Professional Documents
Culture Documents
Information Security Consultant &analyst: Anil Patil
Information Security Consultant &analyst: Anil Patil
Nearly10+ years’ of impressive success as an IT &Information Security professional in enabling leading organizations to achieve
strategic objectives and growth plans by establishing & championing a robust Vulnerability Management; Expertise in Internal
and External Vulnerability and Penetration Testing and deliver high impact audit reports; vulnerability assessment and
penetration testing experience of over 3.9+ years.
WORK EXPERIENCE
Apr’10- to till date: QRC Consulting & Solutions Pvt Ltd. Vashi as Information Security Analyst– Project FloCash Ltd., UK.
(www.flocash.com)
Security Tools: Acunetix11.0, BurpSuite1.7.23, Nessus6.10.7, Metasploit Pro4.13.1, Nmap7.40, QualysGuard Consultant8.9.6.0-1
& VMWare12.
OS:Linux (CentOS).
VPN: CiscoVPN
Role & Responsibility:
• Performed scanning on Zero’s internal, semi-public and public networks to look for running devices, OS and host information.
• Performed scanning on networks using QualysGuard Consultant & Nessus Vulnerability Scanner and submitted an executive
the summary that outlined the details of any issues discovered.
• Performed scanning on networks using Metasploit Penetration Testing Tool and submitted an executive summary that
outlined the details of any issues discovered.
• Submit the Internal & External Vulnerabilities Assessment & Penetration Testing (VA/PT) & ASV report to the client.
• Performed Security Audit as per Standard PCI DSS & Penetration testing based on NIST 800-115, SANS, etc. standards.
• Performed Web Application Penetration testing using BurpSuite &QualysGuard Consultant security tool.
Apr’10- to till date: QRC Consulting & Solutions Pvt Ltd. Vashi as Information Security Analyst– Project Agiliron Inc. USA
(www.agiliron.com)
Security Tools: Nessus6.10.7, Metasploit Pro4.13.1, QualysGuard Consultant8.9.6.0-1.
OS: AWS Cloud Linux.
Role & Responsibility:
• Performed scanning on Zero’s internal, semi-public and public networks to look for AWS Cloud Security.
• Performed scanning on AWS Cloud networks using QualysGuard Consultant Cloud Security Vulnerability Scanner and
submitted an executive the summary that outlined the details of any issues discovered.
• Submit the Internal & External Vulnerabilities Assessment & Penetration Testing (VA/PT) & ASV report to the client.
• Performed Security Audit as per Standard PCI DSS & Penetration testing based on NIST 800-115, SANS, etc. standards.
Apr’10- to till date: QRC Consulting & Solutions Pvt Ltd. Vashi as Information Security Analyst– Project FINO PayTech Ltd. Navi
Mumbai (www.finopaytech.com)
Security Tools: Nessus6.10.7, Metasploit Pro4.13.1, QualysGuard Consultant8.9.6.0-1.
OS: Windows and Linux.
Role & Responsibility:
• Performed scanning on Zero’s internal, semi-public and public networks to look for running devices, OS and host information.
• Performed scanning on Internal & External networks using QualysGuard Consultant & Nessus Vulnerability Scanner and
submitted an executive the summary that outlined the details of any issues discovered.
• Performed scanning on networks using Metasploit Penetration Testing Tool and submitted an executive summary that
outlined the details of any issues discovered.
• Submit the Internal & External Vulnerabilities Assessment & Penetration Testing (VA/PT) & ASV report to the client.
• Performed Security Audit as per Standard PCI DSS & Penetration testing based on NIST 800-115, SANS, etc. standards.
Apr’10- to till date: QRC Consulting & Solutions Pvt Ltd. Vashi as Information Security Analyst– Project Lester Infoservices Pvt
Ltd, Turbhe, Navi Mumbai. (www.lesterinc.com)
Security Tools: Nessus6.10.7, Metasploit Pro 4.11.1, QualysGuard Consultant8.9.6.0-1.
OS: Windows and Linux.
Role & Responsibility:
• Performed scanning on Zero’s internal, semi-public and public networks to look for running devices, OS and host information.
• Performed scanning on Internal & External networks using QualysGuard Consultant & Nessus Vulnerability Scanner and
submitted an executive the summary that outlined the details of any issues discovered.
• Performed scanning on networks using Metasploit Penetration Testing Tool and submitted an executive summary that
outlined the details of any issues discovered.
• Submit the Internal & External Vulnerabilities Assessment & Penetration Testing (VA/PT) & ASV report to the client.
• Performed Security Audit as per Standard PCI DSS & Penetration testing based on NIST 800-115, SANS, etc. standards.
• Performed Web Application Penetration testing using QualysGuard Consultant security tool.
Jun’15- Mar’17: Panacea Infosec Pvt Ltd as Information Security Consultant – Project Novarris Fashion Trading Pvt Ltd.,
Gurgaon.
