ACHIEVEMENTS & COMMUNITY INVOLVEMENT Organized Capture the Flag (CTF) events, mentoring and inspiring future cybersecurity professionals through hands-on challenges and skill-building activities Active participant in bug bounty programs and a regular contributor to security forums, sharing knowledge and collaborating on improving security practices Passionate about cloud security, consistently exploring new technologies and staying updated on the latest industry trends RELEVANT ACTIVITIES Active in CTF challenges, bug bounty programs, and cybersecurity forums, continually enhancing skills and collaborating with the community Stay updated on industry trends through cybersecurity blogs
SUHAIL SHAIK
Penetration tester
Arlington,TX
Summary
Senior Penetration Tester with 6+ years of experience in vulnerability assessments, exploitation, and risk mitigation. Expertise in SAST & DAST methodologies, identifying security flaws across applications and networks, and delivering secure, tailored solutions. Proven ability to drive security improvements, ensuring compliance with industry standards and protecting organizations from evolving cyber threats. Offering strong foundation in cybersecurity principles and keen interest in learning and developing within this environment. Brings solid understanding of basic network protocols and quick ability to learn and apply penetration testing techniques. Ready to use and develop skills in vulnerability assessment and ethical hacking role. Offering strong foundation in cybersecurity principles and keen interest in learning and developing within this environment. Brings solid understanding of basic network protocols and quick ability to learn and apply penetration testing techniques. Ready to use and develop skills in vulnerability assessment and ethical hacking in penetration tester role. Energetic problem-solver with knack for uncovering system vulnerabilities and positive attitude. Possesses solid understanding of network security principles and proficient in using tools like Nessus,Swagger, Burp,Metasploit and Wireshark. Committed to enhancing cybersecurity measures and reducing potential threats.
Overview
6
6
years of professional experience
Work History
Sr. Penetration Tester
RIDGE, TX
08.2023 - Current
- Performed web application and network penetration testing, uncovering critical security flaws and authentication
- Reported zero-day vulnerabilities and contributed to responsible disclosure programs, strengthening application security
- Provided detailed security assessments with practical remediation steps, helping businesses strengthen their defenses
- Discovered and responsibly disclosed zero-day vulnerabilities, helping organizations patch critical security gaps
- Mentored aspiring penetration testers, published technical research, and conducted free security workshops to educate and uplift the community
- Worked with various clients, delivering custom security solutions and contributing to their overall cybersecurity posture.
Security Analyst
FIDELITY INVESTMENTS
09.2021 - 01.2023
- Strengthened security posture by identifying and mitigating critical vulnerabilities in web applications and network infrastructures using tools like Burp Suite and Nessus, securing essential systems against potential exploits
- Conducted comprehensive web application penetration tests, uncovering vulnerabilities such as SQL injection, XSS, and authentication flaws, providing detailed reports with actionable remediation steps
- Led a team of 15 in web and network penetration testing efforts, identifying weaknesses in firewall configurations, VPN setups, and internal network access controls, helping clients strengthen their network defenses
- Enhanced security measures by implementing multi-factor authentication and advanced encryption to protect sensitive data and improve access control
- Provided expert guidance on incident response, advising teams on best practices for handling data breaches and effectively remediating vulnerabilities.
Penetration Tester
BFIL
09.2020 - 09.2021
- Acted as the primary point of contact for the project, coordinating efforts, managing client expectations, and playing a key role in delivering actionable insights and security improvements
- Led penetration testing financial systems, networks, and web applications, identifying and addressing critical risks that could impact confidentiality, integrity, and availability of sensitive data
- Utilized a variety of tools, including Burp Suite, IBM App Scan, and SQL Map, to conduct thorough assessments, applying diverse testing methodologies for comprehensive vulnerability detection
- Mapped in over 900 employee usernames during reconnaissance, significantly improving social engineering defenses and enhancing the organization’s overall security posture
- Developed proof-of-concept (PoC) solutions for identified vulnerabilities, collaborating closely with development teams to ensure system reliability and secure data handling.
Penetration Tester
ENTERSOFT SECURITY
10.2018 - 09.2020
- I joined as an intern and quickly advanced to a leadership role and improving security in web, network, mobile applications, and source code reviews
- Led stakeholder meetings to ensure clear communication of security risks, project progress, and actionable solutions
- Collaborated on server hardening and security optimizations, strengthening system defenses and reducing attack surfaces
- Delivered clear, actionable security reports to executives, translating technical risks into business-friendly insights for decision-making.
