Shirshak R.

Software Engineer

Bengaluru, Karnataka, India3 yrs 5 mos experience
Most Likely To Switch

Key Highlights

  • Hands-on experience in diverse penetration testing methodologies.
  • Recognized for responsible vulnerability disclosure by global organizations.
  • Actively expanding expertise in Cloud and AI-integrated security.
Stackforce AI infers this person is a Cybersecurity professional with a focus on Penetration Testing and Cloud Security.

Contact

LinkedIn

Skills

Core Skills

Penetration TestingCloud SecurityWeb Application SecurityApplication SecurityDigital Forensics

Other Skills

Web Application Penetration TestingAPI Penetration TestingMobile Application Penetration TestingDynamic Application Security Testing (DAST)Static Application Security Testing (SAST)Cloud Security AssessmentsFirewall Configuration ReviewsWeb Application Security AssessmentIAM Risk AssessmentSecurity AssessmentsSource Code ReviewSecurity AuditsIncident ResponseExploratory Data AnalysisApplication Security Hygiene

About

Hi I am a Penetration Tester with hands-on experience in Web, API, Mobile, Network and Infrastructure Penetration Testing across black-box and grey-box engagements. Delivered security assessments including Firewall Configuration Reviews, architecture-level threat modeling and PCI DSS network segmentation validation ensuring practical and prioritized remediation. Experienced in assessing Azure and GCP environments for security misconfigurations and IAM risks and actively expanding expertise in Cloud Penetration Testing and AI/LLM-integrated application security to address emerging attack surfaces. My foundation includes VAPT, Active Directory, MITRE ATT&CK, OWASP Top 10, OSINT and DFIR Fundamentals. I hold certifications such as PNPT, CRTP, CRTE, eWPTXv2 and eJPT. I actively sharpen my skills through CTF platforms like TryHackme, PentesterLab, VulnHub and Hack The Box. I've received Hall of Fame and Acknowledgments from global organizations including government bodies and Fortune 500 companies for responsible vulnerability disclosure reinforcing my belief that security is as much about trust and responsibility as it is about exploitation. Driven by curiosity and constant learning, I aim to grow into a Red Teaming roles that connects attacker perspectives with defensive strategy. I value meaningful conversations and collaboration that lead to measurable security improvements. TryHackMe: https://tryhackme.com/p/BoomBaam PentesterLab: https://pentesterlab.com/profile/6f11453f49dd4f008d3eece63f

Experience

Secnora

Cyber Security Engineer

Jun 2024Present · 1 yr 9 mos · Remote

  • Conducting Web, API and Mobile Application Penetration Testing using Black-box and Grey-box methodologies including Dynamic (DAST) and Static (SAST) analysis, Feature-level testing and assessments of AI-integrated applications, CRM platforms and Moodle-based applications.
  • Performing Internal and External Network Penetration Testing including Firewall Configuration Reviews, Rule-Set Analysis, Exposure Validation and identification of Network Misconfigurations.
  • Executing Cloud Security Assessments for Microsoft Azure and Google Cloud Platform (GCP) to identify IAM weaknesses, Insecure Configurations, Exposed Services and Cloud-specific attack vectors.
  • Performed PCI DSS Network Segmentation Testing and Validation ensuring proper isolation of the Cardholder Data Environment (CDE) and compliance with security standards.
Web Application Penetration TestingAPI Penetration TestingMobile Application Penetration TestingDynamic Application Security Testing (DAST)Static Application Security Testing (SAST)Cloud Security Assessments+3

Pentesterlab

Student

Apr 2023Dec 2023 · 8 mos

  • Profile: https://pentesterlab.com/profile/6f11453f49dd4f008d3eece63f
  • Learning about Vulnerabilities.
  • Getting Hands-on experience with the latest bugs.
  • Advanced penetration testing that often leads to web shells and remote code execution like Java deserialization (and deserialization in other languages), shell shock, out-of-band XXE, and Struts 2 vulnerabilities (CVE-2017-5638).
  • Practical experience in breaking real-world cryptography through exercises such as Electronic Code Book, Cipher Block Chaining, Padding Oracle, and ECDSA.

Defense institute of advanced technology (diat), du, drdo

Student

Jan 2023Jul 2023 · 6 mos · Remote

  • Course of Study:
  • FORENSIC & INCIDENT RESPONSE
  • CRYPTOGRAPHY
  • REVERSE ENGINEERING
  • MALWARE ANALYSIS
  • SYSTEM/ DRIVER PROGRAMMING & OS INTERNALS
  • VULNERABILITY DISCOVERY MODULE FOR WINDOWS, LINUX, AND IOS
  • VULNERABILITY ANALYSIS AND PEN TESTING
  • TOOLS AND TECHNIQUES FOR CYBER SECURITY PROFESSIONALS

The intect

Security Trainee | Pentester

Oct 2022Apr 2023 · 6 mos

  • Conducting Security Assessments in live Projects.
  • Creating Web Application Penetration Test Reports.
  • Research and experiment with different types of attacks.
  • Source Code Review.
  • Document security and compliance issues.
  • Automate common testing techniques to improve efficiency using scripting.
  • Communicate findings to both technical staff and executive leadership.
Security AssessmentsWeb Application Penetration TestingSource Code ReviewWeb Application Security

Cybertix

2 roles

Security Researcher Group Leader

Jul 2022Sep 2022 · 2 mos

Penetration TestingSecurity Audits

Security Researcher

Jul 2022Jul 2022 · 0 mo

Penetration TestingApplication Security

Cybersocial

Cyber Security Intern

Jun 2022Aug 2022 · 2 mos · Remote

Digital ForensicsIncident Response

Virtually testing foundation

Cyber Security Engineer

May 2022Jul 2022 · 2 mos

  • Verification Link: https://verification.givemycertificate.com/v/9b005d88-398b-4955-bec5-00c3616ec4ed

Jpmorgan chase & co.

