Syed Shujauddin Q.

• Defining the test plan, strategy and deriving the road map for Application Security of the organisation. • Conducting Application Security Testing like DAST, SAST, IAST and Static source code review of web and mobile applications using automated and manual approach. • Evaluate cloud security risks across IaaS/PaaS/SaaS solutions and mapped control, dependencies and security solutions such as CASB (McAfee) and encryption. • The key areas of expertise are Data security including Data classification, Data encryption which includes tokenization, static and dynamic data masking, DLP and data governance. • McAfee CASB- Design and develop authentication, authorization, auditing, data at rest encryption and other security features. • McAfee CASB - Design and develop infrastructure security components like DLP policies, security monitoring and etc. • Designing the architecture of the solution, and assisting the technical team for POCs, compiling the proposal from different business unit. • Mapping client’s security requirements. And advising clients on senior level. SKILLS: • Strong knowledge of security vulnerabilities and remediation as listed in sites like OWASP, SANS, etc • Strong knowledge of web application security issues. • Experience with Cloud security tool orchestration system such Prisma Cloud and AWS • Strong knowledge of OWASP Top 10. • Extensive experience in CASB solution for McAfee. • Extensive experience in integration of O365, AWS, Azure with CASB Solution: McAfee • Profound knowledge of TCP/IP and networking concepts. • Strong knowledge of AWS core services: - EC2, S3, RDS, VPC, ELB, Lambda, etc. • Familiar with CI tool like Jenkins. • Experienced in report writing/presentation & client debriefing. • Experienced in Risk analysis and proposing recommendations/countermeasures. • Knowledge of Ethical Hacking and their Countermeasures.