Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Additional Information
Work Availability
Interests
Timeline
SeniorSoftwareEngineer
Syed Immad Ali

Syed Immad Ali

Information Security Specialist
Karachi, Postal,Code

Summary

Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing web security framework. Computer security professional with 4 years of progressive experience in Security industry and 6 years in Software Development industry. Demonstrated skill identifying business risks and compliance issues and designing proactive solutions.

Overview

2
2
Languages
4
4
Certifications
11
11
years of post-secondary education
9
9
years of professional experience

Work History

Consultant Information Security

Systems Limited
Islamabad, Punjab
10.2019 - Current
  • Performed risk analyses to identify appropriate security countermeasures.
  • Recommend improvements in security systems and procedures.
  • Conducted security audits to identify vulnerabilities.
  • Web Application Penetration Testing.
  • Vulnerability Assessment/Fixations.
  • Security Operations
  • Inventory Management.
  • CIS Benchmarking and compliance.
  • Status Reporting to Management
  • Follow-ups with relevant Operation teams.
  • Provided consultation and technical services on all aspects of information security.
  • Performed risk and vulnerability assessments and provided results and recommendations to senior management.

Clients:

  • Telenor345 Head Office Islamabad as resident engineer (Vendor services in Security Operations)

Methodology:

  • SEC460: Enterprise Threat and Vulnerability Assessment

Tools:

  • Nessus
  • Nexpose
  • Kali Linux
  • AppScan
  • Accunetix
  • Netsparker
  • Burp Suit

Principal Security Analyst

Digit labs
Karachi, Sindh
03.2018 - 09.2019
  • Network Vulnerability Assessment using Nessus.
  • Servers Vulnerability Assessment using Nessus.
  • Followed Owasp Top10 for Web Application and android application testing.
  • API testing using SOAP UI and Burp
  • Android Application Penetration testing.
  • Ensure to provide security consultancy for web application business logics and data security.
  • Developed and maintained courteous and effective working relationships.
  • Provide web security and software development consultancy to developing GRC system.
  • Provide web security and software development consultancy to Developed and Design customized Penetration testing Reporting Module.
  • Provide web security and software development consultancy to developed Audit Module.

Clients:

  • Bank Al Habib (Android & Web Applications Pentest)
  • Meezan Bank (Web Applications Pentest)
  • Allied Bank (Network & Web Applications Pentest)
  • Agha Khan University Hospital (Web Applications Pentest)

Methodology:

  • Owasp Top10 (Web Application and Mobile)
  • Business Logics.
  • Web application server side bugs and security flows.
  • Network communications channels.

Major Findings:

  • SQL Injection
  • XSS.
  • Broken Authentication.
  • Server Side Template Injection.
  • Privilege Escalation.

Consulting Associate

AF Ferguson(PWC)
Karachi, Sindh
07.2017 - 03.2018
  • Performed risk analyses to identify appropriate security countermeasures.
  • Recommend improvements in security systems and procedures.
  • Web Application Penetration Testing.
  • Vulnerability Assessment/Fixations.
  • Follow-ups with relevant Operation teams.
  • Provided consultation and technical services on all aspects of
  • Information security.
  • Performed risk and vulnerability assessments and provided results and recommendations to senior management.

Clients:

  • AlBaraka Bank (Mobile Applications Pentest)
  • Jubilee Life Insurance (Web Applications Pentest)
  • Dynea Pakistan (Web Applications Pentest)
  • Agriauto Pakistan (Web Applications Pentest)
  • PakSuzuki (Website Pentest, Review and Quality Assurance)
  • IGI Insurance Limited (Pentest)

Manager Web Application

Singer Pakistan Public Limited
Karachi, Sindh
09.2016 - 06.2017
  • ERP system for Singer Pakistan In-House Development.
  • Analysis on all sales and Inventory process.
  • Development of Sales module.
  • Deployment all over Pakistan near to 180 shops.
  • Reporting to Chief Information Officer.
  • UML Documentation with OOAD Concepts.

i. Use-Case

ii. Activity Diagram

iii. Interaction Diagram (Collaboration and Sequence)

iv. Class Diagram

v. ERD

Technologies:

  • Asp.Net MVC framework.
  • JQuery, CSS, HTML Bootstrap, AJAX.
  • Microsoft SQL server & Oracle10g as backend DB
  • Team Foundation Server for team versioning.
  • AWS server.

