Anil Patil

Scope of DPO Services:
External Data Protection Officer (DPO)
Compliance Framework
Technical and Organizational Measures (TOMs)
Data Protection Impact Assessments (DPIAs)
Training and Awareness:
Incident Response and Management
Data Subject Rights Management
Vendor/Customer Management
Cross-border Data Transfers
Compliance Monitoring and Auditing
Documentation and Record-keeping
Ongoing Support and Consultation
Coordination with DPO(USA,EU,ASIA)

Security Tools: Nessus6.5.2, iStumbler, Microsoft Baseline Security Analyzer2.3, Burp Suite1.6.18.
Software: VMware11, Android Studio, Android SDK Manager, Android Simulator, APK Files.
OS: Windows 7, 8.1 and Linux.
• Performed scanning on Zero’s internal, semi-public and public networks to look for running
devices, operating systems and host information.
• Performed scanning on networks using Nessus Vulnerability Scanner and submitted an
executive summary that… Show more

Security Tools: Nessus6.5.2, iStumbler, Microsoft Baseline Security Analyzer2.3, Burp Suite1.6.18.
Software: VMware11, Android Studio, Android SDK Manager, Android Simulator, APK Files.
OS: Windows 7, 8.1 and Linux.
• Performed scanning on Zero’s internal, semi-public and public networks to look for running
devices, operating systems and host information.
• Performed scanning on networks using Nessus Vulnerability Scanner and submitted an
executive summary that outlined the details of any issues discovered.
• Performed scanning on Wi-Fi, Mobile devices and location information with Mac addresses
using iStumbler.
• Performed android apps pen testing of Indian Overseas Bank rewardz, State Bank Rewardz,
United Commercial Bank Rewardz, apps on Android Simulator.
• Submit the Internal & External Vulnerabilities Assessment(VA) report to the client.
• Performed Security Audit As Per Standard PCI DSS & Penetration testing based on NIST 800-
115, SANS, etc standards. Show less

Threat Modeling tool Threat Modeler V5.4.8.
• Improved, developed, and maintained security documentation including threat models and architectural designs.
• Conduct secure code reviews (IAST-CheckmarxV9.4.2 HF4), Threat Modelling (Manual / Automation) (Threat ModelerV5.4.8132- MITRE ATT&CK, STRIDE, PASTA -Framework/Methodology Expert), security assessments (API Security Testing-Postman Version 9.16.0.) and Build tools and carry out testing.
• Performed hands on security assessments by… Show more

Threat Modeling tool Threat Modeler V5.4.8.
• Improved, developed, and maintained security documentation including threat models and architectural designs.
• Conduct secure code reviews (IAST-CheckmarxV9.4.2 HF4), Threat Modelling (Manual / Automation) (Threat ModelerV5.4.8132- MITRE ATT&CK, STRIDE, PASTA -Framework/Methodology Expert), security assessments (API Security Testing-Postman Version 9.16.0.) and Build tools and carry out testing.
• Performed hands on security assessments by reviewing code, to identify security threats and requirements, identifying issues & providing recommendations to fix them.
• Lead the development and execution of threat modeling strategies to identify, assess, and mitigate potential security vulnerabilities in our clients' systems and applications.
• Managed a team of talented threat modeling professionals, fostering a collaborative and high-performing environment.
• Provided expert guidance on best practices, methodologies, and tools for effective threat modeling throughout the software development lifecycle (SDLC).
• Conducted comprehensive risk assessments based on threat intelligence, industry benchmarks, and organizational context to prioritize mitigation efforts. Determined the risk associated with the security flaws identified as part of Threat Modeling
• Collaborated closely with cross-functional teams including security architects, developers, and IT professionals to integrate threat modeling seamlessly into the SDLC.
• Ensured accurate and thorough documentation of threat models, risk assessments, and mitigation strategies.
• Provided detailed guidance and support to teams in application vulnerability remediation and Threat mitigations.
• Performed security assessments for applications, infrastructure and emerging technologies and guiding service teams in the secure design of IT systems.
• Created comprehensive threat models and attack trees for IT solutions, identifying potential vulnerabilities and areas for improvement. Show less

Role & Responsibility:
• AnalysedSource Code scan reports and suggest remediation / mitigation plan.
• Experience with Web Application Architecture Security Review, Static Code Review, Penetration Testing.
• Performed IoT Network Devices Penetration Testing.
• DevOps-CICD/JAMA/JIRA security user stories task review and fixed.
• Experience in the areas of Network Security Review, Network Architecture .Source Code Review.
• Prepare hardening security documents for OS, Network… Show more

Role & Responsibility:
• AnalysedSource Code scan reports and suggest remediation / mitigation plan.
• Experience with Web Application Architecture Security Review, Static Code Review, Penetration Testing.
• Performed IoT Network Devices Penetration Testing.
• DevOps-CICD/JAMA/JIRA security user stories task review and fixed.
• Experience in the areas of Network Security Review, Network Architecture .Source Code Review.
• Prepare hardening security documents for OS, Network Device and Security Testing. Show less

Role & Responsibility:
• Performed Vulnerability Assessments of Network and Security Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices.
• Performed penetration test and launch exploits using Metasploit,Burp Suite, Kali Linux penetration testing distribution tools sets. Analysed scan reports and suggest remediation / mitigation plan.
• Audit configuration of Network and… Show more

