user pic

John Prathab

Cyber Security Architect
IMG Systems
New York, NY
Information Security Architect - Safeguard the information across the Software Development Life Cycle (Secure SDLC). Reconnaissance to Remediation

Key Areas: (SAST & DAST)

SCR (Secure Code Review) - Code review of application source code against known vulnerabilities and industry best practices. It is generally conducted along with the development cycle to uncover coding flaws and non compliance to guidelines and standards (OWASP, NIST, SANS, etc.)

RAS (Robust Application Security) - Comprehensive validation or manual analysis to eliminate the false positives at the real time

WAS (Web Application Security) - Combination of manual and automated scans, analysis on final results to conclude the actual

VA (Vulnerability Assessment) - Scanning and analysis of infrastructure ( network, systems, servers ) to identify vulnerabilities and check the resilience against targeted attacks

MAS (Mobile Application Security) - Scanning of mobile application for presence of threats, malware and malicious intent. Mobile apps shall be scanned against known security risks for mobile apps

CAS (Cloud Application Security) - Assess the cloud applications against the threat to protect from the cyber attacks.

Specialties: Information Security Management, Secure Architecture Review, Architecture Risk Analysis, Security in Cloud Computing and Internet of Things (IoT)

Cyber Security Architect - IMG Systems:
September 2015 – Present (6 months) USA

Safeguarding the information across the System Development Life Cycle (SSDLC). Subject matter expert in Information Security arena to prevent various attack vectors.

C C++ Java Javascript PHP Python Access Control Analysis & Monitoring Application Security Authentication Cloud Computing Computer Forensics Configuration/Patch Management Content Filtering Cybercrime Database Security Denial of Service Digital Rights Management Encryption/Key Management Enterprise Security Firewalls Mobile Security NIST Password Management PCI-DSS Penetration Testing Policy Management Enforcement Privacy Risk Assessment & Management Secure File Transfer Security Consulting Security Metrics Single Sign On Software Code Vulnerability Analysis Vulnerability Assessment
Areas of Expertise
Application Security Mobile Security Risk Assessment & Management Vulnerability Assessment