• Led a cross-functional team of 55 in developing and implementing cybersecurity strategies, resulting in a 37% productivity increase.• Enhanced network segmentation and cybersecurity posture at various organizations , reducing cybersecurity insurance costs.• Collaborated with stakeholders to resolve network issues and implement cyber security training for employees.

IAM on cloud and cyberark consultant

IAM and cyberark consultant

IAM , Cyber security and Sailpoint consultant

IAM , Security and sail point consultant

• Schedule the pen test for the whole year, also make sure that all the applications are covered in the schedule and completed in the time frame. • Perform risk assessments to ensure corporate compliance • Evaluating the business requirements, application functionality with project teams to do assessments. • Experience with Burp Suite, SQL Map, NMap, and Nessus. • Advised on secure data deletion and equipment sanitization, decommissioning and reuse guidelines for high security environments. • Using various Firefox add-ons like Flag fox, Live HTTP Header, Tamper data to perform the pen test • Provide remediation steps to the team and follow up. • Re testing the applications for found vulnerabilities and post production support. • Retest the fixed issues and ensure the closure • Performed Vulnerability Assessments and Data Classification • Capable of identifying flaws like Security Misconfiguration, Insecure direct object reference, Sensitive data exposure, Functional level access control, Invalidated redirects. • Involved in testing of GUI mostly on technologies like CSS, jQuery, Java script. • Conducted onsite penetration tests from an insider threat perspective • Burp suite, Dirbuster, HP Fortify NMap tools on daily basis to complete the assessments • Validate the false positives and report the issues. • Used JavaScript for validations and integrating business server side components on the client side with • OWASP Top 10 Issues identifications like SQLi, CSRF, and XSS. • Explanation of the security requirements to the design team in initial stages of SDLC to minimize the efforts to rework on issues identified during penetration tests. • Execute and craft different payloads to attack he system to execute XSS and different attacks. • Identified issues on sessions management, Input validations, output encoding, Logging, Exceptions, Cookie attributes, Encryption, Privilege escalations.