Santosh Nishad

Associate Consultant

India3 yrs 7 mos experience

Most Likely To Switch

Key Highlights

Expert in vulnerability management and penetration testing.
Proficient in implementing CIS Benchmark hardening parameters.
Strong track record in conducting enterprise-level penetration tests.

Stackforce AI infers this person is a Cybersecurity Specialist with expertise in Vulnerability Management and Penetration Testing.

Contact

Skills

Core Skills

Penetration TestingVulnerability Management

Other Skills

API PentestingAPIsAcunetixAdversary SimulationAndroid TestingAutomative SecurityBug HuntingCIS Benchmark hardeningCehCorporate TrainingCybersecurityEnterprise TechEthical HackingFirmware AnalysisGrey Box penetration testing

About

As a highly skilled Engineer specializing in Vulnerability Management at NST Cyber, my expertise lies in a meticulous approach to identifying, evaluating, and analyzing vulnerabilities with a strong focus on risk assessment. My core mission is to empower end-users by facilitating the effective mitigation of potential security risks. Additionally, I possess an exceptional proficiency in implementing CIS Benchmark hardening parameters across a wide range of multi-vendor operating systems and devices, thereby enhancing the overall security posture. My capabilities extend seamlessly into the arena of Penetration Testing, where I draw upon a wealth of experience to define comprehensive scopes of activities and expertly exploit vulnerabilities. I am well-versed in the use of a diverse toolkit, including industry-standard tools such as Metasploit,Nessus,Nmap etc.., to execute these tasks proficiently. My proven track record includes the successful execution of both internal and external penetration testing exercises, where I meticulously assess remotely exploitable vulnerabilities to provide valuable insights. With a rich background in vulnerability management and penetration testing, I am fully confident in my ability to pinpoint and mitigate risks effectively across various industries. My overarching objective is to leverage my expertise to bolster organizations' security postures, ensuring they are resilient against potential threats.

Experience

Hack the box

HackTheBox SME

Jul 2024 – Present · 1 yr 8 mos · Remote

Doha bank

Cyber Security Consultant - Team Lead

Jan 2024 – Present · 2 yrs 2 mos · Doha, Qatar · On-site

Cybersecurity expert with a focus on identifying and securing vulnerabilities in Linux, Windows, network devices, and databases. Specialized in Grey Box penetration testing for mobile and web applications. Conducts internal penetration testing for complete infrastructure, delivering customized reports to meet client needs. Committed to strengthening cybersecurity through proactive assessments and strategic insights.
📊 Key Skills and Achievements:
● Manage, plan, and execute enterprise-level penetration testing across all internal networks.
● Conduct penetration tests for web applications, mobile applications, infrastructure, and APIs.
● Perform database, Linux, Windows, and configuration audits using tools such as Nessus, Nmap, and Nipper.
● Create comprehensive technical reports detailing audit results and vulnerability findings.
● Collaborate with vendors and development teams to implement security fixes and enhance overall security posture
On payroll of Netsenteries Technologies

enterprise-level penetration testingweb applicationsmobile applicationsinfrastructureAPIsNessus+5

Confidential

Freelance

Nov 2023 – Present · 2 yrs 4 mos · Remote

Netsentries technologies

Associate Consultant - Offensive Security

Oct 2023 – Present · 2 yrs 5 mos · Dubai, United Arab Emirates · Hybrid

Cybersecurity expert with a focus on identifying and securing vulnerabilities in Linux, Windows, network devices, and databases. Specialized in Grey Box penetration testing for mobile and web applications. Conducts internal penetration testing for complete infrastructure, delivering customized reports to meet client needs. Committed to strengthening cybersecurity through proactive assessments and strategic insights.

LinuxWindowsnetwork devicesdatabasesGrey Box penetration testinginternal penetration testing+3

Jio

Penetration Tester

Aug 2022 – Oct 2023 · 1 yr 2 mos · Navi Mumbai, Maharashtra, India · On-site

🔐 Experienced Cybersecurity Professional | Expert in Vulnerability Management, Penetration Testing, and Risk Mitigation 🛡️
With a strong background in cybersecurity, I specialize in identifying, reviewing, and analyzing vulnerabilities in complex environments. My expertise includes managing the security of a vast network of 50,000 internal and 12,000 external servers, all evaluated through a meticulous risk-based approach.
📊 Key Skills and Achievements:
● Conducted comprehensive vulnerability assessments on a massive scale, addressing potential risks to safeguard critical infrastructure.
● Spearheaded the implementation of CIS Benchmark hardening parameters across multi-vendor operating systems and devices, enhancing overall security posture.
● Defined and executed penetration testing scopes for a diverse landscape of 62,000 assets, uncovering vulnerabilities and ensuring robust defenses.
● Proficient in exploiting vulnerabilities using a range of tools including Metasploit, Nmap, Canvas, and others.
● Conducted internal and external penetration testing, identifying remotely hackable vulnerabilities to prevent potential breaches.
● Expertise in web application security, red teaming, threat hunting, ethical hacking, information security, SOCVM, and IoT security.
● Accomplished in leading red team exercises, simulating real-world attacks to test and strengthen organizational defenses.