About Me
Total IT Experience 12.4+ Years. Cyber Security BFSI Domain, IT Security professional with hands-on experience in Vulnerability Assessment and Penetration Testing, 6.4+ Years. Lead Vulnerability Assessment and Penetration Testing team on the clien...
Show MoreSkills
Software Engineering
Web Development
Database
Others
Graphic Design
Positions
Portfolio Projects
Merck Life Science Pvt Ltd. Hyderabad
https://www.merckgroup.com/in-en/company/legal-entities/merck-life-science-private-limited.htmlCompany
Merck Life Science Pvt Ltd. Hyderabad
Role
QA Tester
Description
Role & Responsibility:
- Analysed Source Code scan reports and suggest remediation / mitigation plan.
- Experience with Web Application Architecture Security Review, Static Code Review, Penetration Testing.
- Performed IoT Network Devices Penetration Testing.
- JAMA/JIRA security user stories task review and fixed.
- Experience in the areas of Network Security Review, Network Architecture .Source Code Review.
- Prepare hardening security documents for OS, Network Device and Security Testing.
- DevOps team member working on Security related issues in Healthcare department.
Tools
SonarQube jama Jira software NmapCompany
Reliance Jio Infocomm Ltd., Mahape-Navi Mumbai.
Role
QA Tester
Description
Role & Responsibility:
- Performed Vulnerability Assessments of Network and Security Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices.
- Performed penetration test and launch exploits using Metasploit, Burp Suite, Kali Linux penetration testing distribution tools sets.
- Analysed scan reports and suggest remediation / mitigation plan.
- Keep track of new vulnerabilities on various network and security devices for different vendors.
- Audit configuration of Network and Security devices Performed Penetration testing based on NIST 800-115, SANS-25 and OWASP Top 10 standards.
Skills
Web Application SecurityTools
Burp suiteCompany
ISMS-Compliance
Role
QA Tester
Description
- Performed Vulnerability Assessments of Network and Security Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices.
- Keep track of new vulnerabilities on various network and security devices for different vendors.
- Ensure the coverage and track new assets & applications which are going live and ensure that the VA/PT and CA, Security Configuration Assessment are conducted before going live and periodically after going live.
- Maintained up-to-date inventory of assets and applications covered for VA/PT and CA and secure configuration assessment.
Tools
NessusCompany
Information Security-VAPT/Compliance
Role
Project Manager (Team Lead)
Description
- Performed Vulnerability Assessments of Network and Security Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices.
- Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.
- Analysed scan reports and suggest remediation / mitigation plan.
- Keep track of new vulnerabilities on various network and security devices for different vendors.
- Audit configuration of Network and Security devices.
- Established customized security configuration and hardening baseline documents for various systems, devices and platforms (Configuration Audit) based on CIS-Standard Benchmark.
- Publish periodic dashboard to track vulnerability posture considering with and without implemented compensatory controls including exceptions.
Tools
NessusCompany
Vulnerability Management
Role
QA Tester
Description
- Performed Vulnerability Assessments of Network and Security Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices.
- Performed scanning on networks using QualysGuard Consultant & Nessus Vulnerability Scanner and submitted an executive the summary that outlined the details of any issues discovered.
- Performed scanning on networks using Metasploit Penetration Testing Tool and submitted an executive summary that
outlined the details of any issues discovered.
- Analysed scan reports and suggest remediation / mitigation plan.
- Advanced technical analysis on intrusions.
- Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.
- Performed Penetration testing based on PCI DSS, NIST 800-115, SANS-25, etc. standards.
Skills
Qualys GuardTools
Qualys