As a Security Analyst, I monitor, analyze, and respond to security threats across networks, systems, and applications. I investigate security incidents, conduct vulnerability assessments, and implement mitigation strategies to protect sensitive data and infrastructure. My role involves researching emerging threats, managing firewalls, and deploying security tools to detect and prevent cyberattacks. Additionally, I assist in incident response, conduct forensic analysis, and collaborate with teams to strengthen security policies and compliance measures.
ABOUT ME
I am Sharique Raza, Ph.D., a distinguished cybersecurity expert and Senior Security Architect based in Dubai, UAE. With over 7 years of experience in the field, I specialize in securing Payments, Cards, and Core Banking systems for some of the world’s leading organizations.
Throughout my career, I have demonstrated expertise in red teaming, vulnerability research, and advanced cybersecurity solutions. My work has been recognized globally, including the discovery of two critical zero-day vulnerabilities—CVE-2023-21978 and CVE-2023-22076—which earned acknowledgments from esteemed organizations such as the United Nations, Nvidia, and Microsoft Security Response Center.
My Journey
2022 - Present
Senior Security Architect
Confidential Government (2 years 3 months) -- UAE
Currently working with a leading government bank in the UAE since November 2022.
2017 - 2023 (2 Years)
Attack Surface and Vulnerability Researcher
ZeroFOX -- India
Formerly at ZeroFOX, where I contributed to enhancing enterprise security.
January 2021 - October 2022 (1 year 10 months)
Government of India -- Delhi India
Cybersecurity Researcher & Investigator
Played a pivotal role in securing India’s Crime and Criminal Network Tracking System (CCTNS), which digitizes crime data across police stations.
April 2020 - January 2021 (10 months)
National Security Database -- India
Web Application Penetration Tester
I analyze and mitigate zero-day vulnerabilities in web applications while developing a Virtual Cyber Pentesting Sandbox using Docker, integrating well-known CVEs from ExploitDB. My work involves reverse engineering mobile applications and binaries using dnSpy and Immunity Debugger to develop exploits. Additionally, I clone vulnerable Docker environments to test various exploits, including Juicy Potato, MS07, EternalBlue, VNC attacks, and privilege escalations on both Windows and Linux. I identify and report vulnerabilities in government web applications through the Breach Point Program. I also assist law enforcement agencies, including Jamshedpur Police and CID, in cybercrime cases, conducting OSINT to track cybercriminals. Beyond technical work, I spread awareness about cybercrime, guiding victims on legal actions and case filing.
October 2019 - April 2020 (7 months)
Sennovate -- India
Security Consultant
I served as a primary responder for managed security incidents, monitoring client firewalls and infrastructure components while troubleshooting and researching security incidents. I developed a vulnerability assessment tool using open-source tools in Bash, installing it on a Raspberry Pi to conduct remote vulnerability assessments of internal client networks. Additionally, I performed remote vulnerability assessments for various clients, ensuring robust security measures.
November 2016 - October 2019 (3 years)
AAITPRO
Security Analyst
EDUCATION
Master of Computer Applications (MCA)
Jain (Deemed-to-be University)
Computer and Information Systems Security/Information Assurance
Focused on advanced cybersecurity concepts, including information assurance, system security, and secure software development.
Bachelor's Degree in Computer Software Engineering
Bangalore University
Field of Study: Computer Software Engineering
Details: Gained foundational knowledge in software engineering principles, programming, and application development.
12th Grade Mathematics and Computer Science
Chinmaya Vidyalaya.
SKILLS
Application Security Architecture: 95%
Expertise in designing secure application frameworks and implementing scalable security solutions for enterprise systems.
Cloud Security: 90%
Advanced knowledge of securing cloud environments, particularly Microsoft Azure, with a focus on identity management, data protection, and compliance.
Red Teaming & Offensive Security: 95%
Proficient in penetration testing, vulnerability exploitation, and attack simulations using tools like Metasploit and Burp Suite.
Vulnerability Research & Zero-Day Exploits: 92%
Skilled in identifying zero-day vulnerabilities (e.g., CVE-2023-21978, CVE-2023-22076) and developing mitigations.
Reverse Engineering: 90%
Expertise in analyzing binaries and mobile applications using dnSpy and Immunity Debugger to uncover vulnerabilities and develop exploits.
Tool Proficiency:
Metasploit, Burp Suite, Nmap: 95%
Docker (for sandbox environments): 90%
dnSpy, Immunity Debugger (for reverse engineering): 90%
Python, Bash (for scripting): 85%
Incident Response & Forensics: 88%
Strong ability to respond to security incidents, perform forensic investigations, and develop incident response strategies.
Threat Hunting & OSINT: 85%
Proficient in open-source intelligence gathering to identify cyber threats and track cybercriminals.
Network Security Implementation: 87%
Comprehensive experience in securing enterprise networks through firewalls, VPNs, and intrusion prevention systems.
Exploit Development & Testing: 90%
Skilled in testing exploits like Juicy Potato, MS07, Eternal Blue, VNC attacks, and privilege escalations on Windows and Linux platforms.
Cybercrime Investigation Assistance: 85%
Experience assisting law enforcement agencies with cybercrime cases through technical analysis and legal guidance.
Awareness & Training Programs: 80%
Actively spreads awareness about cybercrime prevention and conducts training sessions for law enforcement agencies.
Secure Coding Practices: 85%
Proficient in implementing secure development lifecycle (SDLC) practices to minimize vulnerabilities during software development.
AWARDS
Certified Cyber Crime Intervention Officer
Recognized for expertise in addressing and mitigating cybercrime incidents.
National Crime Records Bureau Awardee
Acknowledged for significant contributions to cybersecurity initiatives in collaboration with law enforcement agencies.
8th Most Valuable Security Researcher in the World
Awarded by Microsoft Security Response Center for exceptional contributions to cybersecurity, including the discovery of complex vulnerabilities like remote code execution.
Crime and Criminal Network Tracking System - Track 1 Winners
Honored by the Ministry of Home Affairs, Government of India, for reporting and mitigating over 70 vulnerabilities in the CCTNS system, a critical application for digitizing and integrating crime data across police stations in India.
CERTIFICATIONS
Certified Enterprise Security Professional (CESP)
Certified API Security Analyst (CASA)
Certified Ethical Hacker Master
Ethical Hacking: Vulnerability Analysis
Step into Robotic Process Automation
SAP Certified Application Associate – SAP S/4 HANA Sourcing and Procurement
eLearnSecurity Pentest Expert (eCPPTX)eLearnSecurity Certified Professional Pentester (eCPPT)
Offensive Security Certified Experienced Pentester (OSEP)
Offensive Security Certified Professional (OSCP)
Certified Red Team Operator (CRTO)
Certified Red Team Professional (CRTP)
Certified Red Team Expert (CRTE)
Certified Azure Red Team Professional (CARTP)
eLearnSecurity Web Expert (eWPTX)