Security Tools: Acunetix10.5, Burp Suite1.6.18, Nessus6.9.1, Metasploit Pro 4.11.1, Vistumbler10-6, QualysGuard WAS,
Microsoft Baseline Security Analyzer2.3, Retina Network Security Scanner.
OS: Windows 7, 8.1 and Linux.
Role & Responsibility:
• Performed scanning on Zero’s internal, semi-public and public networks to look for running devices, OS and host information.
• Performed scanning on networks using QualysGuard WAS &Nessus Vulnerability Scanner and submitted an executive the
the summary that outlined the details of any issues discovered.
• Performed scanning on networks using Metasploit Penetration Testing Tool and submitted an executive summary that
outlined the details of any issues discovered.
• Submit the Internal & External Vulnerabilities Assessment & Penetration Testing (VA/PT) & ASV report to the client.
• Performed Security Audit as per Standard PCI DSS & Penetration testing based on NIST 800-115, SANS, etc. standards.
• Performed Web Application Penetration testing using Acunetix10.5 security tool of www.jabong.com.
Other Projects:
Title: Project- Mafiree Ltd., Nagercoil
Security Tools: Nessus6.9.1, Metasploit Pro 4.11.1, QualysGuard WAS, Burp Suite1.6.18,
OS: Windows 7, 8.1 and Linux.
Role & Responsibility:
• Performed scanning on Zero’s internal, semi-public and public networks to look for running devices, OS and host information.
• Performed scanning on networks using QualysGuard WAS &Nessus Vulnerability Scanner and submitted an executive the
the summary that outlined the details of any issues discovered.
• Performed scanning on networks using Metasploit Penetration Testing Tool and submitted an executive summary that
outlined the details of any issues discovered.
• Submit the Internal & External Vulnerabilities Assessment & Penetration Testing (VA/PT) & ASV report to the client.
• Performed Security Audit as per Standard PCI DSS & Penetration testing based on NIST 800-115, SANS, etc standards.
Jul’12-Dec’12: Innobuzz Knowledge Solution Pvt Ltd., Pune as trainee Ethical Hacker.
Title: Project- Mega Cyber Lab, Pune
Software: Backtrack 5.2, VMware7.1.4, Win XP Sp2.
Security Tools: IBM AppScan8.5, Nmap4.1, Netcat2.3, Metasploit2.5.
Role& Responsibility:
Performed Penetration Testing on the web like Hacker mind and submit Internal Penetration Testing Report.
Detailed report on the hacking attack. Analysis of Host Scanning.
Footprinting. Information Gathering. Security Testing, Vulnerability Testing.
Scanning the port using Advanced Port Scanner.
Vulnerability Assessment Report. Passive Information Gathering.
Performed Security Audit As Per Standard OWASP.
Performed Web Application Penetration Testing on www.megacyberlab.com
Mar’09- Apr’11: Avanti Software Solutions Pvt Ltd., Pune as Software Test Engineer
Projects Handled:
STE of E-Governance Gram Panchayat, Nashik (Scenario – Implementation Done)
STE of Sevak Bank Ltd., Nashik (Scenario – Implementation Done)
Sep’04- Nov’08: Netwin Systems & Software (I) Pvt Ltd., as Software Implementation Executive
Projects Handled:
SIE of Key Processing Unit Interface Siemens Company Nashik (Scenario – Implementation Done)
SIE of Sevak Bank Nashik Jilha Sarkari& Parishad Karmachari Bank Ltd., Nashik (Scenario – Implementation Done)
SIE of Smart Bank Arthonnati Co-Operative Societies, Nashik (Scenario – Implementation Done)
PREVIOUS EXPERIENCE
Apr’17to till date: QRC Consulting & Solutions Pvt Ltd., Navi Mumbai as Information Security Analyst
Jun’15- Mar’17: Panacea Infosec Pvt. Ltd., New Delhi as Information Security Consultant.
Mar’14- Jun’15: Cybervault Securities Solution Pvt Ltd., Pune as Information Security Consultant.
Jul’12- Dec’12: Innobuzz Knowledge Solution Pvt Ltd., Pune as Trainee Ethical Hacker.
Mar’09- Apr’11: Avanti Software Solutions Pvt Ltd. Pune as Software Security Test Engineer.
Sept’04- Nov’08: Netwin Systems & Software (I) Pvt Ltd., Nashik as Software Implementation Executive.
ITACHIEVEMENT
Best Performance Awarded for excellent performance During Apr-June 2007.
EDUCATION
Bachelor of Computer Science (BCS) from Pune University in 2004
ITSKILLS
CISE- Certified Information Security Expert.
CEH- Certified Ethical Hacker.
Appear RHCSA-Red Hat Certified System Administrator (Linux).
PAASPORTDETAILS
Passport #:J6353958
Passport Validity: March 14, 2021.
OTHER ACTIVITIES
Passed MPSC PSI Preliminary Examination held on June 10, 2010.
