• VAPT of API and Web App Mobile App based on OWASP.• Session on PCI-DSS compliance.• Implementation of OWASP dependency check with the use of suppression.• Vulnerability Assessment with Qualys.• Implementation of forward proxy.• Security assessment of cloud configuration.• Managing third party vendors to successfully conduct external VAPT.

• Network Pentest for EUIPO (European Union trademark).• SIEM Administration and Troubleshooting: Asset Discovery and configuration, IDS deployment, Logs Troubleshooting, Logs Monitoring & Analysis, availability monitoring, Security Patch Update, report generation, integration and implementation of new network devices and Day-to-day monitoring of SIEM/IDS tool. Monitor networks for security breaches and investigate a violation when one occurs.• SIEM Configuration: Customization of rule and suppuration of logs from devices, which is not required in events monitoring. Whitelisting of USB devices on request and generate alarm for external devices. Define assets value and configuration of priority and reliability of events. Configure role-based Access of SIEM tools. Configuration of file integrity monitoring and must have software uninstallation alarm generation. • Integration of log source: configured and ensure critical servers and all network devices should send logs to SIEM solution• Firewall Rules Configuration: Palo Alto firewall policy Creation. • Vulnerability Assessment: Ensure Team members conduct vulnerability assessment on monthly and quarterly basis and help in understanding and fixing vulnerabilities to ensure closure and its mitigation plan. Preparation of Vulnerability reporting.• SIEM Ticketing & Reporting: Creation of tickets for vulnerability, violation and alarms when occur. Taking ownership and resolving tickets ensuring SLA.

• Global Vulnerability assessment through Qualys.• Vulnerability communication to stakeholders globally.• Remediation suggestion and follow-ups.• SSL scanning and cryptographic configuration suggestion as per standards.• Manage scheduled and ad-hoc scans as per request.

Looking for a chance to explore more into the security domain and to work in challenging enviorment.