Home $Whoami
$Whoami
Cancel

$Whoami

Computer Geek by instincts, Telecommunication Engineer by formal education, Info-Sec Chunin by interest, fond of strategy gaming and an expeditious learner, I am currently working full-time in a Managed Security Service Provider as a Lead Security Engineer and aiming to make my team from magicians to wizards while unlocking the secret art and more doors of cyber sec myself down the line

I am OSCP Certified and currently enrolled for OSWE. Below is a gist of my professional career.

  • Lead Security Engineer, Ebyrx

    - Conducting In-house trainings regarding penetration testing and security best practices
    - Planning Red Team Activity for Telecom, Banking & Health sector
    - Preparing client specific threat models
    - Performing both manual and automated black, grey and white box Web, Mobile, thick client & Cloud Infrastructure (AWS,Azure,GCP)
    - Performing risk assessments to ensure corporate compliance
    - Serve as a point contact for onshore and offshore clients during various penetration testing and security audit projects
    - Assisting Pre-Sales and Sales team during lead engagements
    - Collaborate with developers on patching bugs and vulnerabilities

    July 19 - Present

  • Security Engineer, Ebryx

    - Performing web, mobile (Android + iOS) and thick clients application penetration testing
    - Performing network penetration testing, security analysis and risk management for designated systems as per NIST and PTES standards
    - Conducting internal and external Dynamic and Static Application Security Testing (SAST & DAST) based as per security frameworks and standards
    - Implementing SANS Critical 20 in enterprise network
    - Design, develop and implement penetration tools and tests to be used in penetration testing activities
    - Creating reports, detailing assessment findings and recommendations
    - Prepare PoC of exploits and vulnerabilities found during pentest engagements
    - Evaluating and integrating various security solutions.
    - Collaborate with developers on patching bugs & vulnerabilities

    Jan 17 - Jun 19

  • SOC Analyst, Ebryx

    - Monitoring of security events received through alerts from Security Incident and Event Monitoring or other security tools
    - Monitoring of alert and downstream dependency’s health
    - Mentorship of junior security analysts to make them world class ninjas
    - Infrastructure security, Intrusion Detection and Prevention, configuring firewall rules and content filtering, Auditing, File integrity monitoring
    - Respond to customer inquiries around security related questions resulting from security tickets
    - Provide Incident Response (IR) support when analysis confirms actionable incident
    - Provide threat and vulnerability analysis as well as security advisory services
    - Investigate, document, and report on information security issues and emerging trends.

    Jul 16 - Jan 17

  • Security Research Assistant , Confidential

    DESIGN AND IMPLEMENTATION OF OPEN NETWORK LAYER TO MAKE A SECURE LAYER 3 SWITCH
    - Researched on implementing Open Network Linux (ONL) on Quanta Mesh bare metal switch i.e. how to forward packets from control plane to data plane
    - Understand and implement Software Design Networks (SDN) on bare metal switch
    - Assist ONL core team in debugging issues while compiling Network Operating System (NOS)
    - Do code audit of ONL from security perspective

    Jun 15 -Jul 16

Trending Tags
OSCP

© 2021 Moiz Imtiaz. Some rights reserved.

dodain dodain dodo, is the secret to the hidden door

Trending Tags

OSCP