Vikas Sharma

CEO

Dubai, United Arab Emirates8 yrs 4 mos experience

Most Likely To SwitchHighly Stable

Key Highlights

Over 10 years in offensive security.
Led 100+ security projects globally.
Presented at Blackhat 2022 Conference.

Stackforce AI infers this person is a Cybersecurity expert specializing in offensive security and vulnerability management.

Contact

Skills

Core Skills

Offensive SecurityPenetration TestingVulnerability AssessmentEthical HackingApplication Security

Other Skills

ApacheBug Bounty ManagementCode AnalysisComputer SecurityDomain Name System (DNS)Firmware AnalysisHTMLInformation SecurityInformation Security ManagementInternet SecurityIoT SecurityJavaScriptLinuxManagementNetwork Administration

About

With over 10+ years of experience in offensive security, I specialize in uncovering and mitigating complex vulnerabilities across web, API, mobile, and enterprise networks. My role goes beyond testing — I work closely with global stakeholders to scope and secure worldwide data centers, lead penetration testing initiatives, and provide actionable security insights that directly strengthen organizational resilience. As a team leader, I’m passionate about mentoring junior analysts and guiding peers, fostering a culture of precision, curiosity, and accountability in every engagement. To date, I’ve contributed to 100+ security projects — from hands-on manual testing and code reviews to full-scale adversarial simulations — leveraging methodologies such as OWASP, CWE, and industry best practices. My work has earned recognition from leading organizations including Apple, Microsoft, AT&T, PayPal, Adobe, eBay, and PureVPN, as well as numerous startups and enterprises worldwide. Some of my findings have also been featured in HackerOne Zero Daily and SecurityAffairs.co. I've also presented in Blackhat 2022 Conference on "Entry level Drone Exploitation" Workshop. 🔒 Certified as an Offensive Security Certified Professional (OSCP) and Certified Red Team Professional (CRTP), I remain committed to advancing security strategies, bridging the gap between technical depth and business priorities, and driving impactful cybersecurity outcomes on a global scale.

Experience

Mastercard

Offensive Security Leader

Nov 2022 – Present · 3 yrs 4 mos · Dubai, United Arab Emirates

Lead offensive security operations including global data center scoping, penetration testing, red team exercises, and vulnerability assessments across web, API, mobile, cloud, and network infrastructures.
Work closely with worldwide stakeholders to define scope, prioritize risks, and ensure testing aligns with business and compliance objectives.
Guide and mentor junior analysts and peers, providing technical direction, training, and reviews to enhance overall team expertise.
Oversee and deliver end-to-end penetration testing projects, applying industry-standard frameworks such as OWASP, CWE, and MITRE ATT&CK.
Translate technical findings into executive-level reports and actionable insights, helping leadership teams strengthen defenses and make informed risk decisions.
Continuously improve offensive security practices by integrating emerging threats, adversarial tactics, and lessons learned into testing methodologies.
Actively contribute to a culture of security excellence, ensuring collaboration between technical teams and business stakeholders worldwide.

Offensive SecurityPenetration TestingVulnerability AssessmentRisk ManagementStakeholder EngagementSecurity Frameworks

Johnson controls

Senior Product Security Engineer

Apr 2020 – Aug 2021 · 1 yr 4 mos · Pune, Maharashtra

Penetration testing - Web application, Network & Mobile.
Vulnerability assessment/ Risk Analysis
Frequent IoT Device Penetration Tests / Firmware Analysis
Researching on Embedded security.
Consulting with product teams on ‘security by design’ principles across the Software Development Lifecycle to assist Security Architects when conducting product-specific security assessments.
· Perform static and dynamic code analysis, vulnerability scanning, and penetration testing to detect any potential security design flaws or vulnerabilities.
· Demonstrating proof of exploit where necessary.
· Prototyping and testing countermeasures to defend against attacks where necessary.
· Consult and support product teams in mitigating any discovered security design flaws or vulnerabilities.

Penetration TestingVulnerability AssessmentRisk AnalysisIoT SecurityFirmware Analysis

Agilehunt

Technical Author

Aug 2019 – Present · 6 yrs 7 mos · Dubai, United Arab Emirates · Remote

Publish my security research findings

Amdocs

Information Security Analyst

Oct 2018 – Apr 2020 · 1 yr 6 mos · Pune Area, India

Penetration testing - Web application, Network & Mobile.
Thick Clients / Source code reviews
Consulting with product teams on ‘security by design’ principles across the Software Development Lifecycle to assist Security Architects when conducting product-specific security assessments.
· Perform static and dynamic code analysis, vulnerability scanning, and penetration testing to detect any potential security design flaws or vulnerabilities.
· Demonstrating proof of exploit where necessary.
· Prototyping and testing countermeasures to defend against attacks where necessary.
· Consult and support product teams in mitigating any discovered security design flaws or vulnerabilities.

Penetration TestingVulnerability AssessmentRisk AnalysisCode Analysis

Mastercard

2 roles

Information Security Analyst

Promoted

Mar 2018 – Sep 2018 · 6 mos · Pune Area, India

Associate Information Security Analyst

Jul 2016 – Mar 2018 · 1 yr 8 mos · Pune Area, India

Ethical Hacking / Application Security ( Web application / Mobile / Network ) for all business departments in the organization.
Managing Mastercard's Official Bug Bounty Program
Participating / Building Appsec CTFs for Team

Ethical HackingApplication SecurityBug Bounty Management