Experience

Synack Red Team

• United States
• Computer and Network Security
• 200 - 300 Employee

• Red Team Member

  • Oct 2021 - Present



Akeero

• Ireland
• Software Development
• 1 - 100 Employee

• Research Intern

  • Sep 2022 - Dec 2022

  - Worked on the Security Automation of general security tasks using AWS lambda. - Researched on WebSockets vulnerabilities and automated those checks in the DAST. - Manual penetrating testing of Akeero Serverless WebApp and Infra - Developed a DAST solution for Akeero Serverless utilising BurpSuite Pro capabilities with custom extension and Python. - Worked on the Security Automation of general security tasks using AWS lambda. - Researched on WebSockets vulnerabilities and automated those checks in the DAST. - Manual penetrating testing of Akeero Serverless WebApp and Infra - Developed a DAST solution for Akeero Serverless utilising BurpSuite Pro capabilities with custom extension and Python.



Innovaccer

• United States
• IT Services and IT Consulting
• 700 & Above Employee

• Security Engineer II (Application)

  • Nov 2020 - Dec 2021

  - Conduct quarterly penetration testing of Web Application, Network, APIs, Android/iOS/Desktop Applications. - Conducted Black Box pentest and reported multiple critical logical issue around PII and Healthcare Data. - Ensuring complete application security covering CI/CD, Data Security, Dependencies and secure coding. - Carry out security assessment of the entire infrastructure before making it live for customers. - Automating baseline compliance and security checks using python and puppeteer to improve efficiency. - Established best application security posture in Healthcare IT domain and got recognised by KLAS and SecurityScorecard. - Investigating security incidents and carry out post-incident reviews. Show less



MobiKwik

• India
• Financial Services
• 500 - 600 Employee

• • May 2019 - Nov 2020

• • Oct 2018 - May 2019

  Responsibilities: • Internal Audit and Review of ISO 27001, PCI DSS and other security standards when applicable.• Information Security Risk Management.• Conduct Internal audit & IT Security training.• Designing, implementing and maintaining policies, procedures and process related documents.• Implement and Manage Information Security Management System for Mobikwik.• Perform Vendor Risk Assessment• Support during External audits• Auditing Information security controls on:Log analysis, Antivirus, Patch management, Security Incident handling & managementData analysis & presentation, Security awareness training and evaluation, Logical and physical access reviews, Identifying gaps and mitigation steps, etc.• Ensuring annual compliance to ISO 27001 & PCI DSS and report on the performance of security controls.• Perform Vulnerability Assessment on Application, IT Infrastructure and end points. • Server Configuration Audit and Network Assessment. Show less



L&T Electrical & Automation

• India
• Appliances, Electrical, and Electronics Manufacturing
• 700 & Above Employee

• Information Security Specialist

  • May 2018 - Jul 2018

  Directly reporting to Information Security head at Mumbai HQ - Identify and manage information security risk to achieve business objectives and align security strategy with Business needs in Mumbai and Mysore. - Engage and follow up on Internal and External Audits from L&T HQ, Mumbai. - Developed and Established Information Security Awareness campaign in L&T EA for the InfoSec team. - Established a secured and documented environment for the InfoSec Team, this includes reviewing security rules of various departments in L&T EA HQ, Mumbai and L&T EA, Mysore. - Worked closely with the InfoSec Team to help them with ISO 27001 Standard Recertification and Compliance. Show less