Who am I...

Well, isn't it the most profound question!

I haven’t yet found an answer to this, however, I usually describe this body as-

I am an information security professional. I have some scary certifications that make people think highly of me till i open my mouth. Well….

This personal site / blog is my attempt to write about information security the way I want.

I have...

1. ..more than 17 years experience in creating, consulting, managing customized information security programs;
2. ..experience in running security assessment programs for variety of customers in oil/gas, utility, banking and finance;
3. ..intimate experience in all phases of a security assessment service (RFP response, proposals, budgeting, resourcing, getting it done, customer handling and closure activities);
4. ..hands-on pentesting experience (> 3 years) for network and web applications;
5. ..a deep understanding of role of Information security in the overall business ecosystem;
6. ..intimate understanding of technical and non-technical aspects of Information Security;
7. ..experience in managing a team (assigning tasks, monitoring and seeing it to finish, growth plan for resources, conflict resolution, etc.) and coordinating work between multiple departments / functions that include technical and non-technical aspects;
8. ..published articles in magazines (Open Source For You and CHMag);
9. ..created custom security training materials for multiple roles (developer, tester, end-user, management) and have delivered around 650+ hours of training, reaching 2500+ people);
10. ..capacity to keep myself abreast with the latest happenings by investing in my learning;

Please feel free to have a look around for the blog posts or articles that i have written so far. I write answers to questions (asked by users) on Quora as well.