Download PDF

Summary

Accomplished, motivated and versatile IT security professional with 4.7 years of experience in the industry, known for a personable approach to clients and co-workers as well as for delivering and implementing advanced security solutions to small and medium-size businesses, seeks the next career challenge and an opportunity to apply my knowledge and expertise on a larger scale

Work History

Cognizant Technology Solution 

Mar 2016Present

Executive Cyber Security Risk Assessment 

  • Conduct technology risk assessments during new web/mobile application deployments (on premise/on-cloud), vendor SaaS application onboarding, integrations with external application platform and acquired entities, new technology adoption, changes/enhancements to existing business applications and security investigations.
  • Lead the technical security assessments by collaborating with cross-functional teams such as web/mobile application penetration testing, Cloud Security Review (SaaS, PaaS, IaaS) ,infrastructure security testing, identity/access SSO team, perimeter security reviews, data privacy team, etc.
  • Document the risk findings and technical recommendations to remediate in formal reports and present the assessment findings to business and application/system owners.
  • Security advisory to application design and assist the stakeholders on remediation action planning to mitigate the open risks, and enable the senior leaders in making risk-based decisions to support Cognizant’s business needs.
  • Identification and assessment of impact and likelihood of current and emerging threats, risks and vulnerabilities
  • Periodic update and monitoring of risk assessment to include changes in systems, environmental or operating conditions that would affect risk analysis.
  • Identification and prioritization of information system assets.
  • Implementation of appropriate practices and controls to mitigate risks.

May 2015Mar 2016

Senior Cloud Security Analyst

Lead the Engineering practices of Cloud Discovery and Security Research Lab. Responsible for the overall planning, execution and success of these product

  • Research on new feature for the Cloud Discovery ,Cloud Risk Scoring and CASB (Cloud access Security Brokerage )  products
  • Design architecture for Risk Scoring Algorithm which involves research on various cloud risk factor that’s contributes to risk scoring
  • Perform Deep Packet Analysis of the internals of the SaaS apps to increase detection of app for Cloud Discovery product. 
  • Analyze logs and events from the solution and provide threat analysis reports
  • Responsible for doing  a competitor analysis on various  companies products  working under CASB Domain
  • Demonstrating applicable information pertinent to cloud security before the regional directors and management group of the organization
  • Ensuring client needs are met and deliverable produced on time according to specified project deliverable/scope
  • Performing sophisticated penetration examinations for the purpose of ascertaining the technical weaknesses existing the cloud infrastructure



Sep 2013May 2015

Member of Technical Staff

Security Research Engineer with responsibility of security research and content development of next gen Internet SaaS apps.

  • Worked on Netskope Cloud Discovery and Cloud Risk Assessment Product
  • Research and analyze how SaaS app and its various aspect of security
  • Research on CASB ( Cloud Access Security Broker)Shadow IT problems and its solution
  • Research on Cloud Security Risk Assessment and various factor involved in risk calculation
  • Analyzed Cloud Risk Scoring Algorithm and Cloud Confidence scoring algorithm had done Quality Analysis on these algorithm .
  • Worked on manual QA activities on monthly release on Discovery product  
  • Analyze cloud application for its various security features like SSO, 2-Fator Authentication ,IP filtering, Data encryption at rest and in transit ,Single tenant and Multi-tenant Database Finding cloud computing vulnerability like OpenSSL Vulnerabilities, Heartbleed, Poodle attack Creating cloud report which gives the user view about cloud app security ,risk and score based on various characteristic
  • Creating cloud report which gives the user view about cloud app security ,risk and score based on various characteristic

Cheapesto Online Inc, Bangalore,(Headquarters: San francisco)

Mar 2013Sep 2013

JR.Ethical Hacker Consultant

Responsibilities:

  • Performing penetration testing on in house application 
  • Finding out effective ways of manipulating the vulnerable domains of the systems Maintaining high level of security of the information that is crucial for the business growth of the organization
  • Formulating hard-hitting measures with a view to secure the domains that can portray threat to the significant information owned by the organization Identifying efficient measures of sustaining network security at a constant rate
  • Becoming familiar with the business functions and infrastructure of the organization Carefully assessing the software environments and examining the level of risk that they can pose to the network systems of the organization
  • Performing latest assessments with a view to come up with possible solutions for eradicating network related vulnerabilities
  • Scrapping contents from various website

Solutions Infini Technologies (I) Pvt Ltd

Sep 2012Feb 2013

Intern Developer

Web Developer (PHP, Java, MySQL)
Project Title: - Project Management System.

  • Analysis, Design and coding of whole project.
  • Designed database and created tables.
  • Wrote technical documentations in IEEE format.
  • Designed work flow Diagram, Flowcharts, Class diagram 


Technology/Language used :-Php 5.0 ,Core java and My SQL Server 2005.
Brief Description :-Project titled Software Project Management system is a web based application which server online services to the company Online project management collaborate with project resources, analyze risks, determine tasks, and make project a success at anytime.

Education

Garden City College

Jun 2005Jun 2008

BCA

Bachelors of Computer Application

Certifications

IRCA

Information Security Management System- Lead Auditor- ISO 27001:2013

EC-Council

Certified Ethical Hacker (CEH |v8)

Sun Microsystem

Sun Certified Java Programmer (SCJP 6)

IndiaCan

Ankit Fadia Certified Ethical Hacking

NIIT

Certificate Program In Advanced Java Programming For Web Development

NIIT

Certification in Developing Application in Core Java

Skills

Enterprise Risk Management
Cyber Security
Cloud Security Research
Web Application Security
Ethical Hacking
Penetration Testing
Backtrack 5
Project Management
Vulnerability Assessment
Network Security

Training

Training in Ethical Hacking ( Certified Ethical Hacker)

  • Network Security
  • Hacking (Windows and Web Applications)
  • Computer Forensics
  • Backtrack 5 R2
  • Penetration Testing & Vulnerability Assessment for both ,Network as well as Web Application
  • Intrusion Detection, Policy creation, Social Engineering, DDoS Attacks, Buffer Overflows
  • Web Server Security concerns
  • Securing Wireless Networks
  • Knowledge about conducting a Penetration test
  • Vulnerability assessment, Cryptographic
  • Advanced SQL Injection Attacks

Languages

Hindi (native)        English (fluent)         Telugu (basic)