Well, isn't it the most profound question!
I haven’t yet found an answer to this, however, I usually describe this body as-
I am an information security professional. I have some scary certifications that make people think highly of me till i open my mouth. Well….
This personal site / blog is my attempt to write about information security the way I want.
- ..more than 17 years experience in creating, consulting, managing customized information security programs;
- ..experience in running security assessment programs for variety of customers in oil/gas, utility, banking and finance;
- ..intimate experience in all phases of a security assessment service (RFP response, proposals, budgeting, resourcing, getting it done, customer handling and closure activities);
- ..hands-on pentesting experience (> 3 years) for network and web applications;
- ..a deep understanding of role of Information security in the overall business ecosystem;
- ..intimate understanding of technical and non-technical aspects of Information Security;
- ..experience in managing a team (assigning tasks, monitoring and seeing it to finish, growth plan for resources, conflict resolution, etc.) and coordinating work between multiple departments / functions that include technical and non-technical aspects;
- ..published articles in magazines (Open Source For You and CHMag);
- ..created custom security training materials for multiple roles (developer, tester, end-user, management) and have delivered around 650+ hours of training, reaching 2500+ people);
- ..capacity to keep myself abreast with the latest happenings by investing in my learning;