Ahmad M.
Senior Security Consultant
Experience
Dec 2022 - Jun 2024
1 year 7 monthsSenior Security Consultant
Deloitte
- Led a penetration testing team of 9+ members across different countries for Deloitte's biggest financial clients.
- Planned and assigned pentest tasks monthly.
- Ensured pentest projects for all 14 countries were finished on time for their monthly releases.
- Conducted kick-off meetings for new projects.
- Performed performance reviews of team members.
- Pen-tested web applications, APIs, networks, mobile applications, source code, thick clients, VoIP, and wireless.
- Provided consulting for all products, projects, and services.
- Presented and documented findings, recommending fixes.
- Wrote comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancements.
Aug 2021 - Nov 2022
1 year 4 monthsSecurity Consultant
Firmus
- Performed eWPT web application, API, network, mobile application, source code, thick-client, VoIP, and wireless pentesting and provided consulting for all products, projects, and services.
- Presented and documented findings, recommending fixes.
- Conducted vulnerability assessments and on-demand pentests.
- Led a team of pentesters.
- Conducted client meetings to explain and reproduce vulnerabilities.
- Wrote comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancements.
Sep 2020 - Jul 2022
1 year 11 monthsPakistan
Application Security Engineer
Digitify
- Led a team of 3 pentesters.
- Performed pentests of in-house products before production.
- Pen-tested web applications, APIs, networks, and mobile applications and provided consulting for all products, projects, and services.
- Conducted source code reviews.
- Presented and documented findings, recommending fixes.
- Managed security assessment engagements with third-party companies, including scoping, triaging, and assessing identified vulnerabilities.
- Wrote comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancements.
- Managed AWS cloud security.
- Applied MITRE ATT&CK Framework to enhance threat detection.
Jan 2020 - Sep 2020
9 monthsPakistan
Security Engineer
Ebryx
- Performed penetration tests on multiple international organizations' infrastructure.
- Pen-tested web applications, networks, and mobile applications and provided consulting for all products, projects, and services.
- Conducted on-site pentests.
- Conducted source code reviews.
- Performed on-demand feature pentests for clients.
- Conducted on-site WiFi pentests.
- Performed internal pentest for the company.
- Collaborated with team leads to create execution plans for upcoming pentests.
- Held meetings with clients to reproduce findings.
- Assigned tasks to interns and supervised their progress and reports.
- Reported SQLi and broken access control findings, including an authenticated endpoint SQLi on an ISP.
Jan 2017 - Feb 2018
1 year 2 monthsUnited Arab Emirates
Information Security Consultant
BPCPetroleum
- Conducted black-box, white-box, and grey-box web, network, mobile, API, and cloud pentests.
- Worked with developers to fix vulnerabilities.
- Trained employees to be secure from phishing attacks.
- Reviewed source code.
- Analyzed network traffic for malicious activities.
- Suggested efficient system and data protection measures.
- Delivered technical and pentest reports to the IT department.
Languages
English
AdvancedUrdu
AdvancedEducation
Jul 2018 - Sep 2019
Asia Pacific University
Bachelors in Cybersecurity · Cybersecurity · Malaysia
Oct 2017 - Present
Asia Pacific University
Diploma in Software Engineering · Software Engineering · Malaysia
Certifications & licenses
Certified Red Team Professional (CRTP)
Pentester Academy Firmus
EWPT
OSCP+
OffSec
Need a freelancer? Find your match in seconds.
Try FRATCH GPT More actions
Similar Freelancers
Discover other experts with similar qualifications and experience
- English
- Deutsch
2025 © FRATCH.IO GmbH. All rights reserved.