Zeba Naaz
Bangalore
Summary
I have close to 7 years of experience in Information Security, specializing in vulnerability assessment, penetration testing, and application security. Expertise in mobile application security testing and direct/remote analysis. Proven ability to manage projects and collaborate effectively with diverse teams. Strong critical thinking and communication skills enhance team dynamics and project outcomes.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Senior Security Engineer
Rakuten India
12.2022 - Current
- Working on web application testing on the Internally and Externally exposed applications.
- Performed External Network Pentesting and Internal Network Pentesting for Rakuten.
- Attempt to manually exploit the security issues.
- Experience in NPT & cloud Tools (nmap, Wireshark, Nexpose, metasploit, aircrack, crowdstrike, burpsuite pro, ScoutSuite)
- Performed AWS security Pentesting.
- Conducted automated scans on applications using Nessus, and removed false positive issues.
- Performed automated and manual source code review (SAST) using tools such as HP Fortify and Visual Studio.
- Automating regular activities to enhance the process.
- Performed mobile application testing on many of the mobile applications.
- Performed a risk management task.
- Extended support to application teams in understanding and resolving reported vulnerabilities.
- Performing a cloud security audit for Rakuten.
- Implemented technical solutions to improve network security posture and address identified vulnerabilities.
- Researched emerging threats and vulnerabilities impacting business processes.
Security Analyst
Kmart Australia
09.2021 - 12.2022
- Working on web application testing on the Internally and Externally exposed applications.
- Performed External Network Pentesting and Internal Network Pentesting for client.
- Attempt to manually exploit the security issues.
- Experience in NPT Tools (nmap, Wireshark, Nexpose, metasploit, aircrack, Rapid 7, Nessus)
- Performed AWS security Pentesting.
- Automating regular activities to enhance the process.
- Performed Mobile Application Testing on many of the mobile applications.
Security Analyst
Meredith India
04.2019 - 08.2021
- Working on web application testing on the Internally and Externally exposed applications.
- Performed Internal Network PT.
- Vulnerability Assessment and Web Application PT for banking, online-trading and shopping, e-commerce web Apps.
- Performed penetration testing of Payment Gateways.
- Performed Mobile Application Testing on many of the mobile applications.
- Involved in providing sessions on basics of security testing and guiding new, junior or team members.
Security Engineer
Connectivity IT Solutions
09.2017 - 04.2019
- Working on web application testing on the Internally and Externally exposed applications.
- Performed External Network Pentesting and Internal Network Pentesting for client.
- Attempt to manually exploit the security issues.
- Experience in NPT Tools (nmap, Wireshark, Nexpose, metasploit, aircrack).
- Vulnerability Assessment and Web Application PT for banking, online-trading and shopping, e-commerce web Apps.
Education
Post Graduate Diploma - DITISS (Diploma in IT Infrastructure Systems and Security)
CDAC
02-2017
B.Tech - Computer Science and Engineering
Raipur Institute of Technology
Raipur01.2016
Skills
- Web application security testing
- Mobile application testing
- Vulnerability assessment and penetration testing
- Scripting in PowerShell and Python
- Cloud security for AWS, Azure, and GCP
- Automated scanning techniques
- Network penetration testing
- Stakeholder engagement strategies
- Effective communication skills
- Data encryption techniques
- Problem-solving expertise
- Threat analysis
- Secure coding practices
- Security risk assessment
Certification
- C|EH v9
- AWS Solutions Architect Associate
- Certified Appsec Practitioner
Community Activity
Reported vulnerabilities in 20+ public Websites. (Bug Bounty). Secure these websites by reporting vulnerabilities: Lenovo, Sony, Intel, Shop-clues, United Nation, EBay, Achmea, Vrije University Amsterdam, Erasmus University, Dowr etc.
Tools Used
- Kali Linux
- Nessus
- Metasploit
- Sqlmap
- Nmap
- Wireshark
- Burp Suite Pro
- MobSF
- Tenable
- Crowd Strike
- Nslookup
- Crowdstrike
- ScoutSuite
- Prisma cloud
- Rapid 7
- Qualys
- Splunk
- Dependency_tracker
Disclaimer
I hereby declare that the information given is true to the best of my knowledge and I am also confident of my ability to work in a team, and I hope that you will provide an opportunity to work in your esteemed organization.
Timeline
Senior Security Engineer
Rakuten India
12.2022 - Current
Security Analyst
Kmart Australia
09.2021 - 12.2022
Security Analyst
Meredith India
04.2019 - 08.2021
Security Engineer
Connectivity IT Solutions
09.2017 - 04.2019
Post Graduate Diploma - DITISS (Diploma in IT Infrastructure Systems and Security)
CDAC
B.Tech - Computer Science and Engineering
Raipur Institute of Technology
Similar Profiles
Shantanu KumarShantanu Kumar
Software Developer at Rakuten IndiaSoftware Developer at Rakuten India
Vishnu ChaturvediVishnu Chaturvedi
Software Engineer II at Rakuten IndiaSoftware Engineer II at Rakuten India
CHAITHRA SCHAITHRA S
Lead Software Test Engineer at Rakuten IndiaLead Software Test Engineer at Rakuten India
Sangeeth M SajanSangeeth M Sajan
Software Engineer at Stellar innovationSoftware Engineer at Stellar innovation
Apeksha AppalaApeksha Appala
Senior Lead Consultant –Automation, Monitoring and Self-Healing at Allstate IndiaSenior Lead Consultant –Automation, Monitoring and Self-Healing at Allstate India