Senior Web Application Developer

Livetecs
Karachi, Sindh
05.2012 - 08.2016
  • Developed and designed components using ASP.NET and ADO.NET.
  • Develop front-end and three-tier Architecture using ASP.NET.
  • Responsible for UI Issues.
  • Maintenance and modification of existing application software.
  • Responsible for bug fixing.
  • Create SQL queries as well as stored procedures and Trigger’s (SQL Server 2008).
  • Web page Design etc.
  • Dashboard with charts Development & Design.
  • Audit Logs using Triggers.
  • UML Documentation with OOAD Concepts.

i. Use-Case

ii. Activity Diagram

iii. Interaction Diagram (Collaboration and Sequence)

iv. Class Diagramv. ERD

Technologies:

  • Asp.Net MVC framework.
  • JQuery, CSS, HTML Bootstrap, AJAX.
  • Microsoft SQL server & Oracle10g as backend DB
  • Team Foundation Server for team versioning.
  • AWS server.

Education

Maters in Computer Science (MCS) - Computer Science

PAF KIET
Karachi
01.2014 - 01.2016

BA - Arts

Sindh University
Hyderabad
01.2010 - 01.2013

Bachelor in Computer Science (BCS) - Computer Science

PAF KIET
Karachi
01.2007 - 01.2009

Intermediate - Engineering (Pre-Engineering)

P.E.C.H.S. Education Foundation College
Karachi
01.2004 - 01.2006

Matriculation - Computer Science

Nasra Trust School
Karachi
01.2001 - 01.2003

Skills

    Information security

undefined

Accomplishments

  • Final Year Project:.
  • Online Transport Booking System(TBS).
  • Course Projects List:.
  • Network Programming: Prepaid Smart Electric Meter.
  • Artificial Intelligence: Training Recommendation System.
  • Software Engineering & Project Management: Help Desk System.
  • Cryptography: ElGamal, AES, DES Encryption System.

Certification

Attended 12 Weeks CCNA course from Times Tech Institute (2006).

Additional Information

  • Passport: DT5178961

Work Availability

monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Interests

Tourism and exploration

Table Tennis

Cricket

Server exploitations

Science and Technology

Timeline

Consultant Information Security

Systems Limited
10.2019 - Current

Principal Security Analyst

Digit labs
03.2018 - 09.2019

Consulting Associate

AF Ferguson(PWC)
07.2017 - 03.2018

Manager Web Application

Singer Pakistan Public Limited
09.2016 - 06.2017

Maters in Computer Science (MCS) - Computer Science

PAF KIET
01.2014 - 01.2016

Senior Web Application Developer

Livetecs
05.2012 - 08.2016

BA - Arts

Sindh University
01.2010 - 01.2013

Bachelor in Computer Science (BCS) - Computer Science

PAF KIET
01.2007 - 01.2009

Intermediate - Engineering (Pre-Engineering)

P.E.C.H.S. Education Foundation College
01.2004 - 01.2006

Matriculation - Computer Science

Nasra Trust School
01.2001 - 01.2003

Hack The Box Training

Attended 6 Months VB.NET course from AMI APEX Institute (2012).
MCITP from Times Tech (2006.)
Attended 12 Weeks CCNA course from Times Tech Institute (2006).

Similar Profiles

  • Samreen Zehra

    Samreen ZehraSamreen Zehra

    Principal Consultant at Systems LimitedPrincipal Consultant at Systems Limited

    View Profile
  • Fahad Hassan

    Fahad HassanFahad Hassan

    Principal Consultant at Systems LimitedPrincipal Consultant at Systems Limited

    View Profile
  • AHMER HASAN

    AHMER HASANAHMER HASAN

    Senior Consultant at Systems LimitedSenior Consultant at Systems Limited

    View Profile
Syed Immad AliInformation Security Specialist