BurpSuite
Sundeel Bin Haleem
Jhelum,Pakistan
Summary
Professional Penetration Tester with six years of expertise in Information Security implementing security across multiple organizations. Possess practical knowledge of application security, active directory security, cloud security, vulnerability assessments, OWASP, and various security testing tools. Expertise as an Information Security Analyst conducting OWASP Top 10 based Vulnerability Assessments of diverse internet-facing web applications, mobile applications and web services as well as perform red team operations for on premises active directory environments.
Overview
6
6
years of professional experience
1
1
Certification
Work history
Penetration Tester
VaporVM
Riyadh, Saudi Arabia
11.2022 - Current
- Perform penetration testing activities for client's infrastructure including web applications, mobile applications, and APIs.
- Engage in activities to discuss security architecture for new applications and infrastructure.
- Deliver high quality reports related to relevant change requests and ensure proper vulnerability closure.
Manager Offensive Security
Askari Bank
Islamabad, Pakistan
11.2021 - 11.2022
- Manage, coordinate internal vulnerability assessments & penetration testing for Bank’s infrastructure and business applications.
- Coordinate, assist independent 3rd party vulnerability assessment & penetration testing activities.
- Assist Team Lead GRC in management and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of IT security across the Bank.
Unit Head VAPT
MCB Islamic Bank
Lahore, Pakistan
05.2021 - 08.2021
- Internal / External Vulnerability Assessment & Penetration Testing (VAPT) exercise as per department policy and regulatory requirement.
- Engage stakeholders within IT and business function to track vulnerabilities and ensure its closure.
Application Security Engineer
VisionX
Islamabad, Pakistan
10.2020 - 03.2021
- Perform Penetration Testing and Vulnerability Assessment of developed Web applications, APIs, Mobile Applications (iOS + Android) and cloud infrastructure (AWS).
- Ensure all developed products comply with OWASP ASVS standard to meet best security practices.
- Perform periodic security assessment of all products with regards to newly discovered attack vectors.
Senior Officer IT - Information Security
Zong CMPAK
Islamabad, Pakistan
07.2018 - 10.2020
- Penetration Testing and Vulnerability Assessment of IT Web/Mobile/WebAPI Applications against OWASP Top 10 vulnerabilities.
- Ensure that information security is adequately addressed in development stage of any new products/portals.
- Conducting security awareness sessions for nationwide teams.
Education
Bachelor of Science - Electrical (Telecom) Engineering
National University of Sciences And Technology
IslamabadSkills
- Active Directory Security Assessment
- API Security Testing
- Azure Security
- AWS Security
- Information Security
- Mobile Application Security Testing (iOS Android)
- OWASP Top 10
- Password Cracking, Brute-Force, Dictionary Attacks
- Penetration Testing
- Red Teaming
- Security Awareness Training
- Source Code Review
- Vulnerability Assessment
- Web Application Security Testing
Certification
- Certified AWS Red Team Specialist (CARTS)
- Certified Enterprise Security Professional - AD CS (CESP - ADCS)
- eLearnSecurity Certified Professional Penetration Tester (eCPPTv2)
- Certified Red Team Expert (CRTE)
- Certified Azure Red Team Professional (CARTP)
- Certified Red Team Professional (CRTP)
- eLearnSecurity Web Application Penetration Tester (eWPT)
- Certified Ethical Hacker (CEH) v10 (Practical)
- eLearnSecurity Junior Penetration Tester (eJPT)
Software
Rapid7 Appspider
Netsparker
Acunetix Web Vulnerability Scanner
OWASP ZAP
Rapid 7 Nexpose
Nessus
Kali Linux
Metasploit Framework
NMap
MobSF
Timeline
Penetration Tester
VaporVM
11.2022 - Current
Manager Offensive Security
Askari Bank
11.2021 - 11.2022
Unit Head VAPT
MCB Islamic Bank
05.2021 - 08.2021
Application Security Engineer
VisionX
10.2020 - 03.2021
Senior Officer IT - Information Security
Zong CMPAK
07.2018 - 10.2020
Bachelor of Science - Electrical (Telecom) Engineering
National University of Sciences And Technology