Associate security consultant
I am a working as a security analyst in the application security as well as web security domain which includes manual and automated code review,web application vulnerability assesment(dynamic scan)penetration testing,malware analysis, advanced penetration testing.
*Design and integration and support of different security solutions for various customers and installation of security frameworks for client organization.
*perform exploit,vulnerability and penetration assesment that identify current and future internal and external security vulnerability.
*Defines baseline security confugiration for operating system across multiple platforms.
Review security logs of various devices to perform analytics and forensic methodology.
*Quality assuarance to review the PCI compliance reports as per the PCI-SSC norms.
*Information security consultant for compliance solutions on PCI-DSS ,PA-DSS,HIPAA,DPA,RBI PASS audit,SOX,ISO27001,and cobit.
*Network vulnerability assesment (using Qualysguard ) And network audit.
*Implimentation and operation knowledge of various security solutions like Arcsigh , SIEM ,Cisco IDS ,IBM -ISS ,websense ,Ftk forensics ,symatec DLP , fire eye MacAfee antivirous,Qualysguard.
*Reverse engineering,static and dynamic analysis,memory analysis &offering mitigation suggestion for the reported malware.
TOOLS:: metaspolite framework,qualysquard ,IBM APPscan,checkmarx,fortify 360,beSTROM ,IDA pro, NET Reflector,Ollydbg ,IDA- PRO ,ZAP ,Burp ,cenzic Hailstor ,web scarab ,Nexpose ,aircrack-ngsuit ,sysinternals ,HP weblnspect,acunetixwvs ,Nessus ,Rational clear Quest
application security- mobile application security,flash security,fuzz testing,Basic exploit development (stack,Heap,SEH) Web service testing.