Freelancer » IT, Entwicklung » Qualitätsmanagement / Testing (IT)
freiberufler Information Security Manager (Cybersecurity) auf freelance.de

Information Security Manager (Cybersecurity)

offline
  • auf Anfrage
  • 1219 Dhaka
  • auf Anfrage
  • bn
  • 26.03.2024
Jetzt registrieren & Kontakt aufnehmen

Kurzvorstellung

Seasoned Information security professional with 16+ years of demonstrated experience in both building & breaking applications and helping build enterprise-standard information security practices across various domains.

Qualifikationen

  • Amazon Web Services (AWS)
  • Architekturvisualisierung
  • Art direction
  • CISA (Certified Information Systems Auditor)
  • CISM (Certified Information Security Manager)
  • Cyber Security
  • Cyber Security Practitioner (CSP)
  • DIN ISO/IEC 27001
  • Ethical Hacking
  • IT-Governance
  • IT Sicherheit (allg.)
  • Licensed Penetration Tester (LPT)
  • Penetrationstest
  • Web Security

Projekt‐ & Berufserfahrung

Lead Cybersecurity Engineer (Festanstellung)
A2Secure, Dhaka
12/2020 – offen (3 Jahre, 5 Monate)
IT & Entwicklung
Tätigkeitszeitraum

12/2020 – offen

Tätigkeitsbeschreibung

Security Office Management
Cybersecurity Strategy Execution
CISO Support
Enterprise VAPT Planing
Cybersecurity Project Mangement

Eingesetzte Qualifikationen

Amazon Web Services (AWS), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), Cyber Security, Cyber Security Practitioner (CSP), DIN ISO/IEC 27001, Ethical Hacking, IT-Governance, IT Sicherheit (allg.), Licensed Penetration Tester (LPT), Penetrationstest, Web Security

Head of Security Operations
Enterprise InfoSec Consulatnts, Dhaka
12/2019 – 5/2021 (1 Jahr, 6 Monate)
IT & Entwicklung
Tätigkeitszeitraum

12/2019 – 5/2021

Tätigkeitsbeschreibung

I have collaborated/mentored/contributed to the team with all sorts of security operations activities e.g., Web/Phone App, Server, Network, Cloud, On-Prem infrastructure Penetration Testing. Pertaining,

Lead the Security Operations effort of the company
Mentor/Coach resources for client engagement
Assist Management in all types of security management

Eingesetzte Qualifikationen

Cyber Security, Cyber Security Practitioner (CSP), Ethical Hacking, PCI-DSS

Application Security Manager (Festanstellung)
Augmedix Inc, Dhaka
12/2014 – 12/2019 (5 Jahre, 1 Monat)
Gesundheitswesen
Tätigkeitszeitraum

12/2014 – 12/2019

Tätigkeitsbeschreibung

1. Application Penetration Testing with the recommendation for remediation
2. Complete security assessment of Application with the recommendation for remediation
3. Cloud (AWS) infrastructure complete vulnerability assessment, security & penetration testing with the recommendation for remediation
4. Static and Dynamic code analysis (SAST & DAST) with the recommendation for remediation
5. Reconnaissance - Open Source Intelligence (OSINT) using Datasploit, Spiderfoot, foca pro, Buscador, Maltego, Recon-ng, Shodan, theHarvester etc.
6. API Security Testing
7. Malware, Phishing, Breach, data leakage detection
8. Firewall audit and configure
9. Security Awareness training for developers
10. Android and iOS application vulnerability detection and security testing
11. Hands-on S-SDLC Implementation
12. DevSecOps
13. Integration of security in CI/CD automation

Eingesetzte Qualifikationen

Certified Ethical Hacker (CEH), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), Amazon Web Services (AWS)

Ausbildung

Bsc in Computer Science and Engineering
Bchelor of Science
University of Development Alternative
2006
Dhaka

Über mich

Expert In

1. Application Penetration Testing with the recommendation for remediation against OWASP Top 10, SANS 24 etc.
2. Complete security assessment of Application with the recommendation for remediation with HIPAA, ISO 27001, DISA STIG, OWASP ASVS, PCI DSS WASC Threat Classification
3. Cloud (AWS) infrastructure complete vulnerability assessment, security & penetration testing with the recommendation for remediation HIPAA, PCI DSS
4. Static and Dynamic code analysis (SAST & DAST) with the recommendation for remediation as a part of SSDLC
5. Reconnaissance - Open Source Intelligence (OSINT) using Datasploit, Spiderfoot, foca pro, Buscador, Maltego, Recon-ng, Shodan, theHarvester etc.
6. API Security
7. Malware, Phishing, Breach, data leakage detection
8. Firewall audit and configure
9. Security and penetration testing trainer
10. Android and iOS application vulnerability detection and security testing
11. Hands-on S-SDLC Implementation
12. DevSecOps
13. Integration of security in CI/CD automation

Weitere Kenntnisse

Certification Achieved
1. CEH v10 - Certified Ethical Hacker v10
2. ECSA v9 - EC- Council Certified Security Analyst v9
3. CEI v2 - Certified EC-Council Instructor v2
4. Certified Application Security Engineer - Java
5. Licensed Penetration Tester (Master)
6. Alien Vault Certified Security Engineer (Training done waiting to sit for the Exam)
7. CISSP - Certified Information Systems Security Professional (ISC2 Training done waiting to sit for the Exam)
8. ISO 27001 Lead Implementor.
9. Microsoft Certified: Azure Security Engineer Associate (AZ - 500)
10. Google Certified Security Engineer
11. Certified Information Security Manager (CISM)
12. Certified Information Security Auditor (CISA)

Persönliche Daten

Sprache
  • Bengalisch (Muttersprache)
Reisebereitschaft
auf Anfrage
Home-Office
unbedingt
Profilaufrufe
137
Alter
38
Berufserfahrung
2 Jahre und 4 Monate (seit 12/2021)
Projektleitung
3 Jahre

Kontaktdaten

Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.

Jetzt Mitglied werden