Rashid Feroze

CTO

Bangalore Urban, Karnataka, India9 yrs 9 mos experience

Most Likely To SwitchHighly Stable

Key Highlights

Expert in securing AWS and cloud environments.
Presented at multiple international security conferences.
Led a team of 15 in security initiatives.

Stackforce AI infers this person is a seasoned Information Security professional with a focus on Fintech and Cloud Security.

Contact

Skills

Core Skills

Infrastructure SecurityCloud SecurityWeb Application SecurityOffensive SecurityAutomation

Other Skills

AuditsCC++Data securityDevSecOpsHTMLJ2EE Web ServicesJavaLinuxMySQLNetwork SecurityNetwork layer DOS attacksNetworksPHPPenetration Testing

About

Information Security professional with established track record of delivering impactful and high quality risk reducing work. Can understand strategic business requirements to enable security at different stages of business considering the risk tradeoffs. Extensive experience in securing AWS, solving data security and privacy holistically, solving regulatory compliance and audits in a highly regulated fintech environment, securing web applications, deploying security products, detection engineering, building security automation and building the right team. Contributed to multiple inhouse security projects and presented in multiple international conferences including Blackhat, Nullcon, RootConf, Hacktivity and Bsides. Specialities: Infrastructure security, Cloud security, Web application security, Data security & privacy, DevSecOps, Secure architecture review, Redteam Projects, Handling responsible disclosure program, Security evangelisation, Hiring and mentoring a team of 15 people.

Experience

Cred

2 roles

Security engineering leader

Promoted

Apr 2021 – Present · 4 yrs 11 mos · Bangalore

Responsible for all things Infrastructure security - Cloud security, Data security, DevSecOps, Security Operations(Threat detection, Incident Response), Regulatory compliance and audits.

Infrastructure securityCloud securityData securityDevSecOpsSecurity OperationsRegulatory compliance+1

Senior Security Engineer

Aug 2019 – Mar 2021 · 1 yr 7 mos · Bangalore

All things security

Symbiosis international university

Guest Faculty

May 2018 – May 2019 · 1 yr · Pune, Maharashtra, India

Taught offensive security and VAPT course to students pursuing masters in systems security from Symbiosis university.

Offensive securityVAPT

Payatu technologies pvt ltd

Senior Security Consultant

Jul 2016 – Jul 2019 · 3 yrs · Pune/Pimpri-Chinchwad Area

[+] Major responsibilities include:
Web/Network/Mobile application pentest
DevSecOps (Securing CI/CD Pipeline, SAST, DAST Intergration)
Cloud Security (AWS, Azure)
Threat Modelling and Risk Assessment
Authentication & Authorization security standards review
Crypto Standards review
Red Team (Physical and social engineering assessments)
Red Team (Stealth malware creation & execution and Endpoint protection bypass)
Red Team (Obfuscation & Evasion techniques)
Red Team (Stealth lateral movement and data exfiltration)
Web Assessment and Exploitation
Network Exploitation
Active Directory security assessments
Mobile Security Assessments
Wireless Penetration Testing (Wifi 802.11 b/g/n)
Firewall/Database Configuration Review
Server Hardening
CIS/PCI Compliance Assessment
Cloud Server/DNS Management and Deployment

Web application penetration testingDevSecOpsCloud SecurityThreat ModellingRisk AssessmentRed Team assessments+2

Tech mahindra

Intern

Jun 2015 – Sep 2015 · 3 mos · Bangalore

Worked on automation of security testing for IOT devices:
Developed tools to perform network layer DOS attacks and to automate wireless pentesting of IOT devices
Installed and deployed directory services and servers (Apache, Tomcat, Active Directory, LDAP)
Deployed, configured and integrated Identity Management Systems (openAM, openDJ, openIDM)

AutomationSecurity testingNetwork layer DOS attacksWireless pentesting