Awarded Scholarship as price money from MSEB, Amalner in 1997 and 1998.
First in school Hindi-Sanskrit subject at SSC Nashik Board Exam in 1997.
Passed MTS Examination of N.Wadia College, Pune in 1995 at VIII STD.
Secondary School Scholarship Examination of N.Wadia College, Pune in 1994 at VII STD.
SECURITY COURSES
DST-Diploma in Software Testing (2008 /Honors) at System Domain (P) Ltd. Nashik.
ADST-Advance Diploma in Software Technology.Net (2009/72.00) Mauli Education Pvt Ltd. Amalner, Dist. Jalgaon.
JAVA-Java Programming (2009/70.00) Mauli Education Pvt Ltd. Amalner Dist. Jalgaon.
CISE-Certified Information Security Expert (June2012) from Innobuzz Knowledge Solutions Pvt. Ltd.,Br. Pune.
CCNA-Cisco Certified Network Associate (2012/Grade A) in Networxx Infotech Pvt. Ltd. Pune.
Certified Ethical Hacker (Aug2016/80) from EC-Council Global Certification in Cybervault Securities Solution Pvt. Ltd., Pune.
Security Information And Event Management (Aug2016) course completed in Cybervault Securities Solution Pvt. Ltd., Pune.
Web Application Penetration Testing (Feb2017) online course completed from www.Cybrary.it
Penetration Testing and Ethical Hacking (Feb2017) online course completed from www.Cybrary.it
Advanced Penetration Testing (Feb2017) online course completed from www.Cybrary.it
Metasploit (Feb2017) online course completed from www.Cybrary.it
CompTIA Security+ (March2017) online course completed from www.Cybrary.it
PCI/DSS (March2017) online course completed from www.Cybrary.it
Cryptography (March2017) online course completed from www.Cybrary.it
Intro to Cyber Threat Intelligence (March2017) online course completed from www.Cybrary.it
Web Security Fundamentals online course completed from www.varonis.com.
Bug Bounty: Web Hacking (March 2017) online course completed from www.udemy.com
The complete Ethical Hacking Course: Beginner to Advanced! (April 2017 ) online course completed from Udemy.com
Ethical Hacking and Penetration Testing Advance Course* (April 2017) online course completed from Udemy.com
Kali Linux, Ethical Hacking and Penetration Testing! (April 2017) online course completed from Udemy.com
Definitive Ethical Hacking Course-Learn From Scratch (April 2017) online course completed from Udemy.com
Learn Burp Suite, the Nr.1 Web Hacking Tool (April 2017) online course completed from Udemy.com
Hacking Academy How to Monitor and Intercept Transmitted Data (June 2017) online course completed from Udemy.com
CompTIA Linux+ (June 2017) online course completed from www.Cybrary.it
AWS Certified Solutions Architect(Associate) (July 2017) online course completed from Udemy.com
AWS Concept (July 2017) online course completed from Udemy.com
CCNA Security (July 2017) online course completed from Udemy.com
Introduction to Kali Linux Penetration Testing (July 2017) online course completed from www.educba.com
Appearing for RHCSA-Linux in CMS IT Services Pvt Ltd., Navi Mumbai from June 2017.
WORKSHOP
Ethical Hacking and Cyber Security organized by Mega Cyber Lab, Pune under Innobuzz Knowledge Solutions Pvt. Ltd., Delhi
held on October 21, 2012, Pune.
Cyber Crime Investigation organized by G.H. Raisoni Law School, Nagpur & Intelligent Quotient Security System Pune held
On August 1, 2011, Jalgaon.
CCIE Security Ver4 of the Networxx Infotech Pvt. Ltd. Pune on Feb 8, 2013, in Pune.
Advanced Hacking with Kali-Metasploit organized by Cybervault Securities Solution Pvt. Ltd., held on April 18, 2015, in
Pune.
Bug Bounty Hunter, BUGS’XPLORATION held on 10th and 11thOctober 2015 at Ahmedabad, Gujarat.
Cyber Security, Bug Bounty Hunter April 17, 2016, in Cyber Security Study and Research Laboratory, Pune
PCI DSS Simplified event on June 25, 2016, at New Delhi by Mr. Ajay Kaushik, Founder & CEO Panacea Infosec Pvt Ltd., New
Delhi (PCI QSA Company).
CYBER TALK held on 2nd July, 2017 at Ahmedabad organized by SYNJ-Intel Services & Solutions Pvt Ltd.
PERSONAL DETAILS
Date of Birth: 06th April, 1981.
Languages Known: English, Hindi, and Marathi
Address: C/o Abhimanyu Patil, Flat No-304, B-Wing, Jay Malhar Apt., Vill-Dhavdi,
Dombivli (East), Tal-Kalyan, Dist-Thane, Pin Code-421201, India.
Important Note: If required will ready to relocate anywhere in India & Overseas as per company norms.