User:Anurag Joshi

In summary, I am a career IT Auditor. Currently I run the IT Audit function of one of the large transportation rental companies. Chronologically, I completed my undergraduate degree in Computer Engineering in 1994 after which I worked as a software developer in Visual C++/C/SDK for over five years. Subsequently, I went back to school (UT-Austin) full-time to get my MBA in Information Management and Financial Accounting. Having graduated from MBA in 2000, I worked as an Information Risk Management consultant for a year before starting my life as an internal IT Auditor. My focus as an IT Auditor spans the entire spectrum of IT from application security, Network security, host (OS and database) security, mainframe technologies, IT processes (security admin, backup & recovery, disaster recovery etc.) and above all Web Application Security. Web Application Security is a personal favorite where I spend a lot of my personal research time and I conduct training sessions for our developers on OWASP guidelines. I have conducted several web application security assessments as part of my IT audits over the years.