Sep 2023 – Jan 2024 · 4 mos · Working as Lead Cyber Security Consultant for HPE (Hewlett Packard Enterprise). · Remote

• >Security Automation: Developed and implemented automation solutions to streamline security operations and improve response times in cloud environments.
• >Vulnerability Assessments & Penetration Testing: Led VA and PT efforts within cloud infrastructure using tools like Wiz, proactively identifying and remediating security vulnerabilities.
• >Cloud Security: Ensured robust security of cloud platforms by integrating automated security tools and reducing risk exposure through continuous monitoring.
• >Tool Integration & Optimization: Optimized Wiz and other cloud security tools, configuring them for comprehensive security visibility and real-time monitoring.
• >Incident Response & Remediation: Managed incident response and quickly remediated vulnerabilities identified in VA/PT assessments, coordinating with relevant teams.
• >Security Best Practices: Developed and enforced cloud security policies and best practices to integrate security into the development and deployment process.
• >Cross-Functional Collaboration: Collaborated with DevOps, engineering, and operations teams to implement security measures and automate security workflows within CI/CD pipelines.
• >Threat Intelligence: Applied threat intelligence to enhance security assessments, proactively adapting to emerging threats and improving cloud security posture.

Nov 2021 – Aug 2023 · 1 yr 9 mos

• > Writing rules to feed into the Engineer to protect from LOLBIN attacks mapped to MITRE ATT&CK
• > Setup and assessments creation based on different scenario (MITRE ATT&CK) with different BAS(Breach Attack and Simulations) Tools like Cymulate SafeBreach and opensource.
• > Working on 0day exploits creating POC findings gaps and solution
• > Writing different exploits to demonstrate protection capability and gaps
• > Penetration Testing of different components to find gap and fix
• > Evaluate different security tools Antivirus/EDR/XDR with automation scripts based on IOCs and behavior
• > Analyzing and writing different Payloads for OWASP top 10 attacks

Aug 2019 – Nov 2021 · 2 yrs 3 mos

• > Critical/Scaled infra(servers and networking devices) Vulnerability Assessment/Management with Nessus, tenable(io/sc), Qualys
• > Public/Private Cloud Penetration Testing with Metasploit, Canvas, custom exploits and payloads
• > Setup of Malware lab to evaluate/ bypass EDR/XDR tools
• > Threat hunting setup and configuration of Cortex, Cybereason on endpoints and servers.
• > Red Teaming with sophisticated attack techniques along with shodan, censys etc.
• > Security Assessment of Mobile Apps(IOS/Android) manual and automated
• > SAST of Web, Mobile and other applications with Checkmarx and SonarCube
• > VA/PT to meet the PCI-DSS compliance Audits (internal/external)
• > Automation of VA/VM integration with JIRA tickets, DAST tools, DLP and POC of exploits

Jun 2016 – Jul 2019 · 3 yrs 1 mo · Working as Security Researcher for MOD (Ministry of Defence).

• > Creating Sophisticated Red Teaming strategies and executing them to find security Gaps
• > Penetration Testing/Auditing large and complex infrastructure(network/devices & servers)
• > Programming for Malware, reverse shell, C&C server etc for POC in a controlled environment.
• > ICS/SCADA and IoT security audit/Penetration testing
• > Setting up Infra for Red/Blue Team Security drills/exercises, Creating vulnerable VM's and monitoring tools.
• > Analyzing and proposing solution for Network/system-based Security threads and exploiting techniques
• > Automation for threat detection/malware analysis (static and dynamic) with FireEye and other tools.
• > Encountering and providing training to mitigate sophisticated spear phishing attacks with live POC

Aug 2013 – Dec 2015 · 2 yrs 4 mos

• > Web Security Assessment with OWASP Top 10 standard
• > Automated and manual Web VA with Acunetix, Burpsuite and ZAP
• > VPS, Hosting server and mail server hardening
• > Red Teaming, security tools and and framework Development
• Incidents and security alert monitoring and investigation