Expertise in securely designing, integrating, and implementing security architecture of Web Based Applications, Database Applications and Client/Server Applications. Expertise in identifying vulnerabilities in the current system, assess threat landscape of the organization, conducting security review of servers including (Exchange Server, Domain Controller, Share Point, SAP, Office 365 and cloud-based application security review).
Involved in Reviewing, Deploying, Integrating and or recommending various solutions/technologies for the key areas of information security as mentioned below which includes but not limited to:
• Vulnerability Assessment & Penetration Testing.
• Data Leakage Prevention & Endpoint Security.
• Mobile Device Management.
• Network Stress & Load Testing.
• Cyber Drills.
• Compromise Assessment.
• SOC Maturity Assessment & Customization.
• Wireless Network & Frequencies Assessment.
• Security Assessment of TMS & AML based systems.
• Security review of Telecommunication Systems (Alcatel, Motorola, Huawei).
• Malware analysis & Threat Assessment.
• Network Architecture review.
• Cyber Investigation & Incident response.
• Social Engineering. and
• ICT/OT Environment Assessment.
Vulnerability Assessment & Penetration testing:
Nessus, Metasploit Professional, Nexpose, Acunetix, Open VAS, OWSAP ZAP, IronWASP, IBM App Scan, Web Cruiser, Core Impact, SAINT, Exploit Pack, Sparta.
Data Leakage Protection:
Symantec, Microsoft 365 E3.
Mobile Device Management Solution:
Air Watch, Maas360, Mobile Iron.
Security Information and Event Management:
QRADAR, Alien Vault, Splunk, LogRythm, OSSIM, ArcSight.
Intrusion Detection & Prevention System:
Snort, OSSEC, Tripwire, Suricata.
Incident Detection & Response Platforms:
EDR (Crowd Strike, Carbon Black, FireEye), XDR (McAfee, Trend Micro) and ATR.
Content Protection & Monitoring:
DarkOwl, Webroot, Breach directory, Spy Cloud.
Programming Languages:
Microsoft Visual C#, j#. NET, Turbo C++, C# Asp. Net, Assembly (basic), Python, Perl, Java RMI.
Networking Skills:
Active Directory, Exchange Server 2019, Simulation on (GNS 3, Packet Tracer, Boson Netsim) Inter V-LAN Routing, Deployment and customization of different Routing protocols and WAN Protocols in Professional Environment.
• Network Design & Implementation.
• Network Infrastructure Assessment.
• Network Deployment.
• Networks Optimization.
• Network Security. and
• Network Customization.
Web/Scripting Languages:
HTML, JavaScript (Basic), Xml, Bash Scripting, Shell Scripting, Java Scripting.
Cloud Computing Storage:
Open Stack, Nexenta, LXC.
Virtualization:
ESXI Servers, VM-Ware, Virtual Box, VDI Solution.
Databases:
NoSQL, MySQL, SQL Server, MongoDB, Sybase, S4 HANA.
Server Operating Systems:
Linux (Fedora, Radhat, SUSE, CentOS), Windows (Server 2012, 2016).
Information Security Awareness:
Knowbe4, PhishRod, ProofPoint.
OT/IOT Network:
Nozomi Guardian, Infoblox, Honeywell, NGWF 100F, 200F, Cyber vision, Triconex, Yokogava.
Forensic Technology Services
Meticulous understanding of Digital forensic investigation processes including Chain of custody, evidence collection, evidence analysis.
Comprehensive understanding of provisions of information technology act relating to Cybercrimes and Digital Forensic. Specialties in conducting Digital Forensic related investigation based upon the international standard of ISO/IEC 27037. Extensive hands-on experience on the following digital forensic tools including but not limited to:
• Encase Examiner.
• DT Search.
• Dr. Fone for Android & iOS.
• Enigma Recovery.
• Autopsy.
• Cellebrite
• Oxygen Forensic.
• Magnet Axiom.
• Nuix.
• Sleuthkit.
• DFIRTraige.
• Access data FTK imager.
• Digital evidence and forensics toolkit, SANS (SIFT), CAINE.
Habib Bank Limited
KPMG
Martin Dow
PAF-KIET
WEMYT Pvt. Ltd.
Masters In Information Security - NED University
Bachelors In Telecommunication & Networks - PAF-KIET
