and penetration testing trainer
10. Android and iOS application vulnerability detection and security testing
11. Hands-on S-SDLC Implementation
13. Integration of security in CI/CD automation
Certification Achieved -
1. CEH v10 - Certified Ethical Hacker v10
2. ECSA v9 - EC- Council Certified Security Analyst v9
3. CEI v2 - Certified EC-Council Instructor v2
4. Certified Application Security Engineer - Java
5. Licensed Penetration Tester (Master)
6. Alien Vault Certified Security Engineer (Training done waiting for sit for the Exam)
7. CISSP - Certified Information Systems Security Professional (ISC2 Training done waiting for sit for the Exam)
8. ISO 27001 Lead Implementor.
9. Microsoft Certified: Azure Security Engineer Associate (AZ - 500)
10. AWS Certified Security – Specialty
11. Google Certified Security Engineer