- Collaborated with external vendors to perform penetration tests on network devices, operating systems and databases.
- Stayed current on emerging threats and trends in cybersecurity, adapting testing methods as needed to address new risks.
- Mentored junior team members in best practices for ethical hacking and penetration testing techniques, fostering professional growth among colleagues.
Education
MASTERS - Computer Science
University of Campbellsville
AUG 2024
Skills
- Programming & Automation:
- Experienced in Python, C, Java, and SQL, with a strong focus on scripting for security automation
- Penetration Testing Tools: Hands-on expertise with Burp Suite, OWASP ZAP, Nessus, Metasploit, HCL App Scan, and Snyk
- Network & Security Fundamentals: Deep understanding of TCP/IP, OSI model, VLANs, VPNs, and network security best practices
- Operating Systems: Proficient in Linux (Kali, Ubuntu), Windows, and macOS, with experience in system hardening Security
- Security & Compliance: Knowledgeable in incident response, SIEM tools compliance frameworks like NIST and ISO 27001
- Incident Response: Strong skills in SIEM solutions, IDS/IPS, and endpoint security tools for threat detection and mitigation
- Compliance Frameworks: Familiar with NIST Cybersecurity Framework, ISO 27001, and secure SDLC practices
- Operating Systems: Extensive experience with Linux distributions (Kali, Ubuntu), Windows, and macOS
- Documentation & Reporting: Skilled in creating technical documentation, security reports, and metrics for leadership teams
Network penetration testing
Intrusion detection
Vulnerability assessment
Social engineering
Scripting languages
Wireless security testing
Cloud security testing
Access control management
Digital forensics
Incident response
Mobile application testing
Virtualization security
Data leakage prevention
Container security testing
Security code review
Operating systems
Malware analysis
Web application testing
Penetration testing
Cryptography
Incident response management
Source code review
Problem-solving
Teamwork
Teamwork and collaboration
Time management
Attention to detail
Problem-solving abilities
Multitasking Abilities
Reliability
Excellent communication
Organizational skills
Active listening
Team collaboration
Effective communication
Decision-making
Adaptability and flexibility
Relationship building
Team building
Task prioritization
Self motivation
Network configuration
Interpersonal skills
Analytical thinking
Professionalism
Continuous improvement
Technical expertise
Professional demeanor
Problem-solving aptitude
Risk management
Network protocols
Network security
Data encryption
Analytical skills
Wireless security assessment
Cloud security
Intrusion detection and prevention
Network protocol analysis
Ethical hacking
Firewall bypass techniques
Mobile application security testing
Social engineering techniques
Network security audits
Interests
Timeline
Sr. Penetration Tester
08.2023 - Current
Security Analyst
FIDELITY INVESTMENTS
09.2021 - 01.2023
Penetration Tester
BFIL
09.2020 - 09.2021
Penetration Tester
ENTERSOFT SECURITY
10.2018 - 09.2020
MASTERS - Computer Science
University of Campbellsville
Work Preference
Work Type
Full TimeWork Location
HybridRemoteOn-SiteImportant To Me
Work-life balanceCareer advancementCompany CultureHealthcare benefitsPersonal development programsLanguages
English
Full Professional
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Certification
CEH
- Certified Ethical Hacker -CEH
- EC Council Security Analyst -ECSA
- EC Network Defense Essentials -NDE
- EC Council Ethical Hacking Essentials -EHE
Similar Profiles
Mohanad Abdel-RahmanMohanad Abdel-Rahman
Academic Peer Tutor at NAAcademic Peer Tutor at NA
Shlomo JaffeShlomo Jaffe
Highschool Math Tutor at NAHighschool Math Tutor at NA
CLÉLIA CROZE-LABBECLÉLIA CROZE-LABBE
Baby sitter at NABaby sitter at NA
Jaylen Tindale-SeymourJaylen Tindale-Seymour
Property Maintenance at NAProperty Maintenance at NA
Michael MandujanoMichael Mandujano
Janitor at WhiteDove Janitorial SVCJanitor at WhiteDove Janitorial SVC