Role & Responsibility:
• Performed Vulnerability Assessments of Network and Security Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices.
• Performed penetration test and launch exploits using Metasploit,Burp Suite, Kali Linux penetration testing distribution tools sets. Analysed scan reports and suggest remediation / mitigation plan.
• Audit configuration of Network and Security devices Performed Penetration testing based on NIST 800-115, SANS-25 and OWASP Top 10 standards.
• Performed Vulnerability Assessments of Network and Security Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices.
• Keep track of new vulnerabilities on various network and security devices for different vendors.
• Ensure the coverage and track new assets & applications which are going live and ensure that the VA/PT and CA, Security Configuration Assessment are conducted before going live and periodically after going live.
• Maintained up-to-date inventory of assets and applications covered for VA/PT and CA and secure configuration assessment. Show less

• Performed scanning on Zero’s internal, semi-public and public networks to look for AWS Cloud Security.
• Performed scanning on AWS Cloud networks using QualysGuard Consultant Cloud Security Vulnerability Scanner and
• submitted an executive the summary that outlined the details of any issues discovered.
• Submit the Internal & External Vulnerabilities Assessment & Penetration Testing (VA/PT) & ASV report to the client.
• Performed Security Audit as per Standard PCI DSS &… Show more

• Performed scanning on Zero’s internal, semi-public and public networks to look for AWS Cloud Security.
• Performed scanning on AWS Cloud networks using QualysGuard Consultant Cloud Security Vulnerability Scanner and
• submitted an executive the summary that outlined the details of any issues discovered.
• Submit the Internal & External Vulnerabilities Assessment & Penetration Testing (VA/PT) & ASV report to the client.
• Performed Security Audit as per Standard PCI DSS & Penetration testing based on NIST 800-115, SANS, etc. standards.
Show less

• Performed scanning on Zero’s internal, semi-public and public networks to look for running devices, OS and host information.
• Performed scanning on networks using QualysGuard Consultant & Nessus Vulnerability Scanner and submitted an executive the summary that outlined the details of any issues discovered.
• Performed scanning on networks using Metasploit Penetration Testing Tool and submitted an executive summary that
outlined the details of any issues discovered.
• Submit the… Show more

• Performed scanning on Zero’s internal, semi-public and public networks to look for running devices, OS and host information.
• Performed scanning on networks using QualysGuard Consultant & Nessus Vulnerability Scanner and submitted an executive the summary that outlined the details of any issues discovered.
• Performed scanning on networks using Metasploit Penetration Testing Tool and submitted an executive summary that
outlined the details of any issues discovered.
• Submit the Internal & External Vulnerabilities Assessment & Penetration Testing (VA/PT) & ASV report to the client.
• Performed Security Audit as per Standard PCI DSS & Penetration testing based on NIST 800-115, SANS, etc. standards.
Show less

Security Tools :Nessus6.5.2, Nmap6.47, Burp Suite1.6.18.
OS : Windows 7, 8.1 AIX and Linux.
Penetration Testing Tool : Metasploit Pro 4.6.0, Proxy Ultrasurf 15.02 .
• Performed scanning on Zero’s internal, semi-public and public networks to look for running
devices, operating systems and host information.
• Performed scanning on networks using Nessus Vulnerability Scanner and submitted an
executive summary that outlined the details of any issues discovered… Show more

Security Tools :Nessus6.5.2, Nmap6.47, Burp Suite1.6.18.
OS : Windows 7, 8.1 AIX and Linux.
Penetration Testing Tool : Metasploit Pro 4.6.0, Proxy Ultrasurf 15.02 .
• Performed scanning on Zero’s internal, semi-public and public networks to look for running
devices, operating systems and host information.
• Performed scanning on networks using Nessus Vulnerability Scanner and submitted an
executive summary that outlined the details of any issues discovered.
• Performed segment scanning on server with source ip using Nmap Tool.
• Performed scanning on Windows host through Metasploit Tool in Penetration Testing Tool.
• Submit the Vulnerabilities Assessment(VA) report to the client.
• Performed Security Audit As Per Standard PCI DSS & Penetration testing based on NIST 800-
115, SANS, etc standards.

Show less

Duration : March’ 2010 to April’ 2011.
Software : VB, C#.NET 2005 and Crystal Report 8.5
Database : SQL Server 2000/2005
Team Size : 3
Role : Manual Testing

Description:

E Governance is specially developed software for Grampanchayat, Nagarparishad and Corporation in Mahararshtra. E Goverence allows to Accounting, Property Tax, Payroll, Health, Water Tax, , Voters List, Meeting Proceeding, Marriage, Inward-outward and Library.

Responsibilities:… Show more

Duration : March’ 2010 to April’ 2011.
Software : VB, C#.NET 2005 and Crystal Report 8.5
Database : SQL Server 2000/2005
Team Size : 3
Role : Manual Testing

Description:

E Governance is specially developed software for Grampanchayat, Nagarparishad and Corporation in Mahararshtra. E Goverence allows to Accounting, Property Tax, Payroll, Health, Water Tax, , Voters List, Meeting Proceeding, Marriage, Inward-outward and Library.

Responsibilities:

• Designing of Test Bed for execution.
• Involved in the functionality testing of the system.
• Preparing Test Cases for manual execution. Show less

Duration : March’ 2009 to Feb’2010.
Software : VB 6.0, Crystal Report 8.5.
Database : SQL Server 2000/2005
Team Size : 3
Role : Manual Testing

Description:

The project is designed for Inventory management provides superior management over inventory by optimizing inventory stoking levels for excellent customer service and profit maximization.

Responsibilities:

• Bug tracking for the designed test cases.
• Designing of… Show more

Duration : March’ 2009 to Feb’2010.
Software : VB 6.0, Crystal Report 8.5.
Database : SQL Server 2000/2005
Team Size : 3
Role : Manual Testing

Description:

The project is designed for Inventory management provides superior management over inventory by optimizing inventory stoking levels for excellent customer service and profit maximization.

Responsibilities:

• Bug tracking for the designed test cases.
• Designing of Test Bed for execution.
• Involved in the functionality testing of the system. Show less