Usama Arshad

Experience

• 

  SecurityWall

  Mar 2018 - May 2021

  Penetration Tester
• 

  Bugcrowd

  Apr 2020 - now

  Security Researcher
• 

  Synack Red Team

  Sept 2021 - now

  Red Team Member
• 

  Ebryx LLC

  Dec 2021 - Feb 2025

  • Conduct comprehensive penetration testing on internal and external network infrastructures, web applications, mobile applications, and cloud environments for several Fortune 500 companies.• Perform on-site penetration testing activities for multiple clients.• Execute Red-teaming engagements, including social engineering tests as required.• Collaborate closely with other application security engineers to review and test web, conventional, and mobile applications.• Design and develop various security testing scenarios.• Create tools to enhance penetration test automation and effectiveness.• Develop technical solutions and new tools to automate repetitive tasks.• Manage and lead a team of security engineers at Ebryx.• Conduct internal training sessions on information security standards, policies, and best practices.• Research new threats, attack vectors, and risks.• Verify and improve security findings from other members of the penetration testing team.• Write detailed reports, including assessment-based findings, outcomes, and recommendations for further system security enhancements.• Lead client communications via calls and emails, covering penetration testing scoping, execution planning, testing methodologies, reporting, and other related inquiries. Show less

  • Senior Security Engineer

    Dec 2021 - Feb 2025

  • Security Engineer

    Dec 2021 - Dec 2023
• 

  SecurEyes

  Aug 2024 - May 2025

  Senior Information Security Consultant/TL

  • Conduct detailed penetration tests on internal and external network infrastructures, web and mobile applications, and cloud environments, focusing on fintech companies and SAMA KSA compliance.• Lead and supervise a team of security engineers to ensure efficient execution of security assessments and penetration tests.• Carry out red teaming engagements, including social engineering and physical security evaluations.• Collaborate with security engineers to thoroughly test web, traditional, and mobile applications for vulnerabilities.• Design and implement advanced security testing scenarios tailored to client requirements.• Develop and automate penetration testing tools and scripts to streamline repetitive tasks and improve overall efficiency.• Perform on-site penetration testing activities for various clients.• Stay up-to-date with emerging threats, vulnerabilities, and new attack vectors to ensure testing methodologies remain current.• Deliver internal training sessions on industry best practices, security standards, and policies.• Review and verify security findings from team members, ensuring accurate reporting and validation of issues.• Draft comprehensive reports detailing findings, conclusions, and recommended steps for enhancing system security.• Manage client communications, including test scoping, execution planning, methodology discussions, and reporting, via calls and emails. Show less