Jun 2020 – Jul 2021 · 1 yr 1 mo · Bangalore · On-site

• Security Integration and Testing: Led security integration throughout the entire development lifecycle, performed testing of Web apps, Mobile apps, Network, APIs, Infra, and Code. Implemented security measures in the CI/CD pipeline and utilized automation to enhance security practices.
• Responsible Disclosure and Vendor Assessments: Managed the Responsible Disclosure program, fostering responsible vulnerability reporting. Collaborated with the GRC team to conduct Third-Party Vendor Assessments, ensuring security compliance throughout the supply chain.
• Security Awareness and Training: Organized and conducted security awareness training for diverse teams, cultivating a culture of security awareness. Created secure coding resources to empower developers with best practices.
• Application Security Standards: Developed and established robust standards and procedures for application security, ensuring consistent and comprehensive security measures across projects.
• Risk Assessment Support: Provided technical expertise and support for risk assessments, contributing to the implementation of secure architecture and risk mitigation strategies.
• Security Program Development and Implementation: Designed, developed, and successfully implemented information security programs, bolstering the organization's security posture.

May 2019 – Jun 2020 · 1 yr 1 mo · Bangalore · On-site

• Security Assessments and Architecture Review: Conducted comprehensive security assessments and architecture reviews of new and existing products, ensuring the identification and remediation of vulnerabilities and potential risks.
• Bug Bounty Program Management: Successfully managed the Bug Bounty program on BugCrowd, triaging reported issues and guiding developers through the resolution process to ensure effective closure.
• Security Training and Awareness: Delivered engaging security sessions on various topics and organized security awareness sessions for new employees, fostering a security-conscious culture across the organization.
• Application Security Incident Response: Provided valuable support to multiple departments by participating in Application Security Incident Response activities, addressing security incidents promptly and effectively.
• SOP Development: Developed standardized operating procedures (SOPs) for various organizational processes, streamlining security practices and ensuring consistency in security-related workflows.

Oct 2018 – May 2019 · 7 mos · On-site

• Vulnerability Assessment and Penetration Testing (VAPT): Conducted VAPT for multiple clients, evaluating the security of their Web applications, APIs, Network, and Mobile Applications to identify and mitigate vulnerabilities.
• Project Management: Successfully managed end-to-end projects for various clients, from initial planning to final delivery, ensuring timely and effective execution of security initiatives.
• Security Testing Framework: Developed a Security Testing Framework, streamlining the security testing process and enhancing the efficiency and consistency of security assessments.
• Mentoring and Leadership: Mentored and guided newly hired personnel, providing technical and personal development support to help them grow and excel in their roles.
• Onsite Collaboration with Client's Internal Security Team: Collaborated with the internal security team of a prominent bank in Dubai to integrate security testing seamlessly into the Agile development model. Led end-to-end security initiatives, ensuring security requirements were considered throughout the development lifecycle, and driving the adoption of secure coding practices and security testing automation. Resulted in enhanced security posture and accelerated development cycles while maintaining compliance with industry standards and regulatory requirements.

Apr 2017 – Oct 2018 · 1 yr 6 mos · On-site

• Conducting Vulnerability Assessment and Penetration Testing for Web Applications, Networks, and Mobile Platforms.

Jun 2016 – Apr 2017 · 10 mos · Noida Area, India · On-site

• Vulnerability Assessment and Penetration Testing (VAPT): Conducted VAPT on multiple clients' Web applications, APIs, Network, and Mobile applications, identifying and remediating security vulnerabilities.
• CERT-In Examination Success: Played a crucial role in helping the organization pass the CERT-In (Computer Emergency Response Team of India) examination, demonstrating compliance with security standards and best practices.
• Note: Torrid Networks was merged with Network Intelligence (I) Pvt. Ltd in 2017.

Jun 2015 – Jul 2015 · 1 mo · Ahmedabad Area, India · On-site

• Training and Internship Overview:
• Completed the TechDefence Certified Cyber Security Expert v3 program, a career-oriented hands-on training focused on Advanced Ethical Hacking, Cyber Crime Investigation, Cyber Forensics, and Information Security.
• Achieved an 85% score in the Certified Cyber Security Expert certification exam.
• Gained practical experience through a 2-month internship at TechDefence Pvt. Ltd., Ahmedabad.

Jun 2014 – Jul 2014 · 1 mo · Dehradun · On-site

• Training Overview:
• Completed a one-month summer training program with HPES, India at the Dehradun Nodal Center.
• As part of the program, successfully developed and submitted the City Without Crime project, built in ASP.NET using C#.