Omair is a Security Analyst at NII. His area of work includes Vulnerability Assessment, Security Audits, Penetration Test, Source Code Reviews.
He has over 4 years of experience in penetration testing, vulnerability assessment and network security. He has been responsible for maintaining a secure network for mission critical applications and has been involved in secure configuration and deployment of operating systems.
He has also published security advisories pertaining to stack overflow vulnerabilities in commonly used software like Excel, Real Player, Apple QuickTime, Internet Explorer and Adobe Acrobat.
His area of expertise includes Penetration testing, Vulnerability Assessment forensic investigation, Network Security, Code Audits, Risk Management. He possesses strong analytical skills and is a part of the research activities undertaken at NII.

• Bachelors of Engineering in Electronics and Communications
  Osmania University, India.
• Masters of Business Administration in Finance and Marketing
  Indian Institute of Planning and Management, Hyderabad.

• Certified Ethical Hacker(CEH)
• Offensive Security Certified Professional(OSCP)
• Red Hat Certified Engineer(RHCE)
• VMware Certified Professional(VCP)
• Juniper Networks Certified Internet Specialist, Enhanced Services(JNCIS-JES)
• Juniper Networks Certified Internet Associate, Enterprise Switching(JNCIA-EX)
• IBM Certified System Expert - System x Blade Center Technical Support V5(IBM)
• IBM System x Technical Principles V9(IBM)
• Accredited Platform Specialist - Proliant ML/DL Servers(HP)

• Expertise in Implementing security policies and periodic vulnerability assessment of the network.
• Recurring Penetration Tests for various foreign clients in the banking sector.
• Implementation of security products like IBM ISS IPS, Watch guard, Tipping Point IPS, Exinda, Trend Micro Enterprise Antivirus, McAfee Enterprise Antivirus.
• Perform Code Audits for applications in .NET, PHP and Java.
• Provided training on key networking and security concepts for the development teams.
• Designing of strict firewall rules to drop malicious traffic
• Knowhow on implementation of IPS for detection of worm propagation on the network.
• Identifying malicious traffic and writing proper rules.
• Trainer for the Certified Professional Hacker course.
• Vulnerability Assessment of Microsoft’s OWA and IBM Lotus Domino Servers.
• Penetration testing of a Stock Exchange.

• Operating Systems:Windows, Linux, AIX, HP-UX, FreeBSD, Solaris
• Network components: Firewalls, Routers, VPN, Switches, WLAN access points
• Security tools: Well versed with most of the industry standards free and commercial tools like IDA, Windbg, Ollydbg, Core Impact, Immunity Canvas, IBM ISS Scanner, Nmap, Nessus, Nikto, Whisker, Web Scarab, Paros, Wire shark, Metasploit.
• Languages: Programming PHP, Perl, Python, C, C++, Assembly and Shell Scripting.

• Communication and Interpersonal
• Have good communication skill by virtue of being an alumni & conducting workshops & demonstrations at various seminars
• Experience in product development and client interactions. Experience in leading a team & dealing with senior and middle management, system administrators, auditors, clients, customers, etc. Very strong commitment to quality of deliverables

• Vulnerability Assessments
• Web Application Security Assessments and Audits
• Network Security Assessments and Audits
• Security Audits for Databases, Operating systems, Server Systems, etc
• Configurations reviews for network devices, and other technologies
• Computer Forensics and Investigation on Hacking Incidents, Phishing emails, research on Phishing emails etc.

• Excel File Format Parsing Vulnerability (CVE-2010-3232)
• RealPlayer RealMedia Memory Heap Corruption Vulnerability (CVE-2010-4386)
• RealPlayer RealAudio Codec Memory Corruption Vulnerability (CVE-2010-4387)