Oct 2021 – Apr 2024 · 2 yrs 6 mos

Mar 2021 – Sep 2021 · 6 mos · Dublin City, County Dublin, Ireland

Feb 2019 – Feb 2021 · 2 yrs · Dublin, Leinster, Ireland

• Key Highlights:
• ▪ Successfully gained Domain Admin privileges during an engagement without generating any security alerts by evading almost all the detection controls. Leveraged the previous work experience and knowledge of endpoint security solutions to evade detection.
• ▪ Successfully exfiltrated business sensitive data during a web application penetration testing engagement and generated zero alerts.
• ▪ Successfully exfiltrated business sensitive data from a high profile employee's system without generating any security alerts.
• Job role:
• ▪ Web and Mobile Application Penetration Testing
• ▪ Active Directory Penetration Testing
• ▪ Network Penetration Testing
• ▪ Internal/External Penetration Testing
• ▪ Infrastructure Penetration Testing
• ▪ Wireless Penetration Testing
• ▪ Social Engineering
• ▪ Incident Response
• ▪ Malware Analysis
• ▪ Source Code Review

Jun 2018 – Sep 2018 · 3 mos

• Key Highlights:
• ▪ Successfully exfiltrated business sensitive information during a penetration testing engagement.
• Job role:
• ▪ Web and Mobile Application Penetration Testing
• ▪ Network Penetration Testing
• ▪ Internal/External Penetration Testing
• ▪ Source Code Review
• ▪ Cyber Security Policy review
• ▪ Incident Response Plan review
• ▪ Security awareness training delivery

Jul 2016 – Jul 2017 · 1 yr · India

• Key highlights:
• Successfully handled and resolved more than 70 security incidents in this role ranging from severity P5 all the way up to P1.
• Defended the client's network infrastructure against following ransomware attacks in real-time.
• WannaCry
• CryptXXX
• NanoLocker
• Successfully handled and resolved more than 15 security incidents of severity P1, and P2 in less than 6 hours each.
• Job role:
• Deploying, configuring, managing & monitoring endpoint security solutions.
• Part of the On-Ground Incident Response team.
• Endpoint Security auditing.
• Technologies known:
• Endpoint security solutions like:
• AV (Anti-Virus)
• Host DLP (Data Loss Prevention)
• Device Control
• Host IPS (Intrusion Prevention System)
• Endpoint Encryption, etc. of different vendors like McAfee & Trend Micro.
• Worked in multiple customer environments by creating policies and rules as per the customer's requirement.
• Worked with customers having endpoints at different geographical locations.
• Performed Incident response in critical situations.
• Protected the customer's networks against major threats like WannaCry & Petya Ransomware by creating custom rules & deploying custom malware signatures to thousands of endpoints.
• Performed PoCs of security solutions in customer environments and tested their detection capabilities using valid test cases.
• Audited the client's endpoint security infrastructure.
• Delivered security awareness training to the end-users regarding the recent emerging threats (such as Ransomware) and the risks associated with them ultimately helping them secure their data & network.
• Worked by following the regulatory compliance along with creating & maintaining necessary documentation like POA (Plan of Action), SOW (Scope of Work), etc.