Shahzeb Raza
Technology / Internet
About Shahzeb Raza:
Cybersecurity enthusiast with a strong passion for ethical hacking, social psychology and network security. Past work experience includes not only high-security environment, but also low security network open to public. Extensive knowledge in the areas of OWASP Top 10, system security, vulnerability scanning, penetration testing, risk assessment and cyber security analysis. Hard-working, diligent, team-oriented, and a very quick learner. Able to adjust and adapt to the fly with little resistance. Good communication skills in relaying the technical to the non-technical. Overall, seeking to develop a strong career in technology using my knowledge to provide for, maintain and protect public and enterprise services.
Experience
Cyber Security Engineer
TNC Group
Dubai, United Arab Emirates
09/2022 to 12/2022
Responsibilities:-
- White and black box testing for Web Applications, API, Mobile applications (IOS & Android), and REST.
- Scope Security Assessments, Perform Peer-review, write comprehensive security assessment reports for developers, and Propose mitigation to upper management.
- Working with secure coding methodology, best practices, and their implementations within the engineering team.
- Following ATT&CK, CIS, and NIST security framework.
- Reconnaissance, Initial access, Privilege escalation, Defense Evasion, Credential Access, Lateral Movement, Data Exfiltration, Maintaining Access/ Persistence, Reporting.
- Experience with SAST and DAST.
- Keep an eye out for and respond to phishing emails and pharming activity.
- Design new security systems or upgrade existing ones.
- Engaged business and technology stakeholders to gather goals and requirements
- Provided key guidance on increased areas of concern in order to quickly remedy and strengthen deficient policy and procedures implemented at the organization.
- Monitor for attacks, intrusions, and unusual, unauthorized, or illegal activity
- Scope Security Assessments, Perform Peer-review, write comprehensive security assessment reports for developers, and Propose mitigation to upper management
Cyber Security Engineer (Penetration Tester)
M.Anns & Co.
Rawalpindi, Pakistan
04/2020 to 04/2022
Responsibilities: -
- Conducted application penetration testing of 20+ business and E-commerce applications Acquainted with various approaches to Grey & Black box security testing Proficient in understanding application-level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, weak cryptography, authentication flaws, etc.
- Conducted Active Directory Penetration Testing using tools (Responder, Hashcat, ntlmrelyx, psexec, ldapdomaindump, BloodHound, Mimikatz etc.)
- Performed as an Information Security Analyst and involved in OWASP Top 10 Vulnerability Assessment of various internet-facing point of sale web applications and Web services.
- Conducted penetration tests on systems and applications using automated and manual techniques with tools such as Metasploit, Burpsuite, NMAP, FUFF, Acunetix and many other open-source tools as needed.
- Performed onsite and remote security consulting including application testing, social engineering, wireless assessment and Security scan, analysis, policies, and audit.
- Performed vulnerability scanning using Nessus Security Center and maintained clear documentation for every report that is generated.
- Designed a methodology and a procedure for active system & web-app security assessments on the company's infrastructure, to be performed proactively, scheduled, and rapidly on request.
- Provided fixes & filtering false findings for the vulnerabilities reported in the scan reports.
Intern
06/2019 to 12/2020
Security Experts Pvt Limited Blue Area Islamabad, Pakistan
Responsibilities: -
- Performed vulnerability assessments including physical, social engineering, application, and network exploitation.
- Evaluated and leverages automated tools that perform security assessment.
- Configured and management of Sangfor IAM, Fortinet firewall, Snort.
- Performed Automation scanning and analysis on the applications on a monthly basis.
- Updated documentation as necessary.
- Interacting with clients with Addressing Issues.
Volunteer at PISA
August 2019 to Present
Participated in Cyber Olympics (CTF) in July 2019 helped my team members to crack the critical windows passwords and find some vulnerabilities like Eternal Blue/SMB-v1, FTP, etc.
OIC Cyber drill (Malware analysis) in Sep 2019. Looking forward to participating in Cyber drills in the future as well.
Intern
Institute of Cybersecurity
Rawalpindi, Pakistan
August 2018 to April 2019
In this Institute, I have got familiar with cybersecurity and got a basic understanding of Offensive and Defensive sites and I have earned a Certificate of CHCE-v2.
Education
Bachelor's Degree in Coumputer Science
Professionals in the same Technology / Internet sector as Shahzeb Raza
Other users who are called Shahzeb
Jobs near Dubai, دبي
-
Architectural BIM Modeler
10 hours ago
Job Title: Architectural BIM Modeler · Duncan & Ross is seeking a highly skilled Architectural BIM Modeler to join our team in the Digital Engineering vertical. · Key Responsibilities: · Create and manage detailed Building Information Models (BIM) for architectural projects, ensu ...
-
Kiosk Sales
1 day ago
Direct apply
Dr Scent Sharjah, United Arab EmiratesThe Kiosk Sales Coordinator is responsible for managing and overseeing the daily operations of a retail kiosk. This role includes ensuring exceptional customer service, driving sales performance, and coordinating with the sales team to achieve business goals. The Kiosk Sales Coor ...
-
Project Cost Controller
14 hours ago
Mandatory experience withinTotalEnergies, on Projects · Degree: Diplomarelated to the Cost Control / Accounting / Finance /Engineering · Professional & Contractexperience: 10 years minimum in similar position, and with similarlarge-scale projects & environment inTotalEnergies. · ...