CV,Information Security Consultant Targets M East, Europe Or Australia

Available
Serial No: 33709
Skills keywords: configuration review, information security, ISMS, iso 27001, penetration testing, RHCE, VAPT, vulnerability assessment, WAPT
Current location:  Qatar - View on map
Nationality: Indian
Spoken languages: english

Personal Details

Father’s Name : J.A.khan

Date Of Birth : 01/05/1984

Gender: : Male

Hobbies : Listening to Music

Nationality : Indian

Marital Status : Single

Languages Known: English, Hindi & Urdu

 

Profile

A dynamic professional with 6 years of rich experience in the Information Security Domain, With a very rare combination of skill set Contain (Ethical Hacking + ISMS + Network Security) offer Vulnerability assessment & Penetration testing (Ethical Hacking), ISO 27001 (ISMS implementation and Audit), Network security devices management (Network Security).

 

Professional Qualifications

 Bachelor of Engineering in Computer Science and Engineering from BU-Bhopal.

 Diploma in Computer Science & Engineering from RGPV.

 Diploma in Information Security and Ethical Hacking

 CEH-Certified Ethical Hacker by EC-Council

 Red Hat Certified Engineer RHCE.

 Trained CCNA (Cisco certified Network Administrator) & MCSE (Microsoft Certified System Engineer).

 Pursuing CISSP.

 Certified Tripwire solution Professional (nCircle).

 

Achievements

 Team Lead in CERT-In Empanelment 2013 for MSSG.

 Writer of Hacker5 Magazine (India first printed hacking magazine)

 Conduct 20+ Awareness Workshop on IT security & Ethical Hacking

 

Technical Skills

• Vulnerability Assessment and Penetration Testing.

• Web Application Assessment.

• Wi-Fi Penetration testing.

• Security Configuration Review (Hardening).

• Network Architecture review.

• Incident handling and response.

• Log analysis SIEM (QRadar and SSIM).

• Mobile Application testing (Android, Windows, IOS).

• Information Security Risk assessment.

• ISO 27001 Implementation and management.

• Network forensic and malware analysis.

• Secure source code review.

• IT Audit.

• Information security current status audit.

• Access control review.

• Project Management Audit.

• Critical Infrastructure review (Telecom).

• Social Engineering attacks.

Tools – Hands On

• Hands on almost all major industrial standard vulnerability assessment & Penetration testing tools like Nessus, Nexpose, nCircle, CCM, Nipper, Nmap, Metasploit, Core-Impact, Accunetix, Burp proxy, Havij , safe-sql, HP web-Inspect, IBM-APScan etc.

• Simulate major attack External and Internal network like DDOS, OWAPS TOP 10 & SANS 25 for web application, Network Attacks, WIFI Attacks, Phishing attack, Social Engineering & lots more.

• SIEM – QRADAR , SSIM

• IDS/IPSC – CISCO, PALO-ALTO

• Malware Gateway – Fire EYE

• Network Forensic – Solara (BLUE COAT)

• Tripwire – nCircle , CCM and SIH

• Host End Point Management – Nexthink

• Email Mail Gateway – Iron Port

• Web Application Firewall – Barracuda

• Firewall – Cisco ASA, ISA, TMG

• Antivirus – Symantec endpoint protection

 

Experience Summary

Employer: Public Prosecution, Qatar (Outsource by Paramount)
Position: Information Security consultant
Duration: from Sep-2014 to till date

Responsible for Manage Information Security for Public prosecution VAPT, Assets management, Incident handling, Access management, Web application testing, Hardening, Mange ISO 27001, Risk assessment, Follow security roadmap Manage network security products includes SIEM(Qradar), FireEye, PALO-ALTO, IP360 Suits (nCircle), CCM, SIH, Barracuda, Iron-Port, Solara, AppScan.

Employer: Aditya Birla Group
Position: Asst. Manager
Duration: from Dec-2013 to Sep- 2014

Responsible for conducting internal audits and monitoring compliances for operational efficiencies of internal control systems. Also to provide support in all consulting assignments.

Present audit findings in an objective, independent and concise manner which will help management to take corrective action.

To give practical recommendations and convince management that the implementation of these recommendations will lead to enhanced internal control/better corporate governance/efficiency in operations.

Employer: MAHINDRA Special Service Group (MSSG)
Position: Associate Consultant
Duration: from OCT-2011 to Dec-2013

Responsible for VAPT (vulnerability assessment & Penetration testing), Web Application Assessment, Network Security Architecture review, Information security risk assessments, Ethical Hacking, Current Security status assessment, Access control Review, technology implementation projects, Information Security road map.

Employer: Symantec Corporation outsource by Megna InfoTech
Position: Security Analyst SIEM
Duration: from May-2011 to OCT-2011

Role & Responsibilities Real time Security monitoring of HDFC Bank network contain 350+ Security devices (Firewall ,IDS, IPS) ,Servers & Switches Routers. Check Sev 4, 5 Incidents on SSIM console & raise follow incident escalation and notification.

 Does detailed Analysis of sev 1, 2, 3 incidents Do analysis at event level provide on-demand logs, pro & post activity logs. Analysis of deny and drop packets.

 Do RCA (Rout cause analysis) of sev 5 incident.

 Prepared and provide data for Internal/External Audit.

 Prepare required reports daily/weakly/monthly basis.

Employer: APPIN Technology Lab (MNC), India
Position: Technology Evangelist
Duration: From Sep 2009 to April 2011.

Role & Responsibilities: Risk assessment, Responsible for training of Vulnerability Assessment & Penetration testing, Web-application assessment, External and Internal VAPT, Hardening of network devices, server and hosts machines, hardening network Provide Training different modules of APPIN technology labs, Responsible for network of APPIN technology labs.

Employer: Gulshan India pvt ltd
Position: IT Support
Duration: From Aug 2008 to Sep 2009.

Role & Responsibilities: Responsibilities of end points hosts with servers like DHCP, DNS, AD, switches and routers, user account addition delectation, ftp hosting troubleshooting hardware and software issue maintenance purchase up-gradation of network.

 

 

 






popup-img