Ishfaq Fariq

Product Engineer

Islamabad, Islāmābād, Pakistan3 yrs experience

Key Highlights

  • Experienced in penetration testing across multiple platforms.
  • Strong collaboration skills with developers and stakeholders.
  • Proficient in a wide range of security tools and technologies.
Stackforce AI infers this person is a Cybersecurity professional with a focus on Fintech and Application Security.

Contact

LinkedIn

Skills

Core Skills

CybersecurityNetworkingWeb Application SecurityApplication SecurityVulnerability ManagementOffensive SecurityPenetration Testing

Other Skills

Vulnerability AssessmentAmazon Web Services (AWS)API TestingJavaCertified DevSecOps Professional (CDP)Continuous Integration and Continuous Delivery (CI/CD)DASTSASTSecure SDLCSoftware Component AnalysisInfrastructure as code (IaC)AnsibleDockerGitJenkins

About

I am a dedicated computer science graduate with a passion for technology and a desire to become a software engineer and security researcher. Currently working as Application Security Engineer, I conduct security testing on various domains, platforms, and projects, including web and mobile applications, APIs, and networks and cloud. My skills include OWASP Top 10, API and pentesting, troubleshooting, and maintenance and even automating the routine tasks and processes.. I have experience and exposure of a range of tools and programming languages, including BurpSuite, Fuff, Nmap, Nessus, Frida, Objection, ADB, Drozer, qark, MobSF, ApkTool, Jadx, ghidra, and IDA Pro. I have exposure of HTML5, CSS3, ReactJs, JavaScript, Java, ES6, and Python, and I have worked with various operating systems such as Windows, Linux, and MacOS. In addition to my technical skills, I am a skilled communicator and collaborator, working closely with developers to fix vulnerabilities and meeting with managers and CISOs regarding ongoing and upcoming projects. I am a quick learner, always willing to think outside the box and work out of my comfort zone to achieve success.

Experience

3 yrs
Total Experience
1 yr
Average Tenure
--
Current Experience

بنك البلاد | bank albilad

Senior Cybersecurity Consultant

Sep 2024Dec 2024 · 3 mos · Riyadh, Saudi Arabia · On-site

  • Penetration Testing and Vulnerability Assessment of developed Web applications, APIs, Mobile Applications, and infrastructure.
NetworkingCybersecurity

Payactiv sds-it

Application Security Engineer

Jun 2023Sep 2024 · 1 yr 3 mos · Islamabad, Islāmābād, Pakistan · On-site

  • PayActiv is a financial services company headquartered in San Jose, California. PayActiv partners with companies to provide employees with financial services such as earned wage access.
  • Penetration Testing and Vulnerability Assessment of developed Web applications, APIs, and Mobile Applications.
  • Engage stakeholders within IT and business functions to track vulnerabilities and ensure their closure.
  • Collaborating with developers on patching bugs and vulnerabilities.
NetworkingAmazon Web Services (AWS)CybersecurityApplication Security

Askari bank

Sr. Officer Offensive Security

Jun 2022Jun 2023 · 1 yr · Islamabad, Islāmābād, Pakistan

  • Ensure to efficiently and effectively manage and coordinate internal vulnerability assessments and penetration testing for Banks's infrastructure and business application.
  • Coordinate & assist 3rd party vulnerability assessments and penetration testing. Prepare analytics reporting as per the senior management directions and bank’s policy.
  • Assists teams to establish methods to respond and provide threat responses and devise controls to minimize the adverse effects on business operations.
  • Assist Unit Head Governance & Risk in the management and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of information security across the Bank and keep track of all ongoing Information Security activities/Plans/ schedules
NetworkingAmazon Web Services (AWS)CybersecurityOffensive Security

Aksa-sds

2 roles

Jr Penetration Tester

Sep 2021Jun 2022 · 9 mos · Islāmābād, Pakistan

  • Responsibilities and Job:
  • Performing Web Application Penetration Testing
  • Performing Mobile Application Penetration Testing
  • Performing API Testing
  • Collaborating with developers on patching bugs & vulnerabilities
  • Source code reviewing for Web and Mobile Applications (Android & iOS) for clients’ corporate and consumer apps
  • Leveraging tools for continuous security assessment and compliance
  • Planning Red Team Activities for Telecom, Banking & Health sectors
  • Creating reports, detailing assessment findings and recommendations
  • Preparing PoC of exploits and vulnerabilities
  • Performing SAST/DAST
  • Performing Cryptanalysis
  • WordPress plugins and website Testing
NetworkingAmazon Web Services (AWS)Penetration TestingApplication Security

Internee Penetration Tester

Sep 2021Nov 2021 · 2 mos · Islāmābād, Pakistan

Web Application SecurityJava

Education

University of Sargodha

Bachelor's degree — Computer Science

Oct 2016Dec 2020

Stackforce found 100+ more professionals with Cybersecurity & Networking

Explore similar profiles based on matching skills and experience

Ajeet kerure

Ajeet kerure

Security analyst in ISG

at Tech Mahindra

Pune, India4 yrs 2 mos exp
VAPTApplication SecurityVulnerability Assessment
Shikha Upadhyay

Shikha Upadhyay

Senior Security Analyst

at Gartner

Gurugram, India6 yrs 7 mos exp
Pushkar Ayengar

Pushkar Ayengar

Product Security Intern

at Cloudflare

Bengaluru, India2 yrs 11 mos exp
Information SecurityWeb Application Security
Mahima Dongre

Mahima Dongre

Associate Security Consultant

at Varutra Consulting

Pune, India5 yrs 3 mos exp
API TestingCybersecurity
Japneet Kaur Gandhi

Japneet Kaur Gandhi

Hacking Articles

at Hacking Articles

Delhi, India7 yrs 3 mos exp
Penetration TestingInformation Security
Aadarsh Anand

Aadarsh Anand

Security Researcher

at Appknox

Dhanbad, India0 mo exp
Security ResearchVulnerability Assessment
Priyanshi Singhal

Priyanshi Singhal

Senior software configuration specialist

at Wipro

Noida, India3 yrs 6 mos exp
Ilias Dimopoulos

Ilias Dimopoulos

Offensive Security Professional | Security Researcher | Bug Bounty Hunter

at Self-Employed

Greece17 yrs 4 mos exp
Penetration TestingVulnerability AssessmentRed TeamingVulnerability Reporting