Jan 2015 – Nov 2018 · 3 yrs 10 mos

• Assessing threats and vulnerabilities through penetration testing, web application security assessments, social engineering, technical security diagnostic reviews, network architecture reviews and gap assessments.
• End to end security solutions, right from assessing an application, threat profiling, executing and providing mitigations for found vulnerabilities.
• Generate and present executive as well as technical reports on security vulnerabilities to the customers.
• OS Hardening.
• Performing security configuration review for devices.
• Performing Vulnerability Management for one of the largest retail client in US, including scanning, reporting vulnerabilities to concerned teams, follow-up on remediation. Providing insight on patches required for fixing vulnerabilities to the teams.
• Running Phishing simulations.

Sep 2012 – Oct 2014 · 2 yrs 1 mo

• Experience in monitoring and mitigating Infrastructure security threats and attacks.
• Proactively responding to alerts generated by Arcsight, Splunk, analyze infected system and mitigate attack.
• Analyzing Sourcefire NIDS alerts, MCAfee Proxy logs.
• Scanning quarantine mails for malicious content.
• DLP Incident Review.
• Vulnerability Management using Tenable Security Centre and Qualys Guard.
• Working with various security teams spanning across the globe.

Feb 2012 – Jul 2012 · 5 mos

• Fundamentals of Information Security.
• Network Defence and Countermeasures.
• Configuring Hardware and Software firewalls i.e IP tables, Microsoft TMG.
• Python Programming.
• Ethical Hacking using Nessus, Nmap, GFI languard, Havij.
• Analyzing traces of attack using Cyber Forensic.