HAROON MAQSOOD
Summary
A dedicated and certified Penetration Tester with 3+ years of experience seeking to leverage extensive knowledge of security assessments and vulnerability mitigation to enhance the security posture of a forward-thinking organization.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Penetration Tester
Quik Pantri
11.2023 - Current
- Utilized advanced tools including Burp Suite, NMAP for thorough web application penetration tests, ensuring robust security measures
- Identified and resolved issues related to session management, access control, and cryptographic practices, ensuring the highest levels of security
- Assessed security controls and ensured adherence to best practices in segregation of duties and implementation of least privilege principles
- Demonstrated proficiency in identifying and addressing application-level vulnerabilities such as XSS, SQL Injection, CSRF, and Authentication Bypass
- Conducted white and gray box penetration testing on financial systems using Kali Linux and Cobalt Strike to address OWASP Top 10 vulnerabilities
- Performed detailed vulnerability assessments on various applications, identifying and mitigating potential risks to enhance overall security posture
- Performed vulnerability assessments on web applications to identify issues and prioritize them based on risk level
- Communicated complex technical concepts to non-technical stakeholders through clear and concise written and oral communication.
Jr. Penetration Tester
Cigna
05.2021 - 09.2023
- Implemented and enforced security controls for authorization, adhering to principles such as least privilege, and forced browsing prevention
- Performed vulnerability assessments on web applications, identifying and prioritizing security issues based on risk level to ensure effective mitigation
- Collaborated with cross-functional teams to address technical issues, documenting software defects and customer feedback to drive improvement
- Conducted thorough security assessments of online applications to identify and address vulnerabilities, particularly in input and data validation
- Followed up on identified vulnerabilities, revalidating to ensure effective resolution and compliance with established security standards
- Conducted rigorous security assessments of PKI-enabled applications, ensuring the implementation of robust security measures
- An efficient team player in challenging and creative environments with excellent capacity to adapt to new technologies and skills
- Performed web application, mobile application, and network penetration tests.
Cyber Security Expert
Halian
Dubai
10.2019 - 04.2021
- Implemented and managed comprehensive security protocols to protect organizational data and systems from cyber threats
- Conducted penetration testing on critical infrastructure, identifying vulnerabilities and providing actionable remediation strategies
- Developed and executed incident response plans, effectively managing and mitigating security breaches
- Collaborated with IT and development teams to integrate security practices into the software development lifecycle (SDLC)
- Conducted security awareness training sessions for employees, promoting a culture of security within the organization
- Performed regular security audits and assessments, ensuring compliance with industry standards and regulatory requirements
- Analyzed and responded to security alerts from various monitoring systems, minimizing potential impact on operations
- Provided expert guidance on the implementation of encryption and data protection measures.
Education
Bachelor of Computer Science -
University of Central Punjab
Skills
- Kali Linux
- Burp Suite
- Metasploit
- Nessus
- OWASP ZAP
- SQLmap
- John the Ripper
- Aircrack-ng
- Empire
- Nmap
- Wireshark
- Cisco Packet Tracer
Certification
- Certified Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP) - In Progress
Notableprojects
- Internal Network Penetration Test at Quick Pantry: Conducted a thorough assessment, discovering critical vulnerabilities that were mitigated.
- Capture the Flag (CTF) Competitions: Participated in various CTFs, showcasing strong problem-solving and ethical hacking skills.
Timeline
Penetration Tester
Quik Pantri
11.2023 - Current
Jr. Penetration Tester
Cigna
05.2021 - 09.2023
Cyber Security Expert
Halian
10.2019 - 04.2021
Bachelor of Computer Science -
University of Central Punjab
Similar Profiles
Haroon MaqsoodHaroon Maqsood
IT Support Specialist at Quick PantriIT Support Specialist at Quick Pantri
Ross StockwellRoss Stockwell
In-Home Sales Consultant - HVAC at Mister QuikIn-Home Sales Consultant - HVAC at Mister Quik
Aveen ChahalAveen Chahal
Retail Store Manager at Quik StopRetail Store Manager at Quik Stop
Angelo PucineAngelo Pucine
Penetration Tester at CBIZ Pivot Point SecurityPenetration Tester at CBIZ Pivot Point Security
Anuj PandeAnuj Pande
Security Engineer (Penetration Tester) at CognizantSecurity Engineer (Penetration Tester) at Cognizant