Prachi Dubey
Cyber Security Engineer
Gwalior
Summary
Skilled Cyber Security Expert with experience in the Information Security domain. Web and Mobile application security OWSP top 10, Network Security, ISO audit Well-versed indirect and remote analysis with strong critical thinking communication skills. Fully knowledgeable in applicable regulations and standard audit procedures.
Overview
8
8
years of professional experience
7
7
years of post-secondary education
5
5
Certifications
1
1
Language
Work History
Information Security Engineer
Nagarro
India
03.2022 - Current
- Working with European clients to ensure the security of all their E-commerce applications
- Conduct security testing on Web applications, Mobile applications (Android and IOS), and Application Program Interface (API)
- Embedded into SDLC flows and reports to Application Security Manager, dev teams and acts as a point of contact to Business Analysts, Tech Leads, and Devs
- Ensure principles are followed during the development lifecycle and look into requirements, system design, and code security reviews
- Verifies application is secure by doing penetration testing and do cross-check of identified vulnerabilities
- Manages Automated security testing tools (SAST and DAST) such as Checkmark's, Nessus and Acunotix
Senior Information Security Consultant
Protiviti
Mumbai
01.2019 - 03.2022
- Conduct security testing on Web applications, Mobile applications (Android and IOS), Thick Client Applications, and Application Program Interface (API)
- Built relationships and fostered effective communication with legal personnel to conduct practical investigations.
- Monitored use of data files and regulated access to protect secure information.
- Developed plans to safeguard computer files against modification, destruction, or disclosure.
- Monitored computer virus reports to determine when to update virus protection systems.
- Encrypted data and erected firewalls to protect confidential information.
- Performed risk analyses to identify appropriate security countermeasures.
- Conducted security audits to identify vulnerabilities.
- Performed static/dynamic testing, threat modeling, design reviews, and penetration testing of web, mobile, and network to identify vulnerabilities and security defects
- Perform Penetration testing and reverse engineering on Android and IOS applications
- Perform IT audit and review of controls related to IT Operations such as Change management, Logical Access Management, Asset Management, Audit Log Management, Data Security & Privacy Management, Incident Management, Physical & Environmental/ Security controls, Capacity & Backup Management, and new IT technologies
- Perform activities such as internal and external network vulnerability assessment & penetration testing
- Perform secure configuration review of network devices to provide visibility on User access control on systems, password and account policies, services, and applications running on critical systems, and set of missing security patches
- Prepare detailed vulnerability reports for the client. Provide security recommendations for development teams during all phases of development
- Recommend improvements in security systems and procedures.
- Acted as a team leader in group projects, delegating tasks and providing feedback.
- Gained strong leadership skills by managing projects from start to finish.
- Developed strong communication and organizational skills through working on group projects.
- Self-motivated, with a strong sense of personal responsibility.
Information Security Analyst
Security Innovation
Pune
01.2017 - 11.2018
- Conducted penetration tests of Web, and Mobile applications
- Performed static/dynamic testing, threat modeling, design reviews, and penetration testing of web, and mobile applications to identify vulnerabilities and security defects
- Performed manual and automated web application security testing of e-commerce web applications to enforce security standards
- Performed manual pen tests with aid from industry-standard open-source custom-developed tools
- Provided security recommendations as a subject matter expert for development teams during all phases of development
- Conducted hands-on technical security awareness training (CMD-CTRL Hackathon) for software architects
- Documented vulnerabilities and work with developers on vulnerability remediation.
- Monitored use of data files and regulated access to protect secure information.
- Conducted security audits to identify vulnerabilities.
- Performed risk analyses to identify appropriate security countermeasures.
Project Associate Engineer
C-DAC (Centre for development and advanced computing)
Mohali
03.2016 - 12.2016
- Conducted Web application security testing, Mobile applications, and threat analysis
- Conducted Information Security Awareness Workshops (ISEA) for Government employees, Punjab Police, and College and school students.
Education
PG Diploma in IT Infrastructure, Systems And Security -
C-DAC Hyderabad
08.2015 - 02.2016
Bachelor’s Degree – Electronics And Telecommunication Engineering -
Government College of Engineering
Nagpur 08.2012 - 07.2015
Diploma in Electronics And Telecommunication -
Government Polytechnic
Aurangabad 05.2009 - 07.2012
Skills
Vulnerability and Penetration Testingundefined
Certification
ISO 27001 Lead Auditor
Tools Techniques
Nessus, IBM App Scan, Sonarqube, Checkmarx, Sqlmap, ZAP, Vega, Acunetix, Burp Suite, Metasploit, Qualys, Drozer, Frida, Needle, ADB, Cycript, APKTool, Genymotion, Nmap, Hopper, Java, Python, PHP, ASP.NET, Mac OS, Windows, Linux (Ubuntu, kali)
Interests Hobbies
- Dancing
- Yoga
- Travelling
Disclaimer
12/13/23
Timeline
Information Security Engineer
Nagarro
03.2022 - Current
Senior Information Security Consultant
Protiviti
01.2019 - 03.2022
Information Security Analyst
Security Innovation
01.2017 - 11.2018
Project Associate Engineer
C-DAC (Centre for development and advanced computing)
03.2016 - 12.2016
PG Diploma in IT Infrastructure, Systems And Security -
C-DAC Hyderabad
08.2015 - 02.2016
Bachelor’s Degree – Electronics And Telecommunication Engineering -
Government College of Engineering
08.2012 - 07.2015
Diploma in Electronics And Telecommunication -
Government Polytechnic
05.2009 - 07.2012
Similar Profiles
Yuvika SinghYuvika Singh
Associate Director at NagarroAssociate Director at Nagarro
ANUJ KUMARANUJ KUMAR
Delivery / Program Manager at NagarroDelivery / Program Manager at Nagarro
Rajyashree ChaturvediRajyashree Chaturvedi
Associate Staff Engineer at NagarroAssociate Staff Engineer at Nagarro
Anas KhanAnas Khan
Senior Team Leader at NagarroSenior Team Leader at Nagarro
KOMAL AGRAWALKOMAL AGRAWAL
Student of Digital Content Writer at Https://www.henryharvin.com/Student of Digital Content Writer at Https://www.henryharvin.com/