Jan 2024 – Nov 2025 · 1 yr 10 mos · Dubai, United Arab Emirates

• This is the official AWS Cloud Security User Group in Middle East. It's a community filled with developers, devops, security enthusiasts & many others. The group is mixed with wide range of passionate people - professional experts, students, co-founders, CXOs, freelancers, consultants, managers, etc. coming together to make new connections, learn & share new interesting things.

Apr 2023 – Jan 2024 · 9 mos · United States · Remote

• Thought Leadership
• Lead Detection Engineering - Containers & Kubernetes
• Lead Threat Research - Containers & Kubernetes
• DevSecOps
• Software Supply Chain Security
• Public speaking - several international conferences & private events
• CNAPP
• Product Roadmap
• Development
• Mentoring
• SE
• Marketing at Kubecon

Nov 2022 – Apr 2023 · 5 mos · Germany · Remote

Oct 2022 – Present · 3 yrs 5 mos · Remote

• Working on numerous areas including Security, DevSecOps, CloudNative technology, open-source development, product development, etc.
• Lead teams in integrating security into their workflows to enhance overall security posture.
• Active speaker and researcher in the cybersecurity community, with speaking engagements at Gitex, DevSecCon, AWS Community Day, BlackHat Asia, BlackHat USA, etc.

Jan 2022 – Jan 2024 · 2 yrs · United Kingdom · Remote

Jun 2021 – Oct 2022 · 1 yr 4 mos · Dubai, United Arab Emirates

• Designing, building, and managing PaaS & its security.
• Leading DevOps team.
• Containers and Kubernetes security.
• Integration of automation and DevSecOps.

Nov 2020 – Jun 2021 · 7 mos · Dubai, United Arab Emirates

• Responsible for architectural and design reviews of new integrations and projects.
• Responsible for end-to-end security review of projects developed by multiple squads.
• Perform source code review, penetration testing, container review, etc.
• Developed open-source projects extending Kubernetes functionalities.

Jul 2018 – Nov 2020 · 2 yrs 4 mos · Pune Area, India

• Perform Docker and Kubernetes security assessments
• Implemented end-to-end workflow for DevSecOps service offerings
• Perform security assessment of web and android applications (both black box and white box)
• Collaborate with experts while performing infrastructure assessments
• Perform source code review to discover new vulnerabilities
• Responsible for end-to-end client delivery
• Published IEEE research paper on Machine Learning and security
• Speaker at multiple international security conferences
• >>>> Hack In The Box (HITB), Dubai
• >>>> Bsides, Egypt
• >>>> CRESTCon, London
• >>>> Hack In The Box (HITB), Amsterdam
• >>>> PHDays, Moscow, Russia
• >>>> DEFCON, Las Vegas
• Trainer at Nullcon India (Android Application Security)

May 2017 – Aug 2017 · 3 mos · Remote

• One among the only 4 people to get selected world-wide. My contribution during this period - 17,000+ lines of code.
• Authored script to fetch smb enum services from remote windows machine.
• Authored script for enumerating (iOT)devices running on OpenWebNet protocol.
• Authored punycode and idna libraries for nmap to handle unicode input.
• Refactored http-enum script for optimization purposes.
• Made ncat enhancement to limit data using a delimiter while transferring data.
• Fixed issues related to cve-2014–3704 nse script.
• Enhancements made to cve-2014–3704 nse script.
• Removed redundant parsing functions by making enhancements from few libraries.
• Autocomplete feature for --script-args parameter in nmap. Due to lack of compatibility issues with Windows OS and zsh shell, it is not merged yet.
• Colored output for nmap.
• Added missing ip protocols to netutil.cc.
• Complete report - https://medium.com/@rewanthcool/gsoc-2017-with-nmap-security-scanner-80d9bd54a97a

Jun 2016 – Sep 2016 · 3 mos · Remote

• Developed automated web vulnerability scanner using Python, selenium and PhantomJS worth $2000 USD/year along with 3 other employees.
• Authored and integrated plugins to the vulnerability scanner.
• Developed module to save screenshot of the website when the payload is executed as a POC.
• Worked as a penetration tester as well.

Jun 2016 – Jul 2016 · 1 mo · Gurgaon, India

• Added new functionalities and features to the website while optimizing the existing features in the present website.
• Worked on AngularJS, Bootstrap during the course of internship.

Mar 2016 – Aug 2016 · 5 mos · Remote

• Security assessing of company's website and patching the vulnerabilities.
• Discovered and patched critical payment gateway bugs which saved thousands of dollars to the company.
• Worked on handling the security of cloud services and servers as well.
• Impressed with my work they added my name to their About-Us page (I was only an intern there).
• View me @ http://oxcean.com/About-us

Sep 2015 – May 2018 · 2 yrs 8 mos · NIT Kurukshetra

• Group of students who are passionate in Web Development.
• Developed websites for the college fests.
• Freelanced few projects under this organization.