Ahmad M.
Senior Security Consultant
Experience
Dec 2022 - Jun 2024
1 year 7 monthsSenior Security Consultant
Deloitte
- Led a penetration testing team of 9+ members across different countries for Deloitte's biggest financial clients.
- Planned and assigned pentest tasks monthly.
- Ensured pentest projects for all 14 countries were finished on time for their monthly releases.
- Conducted kick-off meetings for new projects.
- Performed performance reviews of team members.
- Pen-tested web applications, APIs, networks, mobile applications, source code, thick clients, VoIP, and wireless.
- Provided consulting for all products, projects, and services.
- Presented and documented findings, recommending fixes.
- Wrote comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancements.
Aug 2021 - Nov 2022
1 year 4 monthsSecurity Consultant
Firmus
- Performed eWPT web application, API, network, mobile application, source code, thick-client, VoIP, and wireless pentesting and provided consulting for all products, projects, and services.
- Presented and documented findings, recommending fixes.
- Conducted vulnerability assessments and on-demand pentests.
- Led a team of pentesters.
- Conducted client meetings to explain and reproduce vulnerabilities.
- Wrote comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancements.
Sep 2020 - Jul 2022
1 year 11 monthsPakistan
Application Security Engineer
Digitify
- Led a team of 3 pentesters.
- Performed pentests of in-house products before production.
- Pen-tested web applications, APIs, networks, and mobile applications and provided consulting for all products, projects, and services.
- Conducted source code reviews.
- Presented and documented findings, recommending fixes.
- Managed security assessment engagements with third-party companies, including scoping, triaging, and assessing identified vulnerabilities.
- Wrote comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancements.
- Managed AWS cloud security.
- Applied MITRE ATT&CK Framework to enhance threat detection.
Jan 2020 - Sep 2020
9 monthsPakistan
Security Engineer
Ebryx
- Performed penetration tests on multiple international organizations' infrastructure.
- Pen-tested web applications, networks, and mobile applications and provided consulting for all products, projects, and services.
- Conducted on-site pentests.
- Conducted source code reviews.
- Performed on-demand feature pentests for clients.
- Conducted on-site WiFi pentests.
- Performed internal pentest for the company.
- Collaborated with team leads to create execution plans for upcoming pentests.
- Held meetings with clients to reproduce findings.
- Assigned tasks to interns and supervised their progress and reports.
- Reported SQLi and broken access control findings, including an authenticated endpoint SQLi on an ISP.
Jan 2017 - Feb 2018
1 year 2 monthsUnited Arab Emirates
Information Security Consultant
BPCPetroleum
- Conducted black-box, white-box, and grey-box web, network, mobile, API, and cloud pentests.
- Worked with developers to fix vulnerabilities.
- Trained employees to be secure from phishing attacks.
- Reviewed source code.
- Analyzed network traffic for malicious activities.
- Suggested efficient system and data protection measures.
- Delivered technical and pentest reports to the IT department.
Languages
English
AdvancedUrdu
AdvancedEducation
Jul 2018 - Sep 2019
Asia Pacific University
Bachelors in Cybersecurity · Cybersecurity · Malaysia
Oct 2017 - Present
Asia Pacific University
Diploma in Software Engineering · Software Engineering · Malaysia
Certifications & licenses
Certified Red Team Professional (CRTP)
Pentester Academy Firmus
EWPT
OSCP+
OffSec
Need a freelancer? Find your match in seconds.
Try FRATCH GPT More actions
Similar Freelancers
Discover other experts with similar qualifications and experience
Ayesha A.
Senior Penetration Tester & Security Engineer
View Profile
Muhammad D.
Senior Penetration Tester
View Profile
Stefan R.
ISO27001 Certification
View Profile
Valeri M.
DORA Readiness – Gap Analysis and Implementation for Banks
View Profile
Syed G.
Cyber Security Professional
View Profile
Mohit D.
Senior Security Technologist
View Profile
Mallikharjun S.
Bug Bounty Hunter | Cybersecurity Researcher | Pentester
View Profile
Obad Z.
Cybersecurity Trainer
View Profile
Ali Y.
Principal Product Security Engineer
View Profile
Niels S.
Azure Architect
View Profile
Seyed M.
Senior Product Security Engineer
View Profile
Maryam M.
AI Red Team Engineer
View Profile
Alexander N.
Security Expert
View Profile
Erlijn V.
Advisory Committee Member for UNEP West Asia’s Frontiers Report 2022
View Profile
Henryk O.
Security Consultant
View Profile
Sascha L.
CEO
View Profile
Sokol Ç.
Cybersecurity Engineer
View Profile
Rick G.
Penetration Tester
View Profile
Valon J.
Cybersecurity and Data Scientist Engineer
View Profile
Patrick B.
AML Officer
View Profile
Rashida A.
Security Research Engineer (Freelance)
View Profile
Dirk M.
Senior Program Manager & CISO | IT Transformation, Cybersecurity & GRC Leader
View Profile
Alexander S.
Lead Audit Conformity & IT-SiKat
View Profile
Federico L.
ISO – Senior Consultant Quality & Information Security
View Profile
Markus W.
IT Security Consultant
View Profile
Matthias S.
Senior Consultant Security (freelance)
View Profile
Martin W.
Security Auditor
View Profile
Stanislaus S.
Security Consultant
View Profile
Gino P.
Compliance Expert
View Profile
Christian D.
Managing Director and Senior Consultant
View Profile
