Mar 2023 – Feb 2025 · 1 yr 11 mos · Pune, Maharashtra, India · Remote

• Managed key client partnerships, including Oracle, AIDO, and LLA, driving successful customer delivery and generating over $1.2M in annual revenue
• Spearheaded the creation of SecAI, a cutting-edge SaaS platform designed for GenAI vulnerability testing; enhanced security protocols and reduced critical vulnerabilities by 50% within the first six months post-launch
• Mapped out SOC functions and Red Team documentation and process, pinpointing inefficiencies that contributed to a 40% decrease in response time; enhancements empowered security teams to better mitigate threats for 20+ clients
• Spearheaded the development of AutoSecAi, an advanced AI-driven platform utilizing Retrieval-Augmented Generation (RAG) to enhance automotive cybersecurity measures.

Oct 2022 – Feb 2023 · 4 mos · Pune, Maharashtra, India · On-site

• Led the Automotive Security vertical, overseeing strategic initiatives and client engagements
• Implemented ISO 21434 and conducted Threat Assessment and Risk Analysis (TARA) for clients, ensuring compliance with automotive cybersecurity standards
• Led penetration testing efforts for clients, covering infotainment systems, Android Automotive OS, and other critical automotive platforms
• Conducted security testing and source code reviews for internal management portals, identifying and addressing critical vulnerabilities

Jan 2022 – Sep 2022 · 8 mos · Pune, Maharashtra, India · On-site

• Developed and executed penetration tests and TARA for 20+ vehicle communication protocols, uncovering critical vulnerabilities; results from these tests informed improvements in safety measures, directly impacting system reliability
• Led a successful research team focused on discovering 0-day vulnerabilities and novel exploitation techniques, receiving client recognition for the team's efforts
• Executed comprehensive vulnerability assessments on over 10+ connected vehicles; pinpointed specific weaknesses in Android applications leading to actionable insights used by development teams to strengthen system defenses against potential threats
• Fuzzed vehicle browsers to identify and exploit remote vulnerabilities, including reporting a 0-day browser exploit, an Android companion app vulnerability, and a cloud bug for VinFast, with direct appreciation from the CEO

Jan 2020 – Jun 2021 · 1 yr 5 mos

• Spearheaded fuzzing of network protocols and proprietary software, resulting in the identification of multiple critical vulnerabilities that improved product security
• Delivered vulnerability analysis of Windows and Linux binaries, reducing client risk and improving threat resilience
• Innovated 0-day vulnerability detection methods, leading to the discovery of previously unknown exploits, which were highly valued by clients
• Led the development of application security solutions for web and Android, boosting client confidence and driving repeat business
• Automated security testing for web and Android, reducing testing time by 40% and improving overall efficiency in project delivery

Sep 2019 – Jan 2020 · 4 mos

Aug 2015 – Aug 2019 · 4 yrs · Lucknow, Uttar Pradesh, India · On-site

• Led high-impact web and Android application penetration testing projects, uncovering critical vulnerabilities that protected millions of user accounts
• Conducted in-depth wireless and radio frequency security evaluations, pinpointing and rectifying 30+ significant vulnerabilities in communication systems, thereby fortifying the integrity of essential operational infrastructure
• Executed reverse engineering and static analysis of Windows binaries, revealing key vulnerabilities that improved product security for high-profile clients
• Crafted advanced user-mode exploits targeting Windows binaries, directly improving the patch adoption rate by 25% among clients; fortified system integrity and minimized potential security breaches within the organization