Nov 2018 – Nov 2019 · 1 yr · Singapore · On-site

• Conduct security reviews, threat modeling, and design assessments of wealth management products and services.
• Collaborate with development teams to integrate security controls and secure coding practices into CI/CD pipelines.
• Perform secure code reviews, static and dynamic analysis, and vulnerability assessments across web, mobile, and API platforms.
• Define and implement application security standards aligned with financial regulations (e.g., SEC, FINRA, MAS).
• Identify security gaps early in the development process and recommend architectural improvements.
• Triage and respond to security vulnerabilities reported through bug bounty or internal testing.
• Partner with DevOps, Infrastructure, and Cloud Security teams to ensure secure deployment of applications on cloud-native platforms.
• Develop and maintain security tooling for automation, continuous monitoring, and developer enablement for Wealth Management Division Where I directly wok with the regional CISO to manage the security and compliance posture of all the applications under wealth management.
• Conduct periodic training and awareness sessions for engineering teams on application security best practices.

Dec 2017 – Nov 2018 · 11 mos · Hyderabad Area, India

• Performing Manual penetration testing for web applications, web services and thick clients.
• Network Penetration Testing.
• Mobile Application Pen Testing
• Bluetooth and Wi-Fi Pen testing.
• In-house automation.
• Internet of Things (Hardware Pen-testing).
• Performing Manual penetration testing for web applications, web services and thick clients.
• Network Penetration Testing. (Corporate Penetration Tests)
• Mobile Application Pen Testing
• Bluetooth and Wi-Fi Pen testing. (Airplay and Miracast)
• Internet of Things (Hardware Pen-testing).
• Threat Modelling.

Mar 2017 – Dec 2017 · 9 mos · bangalore

• Responsible for Product security including (web, Mobile) application vulnerability assessment &
• penetration testing and Infrastructure security testing.
• Plan, develop and manage the application and network secure architecture.
• Implemented the infrastructure security automation using ansible.
• Threat modelling and architecture review of product.
• Implemented the AWS security automation Implemented security awareness programs and instituted
• compliance metrics to decrease enterprise risks.
• Enterprise wide penetration tests and reviews conducted on various components to identify security
• loopholes and subsequently addressed with appropriate controls.

Oct 2015 – Nov 2016 · 1 yr 1 mo · Bengaluru Area, India

May 2015 – Oct 2015 · 5 mos

Feb 2015 – May 2015 · 3 mos

• >vulnerability assesment and penetration testing(Both manual and autonomous)
• >Business logic testing with zero false positive
• >mobile application testing(iOS and android)
• >source code review
• > network audit(internal network as well as external)
• >Architecture review

Aug 2014 – Jan 2015 · 5 mos · Bengaluru Area, India

• It's a dedicated It security course developed for security persons.I have worked more into developments of tools that can be used for network monitoring , audit , malware analysis. I have also worked in cyber forensics (Both live and dead) .Also developed tools for automated web pentesting.