Cyber Security Intern

May 2022Jun 2022 · 1 mo

  • Skills learned and used here
  • Exploratory Data Analysis using Python
  • Application Security Hygiene
  • Web Application Development
  • Email Security Fundamentals
  • Text-Based ML Models
  • Access Control
  • OWASP Top 10

Kasturba medical college, manipal

Student Intern

Apr 2022Jun 2022 · 2 mos

  • Dispensing of Medications
  • Formulating and Re-formulating Dosage Forms.
  • Maintaining full control over delivering, stocking, and labeling medicine and other products.
  • Organizing the pharmacy in an efficient manner to make the identification of products easier and faster.
  • Provide assistance with other medical services such as injections, blood pressure/ temperature measurements, etc.
  • Prepare medicine when appropriate using correct dosages and material for each individual patient.
Exploratory Data AnalysisApplication Security HygieneApplication Security

Cyber secured india

Cybersecurity and Digital Forensic

Jan 2022May 2022 · 4 mos

Anz

Social Engineering and Digital Forensic Investigator

Nov 2021Nov 2021 · 0 mo

  • Investigated Phishing emails and Performed Packet Capture Analysis
  • Security Awareness Training
  • Data Analysis
  • Data Presentation

Crime free bharat

Web Security and Digital Forensics Intern

Oct 2021Dec 2021 · 2 mos

  • Completed Internship in Cyber Security and Digital Forensics

Virtually testing foundation

Penetration Testing Intern

Oct 2021Dec 2021 · 2 mos

Forage

Cybersecurity Intern

Sep 2021Sep 2021 · 0 mo

  • Practical guidance on an ICO Dawn Raid.
  • Assess the legal situation after a data leak and take the necessary steps.
  • Respond to a data-related damages claim.
Investigating Phishing EmailsData AnalysisDigital Forensics

Befojji opsec

Cyber Security Community Volunteer

Aug 2021May 2022 · 9 mos

Education

Indira Gandhi National Open University

Master of Science - MS (Information Security) — Computer and Information Systems Security/Information Assurance

Jul 2023Jun 2025

Defence Institute of Advanced Technology (DIAT), DU, DRDO

Cyber Security

Jan 2023Jul 2023

Manipal College of Pharmaceutical Sciences, Manipal

Bachelor's degree — Pharmaceutical Sciences

Jul 2019Jul 2023

eLearnSecurity

eJPT — Computer and Information Systems Security/Information Assurance

Aug 2021Present

National Center for Missing & Exploited Children

Child Sex Trafficking

Jun 2022Present

Uttarakhand Open University

Postgraduate Level — Digital Forensics

Jan 2022Feb 2022

Cyber Security Foundation Professional Certificate - CSFPC™

CertiProf

Jan 2021Present

Virtually Testing Foundation

Internship- Cybersecurity Engineer

May 2022Jul 2022

Google

Google IT Professional Certificate

Jan 2021Present

Google

Google Cloud

Apr 2022Jun 2022

City Montessori School

Class 10th and 12th — Biological and Physical Sciences

Jan 2016Jan 2018

Stackforce found 100+ more professionals with Penetration Testing & Cloud Security

Explore similar profiles based on matching skills and experience

Mohammad Y.

Mohammad Y.

Associate Consultant - Offensive Security

at CLA Global Indus Value Consulting

Mumbai, India10 mos exp
Network PentestingApplication PentestingVulnerability Assessment
Vartika Bhatt

Vartika Bhatt

Senior Product Security Engineer

at GoTo Group

Bengaluru, India7 yrs 2 mos exp
Nivetha Saravanan

Nivetha Saravanan

Senior Consultant | Cyber Security

at EY

Bengaluru, India5 yrs 5 mos exp
Manish S.

Manish S.

Lead Information Security Engineer

at Gameskraft

Bengaluru, India5 yrs 5 mos exp
Praveen Kanniah

Praveen Kanniah

Architect - Product Security

at PhonePe

Bengaluru, India19 yrs 8 mos exp
Application SecuritySecurity Architecture Design
Puneet Kulkarni

Puneet Kulkarni

Senior Engineer

at Siemens Healthineers

Bengaluru, India8 yrs 11 mos exp
Information SecurityVulnerability Assessment
Burhan Chhotaudepur

Burhan Chhotaudepur

Product Security Analyst

at HackerOne

India3 yrs 6 mos exp
Information SecurityNetwork SecurityPenetration TestingVulnerability AssessmentWeb Application Security
Rahul Bhola

Rahul Bhola

Chief Technology Officer

at Troopod

Bengaluru, India9 yrs 11 mos exp