Ali Yazdani

The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use in this matter—also, the project is trying to help us for promoting the shift-left security culture in our development process.

Perform vulnerability assessments and penetration tests. Perform security testing and code review as part of the SDLC pipeline to improve software security. (promoting the shift-left strategy and DevSecOps culture).

Perform periodic and on-demand vulnerability assessments and penetration tests. Design and evaluation of cloud/hybrid infrastructure development leveraging Azure IaaS and PaaS. Implement an SIEM solution to monitor security-related activities. Threat modeling and analyze software designs, implementations, and the infrastructure to identify security issues and design countermeasures. Perform security testing and code review as part of the SDLC pipeline to improve software security.

Implement regular Vulnerability and Penetration Tests on IT Infrastructures. To identify potential areas where existing OS/DB security policies and procedures. Implement and integrate IT services with SIEM. Develop security tools to automate IT security process. Collaborate with ISO auditors to implement ISO27001.

ADP Digital is a solution provider for Major banks and major enterprises in Iran by providing Internet Mobile Banking, Short- text-message, and internet notification service, and Datacenter collocation services. My role was the responsibility to perform penetration test on their Web application and Mobile application to ensure the security of the app.

Perform penetration test and vulnerability assessment on ITS systems. Check SRS documents and apply security policies and requirements in it. Technical forensic investigation on important security incidents and performing root cause analysis. Implement and develop health check toolkit to automate OS and DB security tools.

City Academy is a modern IT training center in Isfahan that focuses on IT courses. I had a chance to work with this center to share my knowledge with Enthusiasts. courses which I instructed: Penetration Test (Web, Mobile application and Network) Forensics Investigation (Windows, Linux, Mobile)

Metaco is one of the biggest IT training centres in Isfahan, having a variety department. I had a chance to start my teaching career in an IT department with a course focused on penetration test. courses which I instructed: -Penetration Test (web, mobile application, and Network) -Forensics Investigation (Windows, Linux, Mobile) -Programming (python)

- Perform penetration test and provide related report based on customer request. - Perform vulnerability assessment program on customer network and follow up to fix founding. - Consultancy to our customers to improve systems and network hardening. - Develop and implement security dashboard for our customers. - Establish detection and prevention solution to improve customer security.

Implement penetration test and provide related report based on customer request. Drive vulnerability assessment program on the customer network. Develop and implement security dashboard for our customers. Establish detection and prevention solution to improve customer security.