Anand Varia

▫ Conducting vulnerability assessment and penetration testing for the overall infrastructure and perimeter ▫ Managing the team of Security Analysts ▫ Creating and Managing the Testing Processes ▫ Developing and Updating Methodologies for VAPT, Android Application PT and iOS Application PT ▫ Conduct mobile application security testing(Red Team) for the zebpay's wallet application(android and IOS), guide team members in same ▫ Research and demo on latest attacks to the core team ▫ Cloud security architect for Azure, AWS and google ▫ In-house training to make developers aware about information security from the begining ▫ Code review for the latest releases and patch management ▫ Compliance documentation and external vendor communication ▫ Contributing and guiding the Research and Development process ▫ Handling all the AWS and Azure cloud configurations as well as Identity Access Management and also perfom penetration testing on the same.

Responsible for conducting and managing Penetration Tests on different platforms From initial phases of testing to final report generation, these tests include thorough and in depth assessments of any given application. With good predefined methodologies in place for all the different platforms, we make sure that we do not miss even the smallest of the loophole in any given application. With more focus on manual testing, we are less inclined towards automated tools and testing procedures. We follow strict guidelines and code of conduct to conduct these tests. Responsibilities: ▫ Conducting end to end vulnerabilities assessment for Mobile Applications(android/iOS), Web Applications as well as Network Security assessments for all our National and International clients onsite as well as offsite. ▫ Secure source code reviews for Android and JAVA applications ▫ Red Teaming for Domestic as well as international clients ▫ Infrastructure / Perimeter testing ▫ Training new joinees to understand the Methodology used by NetSqure team which have very less reliance on the automated tools rather it more focused on the manual testing ▫ Specialization in testing banking Web application and Mobile Application ▫ Attended In-House trainings for Buffer/Stack Overflow

Being trainer at Institute of Information Security, training wing Network intelligence India (P) Ltd., was responsible for conducting various training’s of corporate clients & retail training in my free time. As Security Analyst @NII I am responsible for doing various projects for VAPT, Compliance Audits, Forensic Investigation and Configuration reviews. Responsibilities: ▫ Have done pen testing for Web Applications, Network VAPT and Mobile Application testing for various clients including banks, corporate houses, Govt organizations which are clients of NII ▫ Well versed with Network devices, DB, Server audit and Hardening. ▫ Having knowledge of ISO 22301, PCI DSS, ISO 27001 and HIPAA compliances.