Mar 2022 – Aug 2023 · 1 yr 5 mos · Bengaluru, Karnataka, India · Hybrid

• Red Teaming Specialist & Penetration Testing Group Workforce at EY serving to its clientele across the globe aiming to assess security & improve security posture of Application, Network & Infrastructure.
• Role revolves around Security Assessment & working with different teams to manage security operations. In this particular role, the assessor would complete security assessments of critical organization components & provide executive security reports along with recommendations & remediations to overall security threats/risks.

Apr 2019 – Mar 2022 · 2 yrs 11 mos · India

• Positioning with Cognizant includes my directive to:
• 1. Detect Security Risks first hand & lead first hand direct role towards business consumers to dilute threats in measures to that of security metrics.
• 2. Correlate data, create baselines for assumable security metrics & prevent outsider threat - do due-diligence proactively as part of the the Center Of Excellence (NFT-ST-CoE) team & excel moving forward.
• 3. Design Security Metrics with various perspective, Advisory to Center Of Excellence @CoE (Center of Excellence), Promote Technical Foundaion for Digital Security Strategy.
• 4. Adapt, Use, Innovate Digital Security Excellence - participate on Business RFP's to enhance profitability & enable advanced security dignity towards the organization & enable Business Leadership Understanding towards Security.
• 5. Conduct Security Security Assessments, Perform Penetration Testing, Adapt Red Teaming Integration into Enterprise & Lead Security Team(s) to it's targeted goals.

Dec 2014 – Mar 2019 · 4 yrs 3 mos · Greater Kolkata Area

• I do application security research, co-ordinate technical operations for Defencely Red Team Labs. I assist in quality based penetration test report management, carry out application security research for Defencely R&D Team, upscale and test application for statistical report generation.
• Aside, I maintain a security research portfolio for Defencely in order to study the newest attack vectors in the application security arena and help making research better applicable to clients from all around the globe with detailed risk management insights, risk impact perspective on business assets, and hence do a through vulnerability research to keep the knowledge base for Defencely up to date for regulatory Defencely compliance.
• Key ingredients include:
• Lead enterprise-scale security assessment and penetration testing projects for customers. Take responsibility for managing projects, including taking ownership of customer communication and coordinating internal resources.
• Communicate security policy and technology issues verbally on both a formal and informal basis to all levels of client staff, ranging from senior executives to user representatives. Deal with client discussions in an unstructured interview environment and produce high-quality written technical documents.
• Work independently to manage and execute multiple projects in diverse customer environments, ensure that appropriate management is apprised of project status, bringing projects to completion and follow up with customers regarding results.
• Gain a clear understanding of client technical environment, identify client needs, and effectively communicate solutions for the same.
• Develop tools for internal team use. Actively contribute to the maintenance and enhancement of team systems and processes.
• Develop and complete an education plan to grow skills consistent with client needs. Assist other team members with their efforts toward this goal.

Feb 2014 – Sep 2014 · 7 mos · Greater Kolkata Area

• I do web application penetration testing, I also train bug bounties, various university oriented students, professionals, application developers and show them how application security could be broken. In order to fix these application security, the first step includes breaking them.
• My responsibilities include:
• 1.) Training Enrolled Applicants on Web Application Exploitation
• 2.) International conduct of seminars and events for web penetration testing
• 3.) Web Application Penetration Testing as a Security Consultant
• 4.) Building, testing, and providing secure application services
• There is more to the research area, to which the details could not be published here or is forbidden.

Dec 2012 – Jun 2013 · 6 mos · Hauz Khas, New Delhi

• AVP (Associate Vice President) cum Web Application Penetration Tester, Code analysis auditor and Application Security Researcher at Lucideus Labs. My responsibilities here included vulnerability research, along with maintaining a brief client reporting standards with penetration test done. My areas of interest were application bug detection and exploiting these application bugs to create exemplary documentation of the newly found 0day bugs and hence in doing so, assist clients from India and abroad to mitigate the found vulnerabilities and patch them.

May 2011 – Oct 2013 · 2 yrs 5 mos · Kolkata

• OpenFire Technologies consists of opensource security community individuals and professional core team of developer, penetration testers and security researchers. As a part of the company, we have come across experiences which had made us strong in aspects of web application and network penetration testing services. We had opted and devoted ourselves to study of digital security with wide range of application products for our consumers.