Who am I

Well, aint it the most profound question!

I haven’t yet found an answer to this, however, i usually describe this body as-

I am an information security professional. I have some scary certifications that make people think highly of me till i open my mouth. Well….

This personal site / blog is my attempt to write about information security the way i want.

I have...

1. ..more than 16 years experience in creating, consulting, managing customized information security programs;

2. ..experience in running security assessment programs for variety of customers in oil/gas, utility, banking and finance;

3. ..intimate experience in all phases of a security assessment service (RFP response, proposals, budgeting, resourcing, getting it done, customer handling and closure activities);

4. ..hands-on pentesting experience (> 3 years) for network and web applications;

5. ..a deep understanding of role of Information security in the overall business ecosystem;

6. ..intimate understanding of technical and non-technical aspects of Information Security;

7. ..experience in managing a team (assigning tasks, monitoring and seeing it to finish, growth plan for resources, conflict resolution, etc.) and coordinating work between multiple departments / functions that include technical and non-technical aspects;

8. ..published articles in magazines (Open Source For You and CHMag);

9. ..created custom security training materials for multiple roles (developer, tester, end-user, management) and have delivered around 650+ hours of training, reaching 2500+ people);

10. ..capacity to keep myself abreast with the latest happenings by investing in my learning;

Please feel free to have a look around for the blog posts or articles that i have written so far. I write answers to questions (asked by users) on Quora as well.