Your browser is outdated!

To ensure you have the best experience and security possible, update your browser. Update now

×

Amit SURYAWANSHI

Information Security / Penetration Tester

Information Security Management
Vulnerability Assessment
Penetration Testing
Risk Assessment
IT Security Audit
Professional Status
Consultant
Available
About Me
Experience in IT Security Audit, Vulnerability Assessment etc.
CEH v7 EC-Council - Certified Ethical Hacker,
ECSA EC-Council Certified Security Analyst
RHCE Red Hat Certified Engineer and achieved a Master Degree in Information Security & Computer Forensics from University of East London (UEL)
Resume created on DoYouBuzz
  • Logica is a multi-business group; Solution Provider for Customized Software Development, IT Support, IT Training Services & Information Security Services.
  • Understanding and Providing the Security Solutions according to Clients’ Requirements.
  • Vulnerability Assessment, Network Security Assessment , Penetration Testing & Compliance Auditing
  • Performing Network, Infrastructure & Web Application Penetration Testing.
  • Providing Pen-Test reports with Countermeasures & Recommendations
  • Key Achievements:
    • High Client Retention through Quality of Service & Customer Satisfaction.
    • Achieved CEH & ECSA
  • Technical snapshot:
    Vulnerability Assessment; Network Security Assessment; Penetration Testing; IT Security Compliance.
  • Joined as a Linux Admin to work in a team of 5 and promoted within a year as a Penetration Tester to maintain internal infrastructure, system services and performance to enable product development & Pen Testing for clients. Responsible for:
  • Responsible for Internal, External & Manual Penetration Testing.
  • Performing Vulnerability Scanning & Penetration Testing for clients
  • Performing Network & Infrastructure, Web Application and Web Services Penetration Testing.
  • Assist in maintaining and improving the Pen-Test Lab.
  • Assist in creating report on penetration tests providing detailed countermeasures & remedial advice.
  • Prior to deployment; testing the latest software on VMware
  • Ensuring all operational processes implemented, follow industry best practices such as ITIL, CoBIT and ISO/IEC 27001.
  • Researching and performing updates & countermeasures for security on a regular basis.
  • Prior to deployment; testing the latest software on VMware.
  • Hardening & Securing Red Hat Linux Server 5.1, Fedora 11, XP, Win 2003, Win2008 & LAMP
  • Configuration, Management, Maintenance & Monitoring of RedHat Linux, Win 2008 Servers & LAMP
  • Customizing the network & LAMP environment as per the project requirements of the clients.
  • Attending calls related to internal customer queries and complaints, providing solutions
  • Performing Backup & Recovery Operations and documenting Linux scripts for future reference
  • Key Achievements:
    • Consistently protected & secured the infrastructure from hackers by performing vulnerability scanning & penetration testing followed by applying countermeasures which further enhanced the availability.
    • Efficiently Designed, Implemented and Introduced new security policies to Econetix and its clients through e-learning which saved the cost of outsourcing IT security.
    • Successfully Achieved Red Hat Certification 2009.
  • Technical snapshot:
    Red Hat Enterprise Linux Server, Linux-Window Integration, XP, Win 2000 Prof., Win Server 2003, Win Server 2008, Desktops/Laptops, VMware, ITIL Processes.
Learn more
  • Worked in a team of 25 Technical Support Engineers based in Pune to provide 24/7 technical support solutions to a client in the US over the phone and take on demand remote access to troubleshoot their technical problems when necessary. The client was a recruitment agency with more than 1500 users. Responsible for:
  • Installation & Configuration of software on remote desktops & laptops
  • Resolving VPN, RSA, Oracle applications, BlackBerry & Lotus Notes issues
  • Performing Active Directory - User Administration
  • Troubleshooting Wi-Fi related issues of Desktops, Laptops & Routers
  • CITRIX - Remote Maintenance of desktop, Laptop, LAN, Win XP, 2000 Professional & Server
  • Ensured creating tickets for each case records with troubleshooting steps
Learn more
  • Other
  • Other
  • Reading
  • Sport
  • Music
  • Meditation
  • Information Security Management
  • Vulnerability Assessment
  • Penetration Testing
  • IT Security Audit
  • Risk Assessment
  • Teaching
  • IT Support
  • Other
  • Security Skills: Log Analysis, Traffic Analysis, Firewall Analysis, Network Sniffing, Vulnerability Assessment, various types of Penetration Testing. Internal, External Testing, Manual, Penetration Testing of Operating System, Network Devices, Application Security, Web Application security, Database Testing, Security Awareness Training, IT Administration, Computer Forensics etc.
  • Framework: Metasploit, OWASP, OSSTMM, Blackhole, W3af, Samurai etc.
  • Standards: CIA; ISMS; CoBIT; COSO (Committee of Sponsoring Organizations); ITIL; ISO 27000/01/02/03/04/05/06/17799; NIST 800 Series guidelines
  • Compliance: SCAP; FISMA; CyberScope; CAG 20; IAVA, PCI - DSS; HIPAA; SOX; COPPA; GLBA; NERC
  • Security / Forensics Tools: Acunetix, Burp, Nmap, Nessus, Nikto, Nexpose, Netcat, NSlookup, Netstat, Netsh, NetStumbler, Cain & Abel, THC Hydra, w3af, Hping2, w3af, Kismet , Dsniff, GFI LANguard, Wireshark (Tshark CLI), WinDump (TCPDump CLI), OpenSSL, Packetyzer, Metasploit, OpenSSL, Webinspect, tcpreplay, etc.
    Access Data FTK, Encase, Helix, etc.
  • Operating systems: Red Hat Linux, CentOS, Fedora, Windows 2003 / Vista / XP / Windows 7 / 2000 / Win95-98, BackTrack 5 R3, Kali Linux etc.
  • Programming Languages
    C, Bash, Shell, Pearl Scripting
  • Software Packages/Tools: Open VPN, PHP, MySQL, Squid Proxy Server, IPTables, Shorewall, IPCop, ClearOS, Yum, BIND 9.3, Apache Server, Qmail, Exim, OpenSSH-Server; PuTTY, Xterm, Bacula (Backup & Recovery), Webmin, Citrix, VMware workstation, MS Office, Norton Ghost, Norton / Symantec Antivirus, McAfee VirusScan, Partition Magic, Netstat,
  • Technologies: NTP, DNS, DHCP, FTP, Terminal Services, SSH, NFS & NIS, LAMP, LVM, VPN, MTA, LDAP, Active Directory, Syslog, Bacula, TCP/IP, Ethernet /wireless 802.11x, LAN/WAN, switches and hubs, Firewall, Group Policy
  • Networking
    CCNA training completed
  • Excellent knowledge of security standards and IT governance ( ISO 27001/2, NIST 800-53,CoBIT COSO (Committee of Sponsoring Organizations); ITIL )
  • Risk Analysis methods (Octave, ISSA ,COSO, SSAE 16)
  • Technical Methodologies skills (OSSTMM, OWASP, PCI DSS)
  • knowledge of Open Security Standards ( NIST)
  • IT security, IT audit and IT Asset life cycle Management
  • Architecting and deploying security technologies
  • Security information event management (SIEM)
  • Network Security Controls enforcement at gateway and endpoint
  • Penetration Testing
  • Web Application audit
  • Vulnerability assessment
  • Reverse Engineering
  • Malware Analysis
  • Exploit writing
  • Binary Analysis
  • Honeypots
  • Firewalls

MS Information Security & Computer Forensics

University of East London (UEL)

September 2010 to January 2012
Studied four core modules which includes Information Security, IT Law, Computer Security and Digital Forensics along with Dissertation.
Learn more