Muhammad Wasi โ Operations Associate
A passionate Application Security Analyst and Penetration Tester, skilled in identifying vulnerabilities and fortifying critical systems against evolving cyber threats. With expertise spanning ๐๐ฒ๐ฏ ๐ฎ๐ฝ๐ฝ๐น๐ถ๐ฐ๐ฎ๐๐ถ๐ผ๐ป๐, ๐บ๐ผ๐ฏ๐ถ๐น๐ฒ ๐ฎ๐ฝ๐ฝ๐, ๐๐ฃ๐๐, ๐ฐ๐น๐ผ๐๐ฑ ๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐, ๐ฎ๐ป๐ฑ ๐๐ฒ๐ฐ๐๐ฟ๐ฒ ๐ฎ๐ฝ๐ฝ๐น๐ถ๐ฐ๐ฎ๐๐ถ๐ผ๐ป ๐ฑ๐ฒ๐ฝ๐น๐ผ๐๐บ๐ฒ๐ป๐, I take a proactive approach to mitigating risks before they impact operations. Having worked with ๐๐ฎ๐ฟ๐ถ๐ผ๐๐ ๐ณ๐ถ๐ป๐ฎ๐ป๐ฐ๐ถ๐ฎ๐น ๐ถ๐ป๐๐๐ถ๐๐๐๐ถ๐ผ๐ป๐, Iโve secured ๐ฆ๐ช๐๐๐ง application servers and other critical/sensitive banking systems through comprehensive security assessments. My experience includes conducting PCI-compliance tests, Red Team exercises, and orchestrating ๐๐ผ๐ฐ๐ถ๐ฎ๐น ๐ฒ๐ป๐ด๐ถ๐ป๐ฒ๐ฒ๐ฟ๐ถ๐ป๐ด ๐ฐ๐ฎ๐บ๐ฝ๐ฎ๐ถ๐ด๐ป๐ such as ๐ฝ๐ต๐ถ๐๐ต๐ถ๐ป๐ด ๐ฎ๐๐๐ฎ๐ฐ๐ธ๐, ๐ฟ๐ฎ๐ป๐๐ผ๐บ๐๐ฎ๐ฟ๐ฒ ๐๐ถ๐บ๐๐น๐ฎ๐๐ถ๐ผ๐ป๐, ๐ฎ๐ป๐ฑ ๐ฟ๐ฒ๐๐ฒ๐ฟ๐๐ฒ ๐๐ต๐ฒ๐น๐น๐. Iโve conducted thorough ๐ฐ๐ผ๐ฑ๐ฒ ๐ฟ๐ฒ๐๐ถ๐ฒ๐๐ to identify security flaws and collaborated with stakeholders to integrate security tools into DevSecOps pipelines, ensuring seamless implementation of innovative solutions tailored to organizational needs. My approach combines robust problem-solving with clear communication, ensuring penetration testing and red teaming efforts are thorough, effective, and efficient. Always eager to learn, I balance a passion for both offensive and defensive security practices, driving cybersecurity innovation while ensuring compliance with industry standards like ๐ฃ๐๐ ๐๐ฆ๐ฆ, ๐๐ฆ๐ข ๐ฎ๐ณ๐ฌ๐ฌ๐ญ, ๐ฎ๐ป๐ฑ ๐๐๐ฆ ๐๐ฒ๐ป๐ฐ๐ต๐บ๐ฎ๐ฟ๐ธ๐. ๐๐ผ๐ฟ๐ฒ ๐๐ผ๐บ๐ฝ๐ฒ๐๐ฒ๐ป๐ฐ๐ถ๐ฒ๐: Web & Mobile Application Security: OWASP Top 10, CWE/SANS 25 Penetration Testing: Web, Mobile, API Testing, and Cloud Security (AWS) Threat Hunting & Red Teaming: Ethical hacking, malware analysis, and reverse engineering Network Security: Active Directory hardening and network segmentation Secure Application Design & Deployment: Vulnerability management and remediation Digital Forensics: Malware analysis and forensic investigations ๐๐ฒ๐ ๐ฃ๐ฟ๐ผ๐ท๐ฒ๐ฐ๐๐: DIGISPARK/Rubber Ducky with ATTiny85: Developed custom payloads for USB-based attack simulations. WiFi Deauth Attack using ESP8266: Explored network disruption techniques to test WiFi security defenses. Letโs ๐ฐ๐ผ๐ป๐ป๐ฒ๐ฐ๐ ๐๐ผ ๐ฐ๐ผ๐น๐น๐ฎ๐ฏ๐ผ๐ฟ๐ฎ๐๐ฒ and drive cybersecurity innovation while building trust and digital resilience!
Stackforce AI infers this person is a Cybersecurity Specialist with a focus on Application Security and Penetration Testing.
Location: Karฤchi, Sindh, Pakistan
Experience: 6 yrs 5 mos
Skills
- Application Security
- Penetration Testing
- Information Security
- It Management
Career Highlights
- Expert in Application Security and Penetration Testing.
- Proven track record in securing financial institutions.
- Strong background in ethical hacking and vulnerability assessments.
Work Experience
UBL - United Bank Limited
Manager Application Security (9 mos)
National University of Sciences and Technology (NUST)
Visiting Lecturer (5 mos)
Synack Red Team
Synack Red Team Member (2 yrs 3 mos)
Jinnah University for Women
Visiting Lecturer - Information Security (5 mos)
BankIslami Pakistan Limited
Senior Application Security Analyst (2 yrs 4 mos)
United Bank Limited
Assistant Manager Red Teaming & Penetration Testing (8 mos)
Sharp Telecom (Private) Limited
Cyber Security Engineer (7 mos)
Digital Arrays (Pvt.) Ltd.
Penetration Tester (1 yr 8 mos)
Dynamic Logistics International Pvt Ltd
Information Technology Officer (5 mos)
Education
Master's degree at National University of Sciences and Technology (NUST)
Bachelor of Science - BS at Iqra University (Official)
