MUHAMMAD ABDULLAH

Experience

• 

  IT Hub Technologies, Sargodha

  Mar 2018 - Jun 2019

  System Administrator
• 

  Programmers Force

  Jun 2021 - Sept 2021

  Ethical Hacker

  Responsibilities• Web application Pentesting• Network Pentesting• Evaluating the security of an organization’s IT infrastructure bycontinuously assessing and exploiting vulnerabilities to find outwhere hacking threats may lie.• Penetration testing or threat modelling tools including open source and commercial mapping• Social engineering and Phishing• Scripting• Working on Linux servers• Working on Linux firewall• Penetration Testing based on OWASP Top 10 v4.1 guide.• Policies review and creating new policies as needed Show less

• 

  MCB Bank Limited

  Nov 2021 - Nov 2022

  Information Security Assurance

  • Perform formal and comprehensive application penetration testing assessments.• Provide well-written, concise, technical, and non-technical reports in English.• Perform vulnerability assessments and provide findings with remediation actions.• Manage and deliver penetration testing project activities within strict deadlines.• Research application and infrastructure components into the broader team to identify new• vulnerabilities and follow responsible disclosure.

• 

  Secure Tech Cards (Pvt) Ltd

  Dec 2022 - Oct 2024

  Information Security Engineer

  • Plan, develop, implement and update the Information Security Policy & related documents.• Plan, develop, implement and update the Risk Management process and its related implementation.• To ensure Compliance, in-line with International Standards and Security best practices.• To ensure & supervise the Vulnerability Assessment & Penetration testing exercises are conducted and all the identified vulnerabilities are shared with the relevant teams for mitigation.• Develop, execute and track the performance of security measures to protect the information assets.• To ensure Information Security Awareness training to employees with frequent intervals.• Performs other related tasks as assigned Show less

• 

  Systems Limited

  Oct 2024 - now

  Consultant - DIS Infosec GRC

  • Plan, develop and update the Information Security Policy and related documents to ensure alignment with client needs, standards and regulatory requirements.• Plan, develop, implement, and update the Risk Management process tailored to client requirements. • Collaborate with cross-functional teams to align security strategies with client business objectives.• Ensure compliance with industry standards, providing regular security audits and assessments for client environments.