Naresh Kumar 2
About Candidate
| ● Looking for a challenging role in a reputable organization to utilize my technical skills for the growth of the organization as well as to enhance my knowledge about new and emerging trends in the cyber security domain. ● Hands-on experience in Vulnerability Assessment and Penetration Testing of application security including web services, Network & Host. ● 1+ yrs. of working experience in the Cyber Security Domain and still pursuing further to enhance cyber security skills. |
Education
Secondary education completed by CBSE Board, Grade A
Work & Experience
● Worked on VAPT tools such as Burp Suite, Acunetix, Nessus, OWASP ZAP, nmap. ● Vulnerability Assessment/Vulnerability Management: - VAPT tracking and closure of the identified vulnerability for Desktop, Windows/Linux Server, and Network Devices. ● Finding Vulnerability in web application and creating an action plan to prevent security breaches in the technology. ● Creating vulnerability report and sharing with department. ● Weekly report: Top 10 users Proxy access report and Internet visited user reports to check unauthorized access, IDS reports.
● Hands-On experience on web application security. ● Expertise on BRUP SUITE tools : Ability to analyze and detect false positives from the vulnerabilities identified by scanners. ● Perform Application Server hardening, Secure configuration review, SSL/TLS configuration/protocol testing. ● Ability to draft the Cyber Security Advisory manuals and send to concerned departments for necessary actions. ● Identifying the weakness in the websites/applications and creating an action plan to prevent security breaches in the technology. ● Perform port scan to find out open ports, running services, Operating systems and automated scan for vulnerabilities. ● Experienced in patch management after finding the loopholes and communicating effectively with all stakeholders in order to mitigate the existing vulnerabilities in the application. ● Perform scanning as an internal security auditor of all the websites applications for malware and security risks on a regular basis. ● Proficient in performing manual testing/exploitation of vulnerabilities both with and without the aid of automated tools. ● Conduct internal/external security audits of the proposed websites/applications. ● Analyse external VAPT report findings of WeB applications received from empanelled agencies and ensure its remediation in place for maintaining the security compliance. Working on SAST/ DAST Tools (Commercial & Open source): ● Burp suite Pro, Acunetix, Nessus, Netsparker, OWASP ZAP, nmap for VA, sqlmap, Kali Linux (nmap, recon-ng).
