Profiles search

Asad Hafeez Yousufi l CISSP l CHFI

Information Security Consultant at Thales
Austin, TX, United States

Details

Education: Bachelor's degree

Computer Science

Karachi University

2003 : 2006

Master's degree

Computer Science

Karachi University

2006 : 2007
Experience: 2019 : Present

Thales Digital Identity & Security

Information Security Technical Consultant

2017 : 2019

Gemalto (now Thales Digital Identity & Security)

Information Security Technical Consultant

Technical Lead / R&D Software Engineer, in Gemalto Data Security, developing and researching on new security technologies and integrating into Gemalto product line.

2013 : 2017

Gemalto

Software Engineer Technical Lead

Information Security consultancy, Implementation of strong authentication using DS3 infrastructure and different hardware token technologies including Gemalto, RSA, VASCO, Secure-Metric..

Implementation of Transaction Signing, End to end encryption (E2E)

Database Design, Process optimization.

ERP development and consultancy.

Integration of Strong Authentication with existing custom and prosperity software production, including Core and Internet banking products, Oracle, SAP, Microsoft ERP products etc

2010 : 2013

Foresight Technologies Pvt Ltd

Technical Manager Data Security & Software Engineering

Implementation of DS3 solutions

Integration of DS3 solution with existing software products

2010 : 2013

Data Security Systems Solutions

Consultant
Company: Thales Digital Identity & Security
Years of Experience: 20
Spoken Language: English, Urdu

Skills

.NET, AJAX, Amazon Web Services (AWS), Application Security, Application Security Architecture, C, C#, C++, Cascading Style Sheets (CSS), Communication, Continuous Integration and Continuous Delivery (CI/CD), Cryptography, CSS, Databases, Docker, Hardware Security Module (HSM), HTML5, Integration, Java, JavaScript, jQuery, JSON, JSP, Maven, Metasploit, Microsoft SQL Server, Mobile Applications, MySQL, Nessus, OOP, OpenVAS, PHP, PKCS#11, PKI, Product Design, Product Security, Python, Reverse Engineering, Scrum, Secure Coding, Security Information and Event Management (SIEM), Software Engineering, SQL, Strong Authentication, Strong Authentication , Threat Modeling, UML, Visual Studio, Web Services, XML

About

17+ years of international and diversified experience in:

Information System Security

Threat Modeling

Source Code Security review and audit

Digital and Code Signing

End to End Encryption (E2EE)

PKI

Strong Authentication

Encryption

Hardware Security Modules (HSM)

Software Engineering, Integration & Deployment. Agile Methodologies, Architecting applications in the cloud.

Customer Facing IT Security Consulting

Strong oral and written communication and social skills



Strong leadership, right direction and successfully managed repeatedly many projects and won many accolades from customers, peers, superiors, and juniors.



Extensive Technology and product development hands-on experience worked as an architect to create the design and translated it into implementation.



Carrier Highlights & Experience:



(ISC)2 CISSP| EC-Council CHFI

Security is not a choice when we talk about online Electronic Banking, social media and in general internet of things, my job is to analyses and suggest what is required to keep a safe a secure dependable working environment and products we deliver to our customers.



Threat Modeling using STRIDE methodology.

Source Code Security review and audit.

OWASP tool based security testing review.





Cryptography:

SafeNet HSM, KeySecure, PKCS#11

Implementation of OATH, OCRA, EMV CAP and Dynamic Signature (DS) algorithms, PKI and Code Signing



Could Computing:

Docker (private PaaS), IBM Softlayer, Amazon and Redhat cloud.



Hands-on experience in development, integration, and deployment of Encryption using Hardware Security Modules (HSM), KeySecure and on Strong Authentication using SafeNet Authentication Service (SAS), DS3 Authentication Server as well as on Threat Modeling.



Penetration Testing:

Using different Pen testing tools like OpenVAS, Nessus etc to continues scanning the Gemalto eBanking product and assets for vulnerabilities.



Virtualization:

VMware infrastructure and Citrix.



Integration:

Integration of Strong Authentication, HSM and Keysecure Encryption Solutions, Transaction Signing with an array of applications, Core and Internet banking products, Operating systems, VPN, Firewalls and network appliances.



Build Systems:

Ant, Maven, SCons, Python



Continues Integration:

Jenkins



Agile:

Scrum, Redmine Backlogs, Kunagi



Automated Testing:

JUnit, Google Test, Python Scripts for HSM Module testing SOAPUI and iMacros