Anas B.

Anas B.

Lahore, Pakistan
Hire Anas B. Hire Anas B. Hire Anas B.

About Me

Anas is a seasoned IT security engineer with five years of extensive expertise in safeguarding organizations' SaaS platforms against potential threats. His area of specialization encompasses application security, cloud security, penetration testing, as well as information system compliance, including ISO 27001 and SOC 2. Demonstrating remarkable attention to detail and a remarkable ability to thrive in fast-paced environments, Anas consistently surpasses clients' expectations by delivering agile and secure solutions that precisely cater to their unique business requirements.

Frontend

JavaScript React Native

Backend

PHP APIs Strapi Laravel

Database

Database Security MySQL Amazon DynamoDB Amazon DocumentDB DocumentDB

DevOps

AWS CloudFormation DevOps Amazon Web Services (AWS) Docker Kubernetes AWS IoT Amazon S3 (AWS S3) Cloud Security AWS Marketplace Cloud Services CloudFlare CI/CD Pipelines

QA & Testing

Penetration Testing Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Security Testing

Workflow

Git

Other

Python 3 Bash Python Apache CircleCI SonarQube Ansible DevSecOps Web Architecture DDoS Object-oriented Programming (OOP) HIPAA Compliance Continuous Deployment Kali Linux Burp Suite Linux WordPress Amazon EC2 Ubuntu MacOS Windows CyberSecurity Inspec Information Security Management Systems (ISMS) Information Security Security Operations Centers (SOC) Incident Response Vulnerability Assessment Web Security Application Security Computer Networking Scripting Security Audits Security Vulnerability Management OWASP Top 10 OWASP Website Audits Source Code Review Task Analysis IT Security OSCP Certified Ethical Hacker (CEH) Security Management Vulnerability Identification Architecture Data Protection Data-level Security GDPR Data Security NIST Security Analysis Threat Modeling SIEM System-on-a-Chip (SoC) Ethical Hacking Hacking SecOps Security Policies & Procedures Endpoint Security Monitoring Intrusion Detection Systems (IDS) Disaster Recovery Plans (DRP) ISO 27002 Single Sign-on (SSO) Threat Intelligence SOC 2 ISO 27001 PCI DSS Incident Management Mobile Security Compliance SOC Compliance Interviewing Technical Hiring IoT Security Risk Assessment Risk Management Certified Information Systems Security Professional Identity & Access Management (IAM) Okta System Administration Infrastructure as Code (IaC) Internet of Things (IoT) Algorithms Cryptography Infrastructure Networking HIPAA Electronic Data Interchange (EDI) Compliance as Code (CaC) Symfony TWIG

Work history

Gelato
Information Security Analyst
2021 - Present (4 years)
Freelance
Information Security Consultant
2020 - 2022 (2 years)
ibex
Information Security Analyst
2019 - 2021 (2 years)
EX3 Labs
AWS and Mobile Security Expert
Present (2025 years)
Shared Flight
Senior PHP and AWS Developer
Present (2025 years)
Silo
Information Security Specialist
Present (2025 years)
Sendoso
Security Engineer L2
Present (2025 years)

Showcase

Third-party Supplier Audit Automation

  • Implemented an automated vulnerability detection system for third-party production partners

  • Reduced 540 hours of manual labor by using the automated tool

  • Successfully detected multiple vulnerabilities like weak passwords, insecure connections, vulnerable software, and compliance checks

Creation of Application Security Exercises

  • Created a set of application security screening questions exclusive for HackerRank, a widely recognized tech assessment platform

  • Incorporated both scenario-based multiple-choice formats and practical exercises to assess candidate's analytical and technical skills

  • Questions are currently utilized by HackerRank's reputed clientele for screening potential application security candidates

Cybersecurity Mentoring

  • Mentor in cybersecurity for students & professionals, providing practical guidance and instruction

  • Share professional experiences as a resource for mentee learning and career development

  • Utilize network connections for successful job placements for mentees in the field of cybersecurity

Pentest of Silo's Web Application

  • Silo is a cryptocurrency trading platform which underwent a comprehensive penetration test following OWASP's stringent standards.

  • A detailed professional report was produced, identifying all vulnerabilities and providing effective mitigation recommendations.

  • The penetration test was successful, resulting in robust mitigation strategies implemented in collaboration with the team.

Education

Education
Bachelor's Degree in Electrical Engineering
National University of Sciences and Technology
2014 - 2018 (4 years)