Cybersecurity Professional with expertise in Penetration Testing, Application Security, and DevSecOps, securing web, mobile, and cloud environments. Skilled in CI/CD security, SIEM, and Active Directory hardening to strengthen enterprise security posture.
Hi, I’m
Jawad Kazmi
Security Engineer
Islamabad
Summary
Overview
6
years of professional experience
3
Certifications
1
Language
Work History
Tranchulas Pvt Ltd
Security Engineer
10.2020 - Current
Job overview
- Conduct penetration tests on web and mobile applications to identify vulnerabilities and recommend appropriate security improvements
- Perform routine vulnerability assessments across various system components, including servers, databases, and network devices
- Experienced in DevSecOps, working in CI/CD environments to embed security tools for Software Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Infrastructure as Code (IaC) security.
- Utilize industry-standard tools to scan for weaknesses and vulnerabilities, interpret the findings, prioritize risks, and work closely with IT teams to develop and implement remediation strategies
- Implement Security Information and Event Management (SIEM) solutions on network devices and host systems for real-time security alerts and rapid incident response
- Utilize CIS Benchmarks to harden systems, thereby reducing the attack surface and bolstering overall security posture
- Carry out periodic assessments of Microsoft Active Directory configurations and policies to pinpoint and mitigate potential security risks
- Develop security training materials, including modules and workshops, to educate staff on best practices for maintaining a secure operational environment
- Advises clients on IT security risks and best security practices
BugsLife
Penetration Tester
01.2019 - 09.2020
Job overview
- Conducted web and mobile app security assessments and penetration testing
- Performed vulnerability assessments using tools such as Burp Suite, Nmap, Nessus, and OpenVAS to identify vulnerabilities in web applications, network devices, and operating systems
- Conducted manual penetration testing using industry-standard techniques to identify and exploit vulnerabilities in clients' systems
- Authored detailed reports outlining findings and recommendations for remediation, which were presented to clients at the conclusion of each engagement
Education
COMSATS University Islamabad
Bachelor of Science from Software Engineering
02.2016 - 1 2020
University Overview
Skills
Web Application Penetration Testing
Certification
Certified DevSecOps Professional - CDP
Timeline
Certified DevSecOps Professional - CDP
02-2025
Certified Red Team Operator - CRTO
05-2023
Certified Red Team Professional - CRTP
02-2022
Security Engineer
Tranchulas Pvt Ltd
10.2020 - Current
Penetration Tester
BugsLife
01.2019 - 09.2020
COMSATS University Islamabad
Bachelor of Science from Software Engineering
02.2016 - 1 2020
Similar Profiles
GAYATHRI DEVIGAYATHRI DEVI
Assistant of Regulatory Affair at VKL SEASONING PVT. LTD. / KEYA FOODS INTERNATIONAL PVT. LTDAssistant of Regulatory Affair at VKL SEASONING PVT. LTD. / KEYA FOODS INTERNATIONAL PVT. LTD
Anum HasanAnum Hasan
Head of Department -Software Project Management & Business Development at Appedology (Pvt.) Limited - New Name of Protégé Global (Pvt.) LimitedHead of Department -Software Project Management & Business Development at Appedology (Pvt.) Limited - New Name of Protégé Global (Pvt.) Limited
Thiyaga Lakshmi VellaiSamyThiyaga Lakshmi VellaiSamy
Senior Software Implementation Specialist at DigiSME Pvt Ltd (a) Majulah Info-Tech Pvt LtdSenior Software Implementation Specialist at DigiSME Pvt Ltd (a) Majulah Info-Tech Pvt Ltd