Oct 2023 – Present · 2 yrs 7 mos · Hyderabad, Telangana, India · Hybrid

• Acquired by Cisco
• Conduct threat modeling and serve as a point of contact to identify insecure design patterns and threats in Splunk's products.
• Remediate vulnerabilities found through SAST, DAST, and SCA assessments.
• Develop and own high complexity security automation tools, and CI/CD integration, which handles the trends of the vulnerabilities coming on the products.
• Detailed analytical information using Splunk Dashboard to classify the vulnerabilities.
• Working on security design discussions, threat assessments, propose and discuss solutions to security tools, CICD pipeline changes, and pen testing that are directly related to their area of focus.
• Architected an end-to-end threat-modeling copilot that carries FastAPI retrieval services with a chat surface, enabling security teams to ingest ERDs, query scraped AWS guidance, and receive actionable CIA/AAA recommendations in real time.

Nov 2021 – Oct 2023 · 1 yr 11 mos · Gurugram, Haryana, India · Remote

• Conducted authenticated Dynamic Application Security Testing (DAST) using Burpsuite for target systems.
• Performed Source Code Review with commercial tools like Checkmarx and Veracode.
• Engaged with CI/CD pipelines to ensure secure software development practices.
• Conducted Threat Modelling exercises to enhance system security.

Sep 2021 – Sep 2023 · 2 yrs

• Accessing & Securing the applications.

May 2021 – Oct 2021 · 5 mos · Chandigarh, India

• Perform vulnerability assessment and penetration testing of Web Applications and Networks.
• Static application security testing on sonarqube, checkmarx.
• Perform research on new vulnerabilities, attack vectors, exploits, and tools
• Vulnerability Assessment and Penetration Testing of the Mobile application on platform Android and iOS.
• Reporting and Documentation of the Vulnerability reported.

Oct 2020 – Present · 5 yrs 7 mos · India · Remote

Jan 2020 – May 2021 · 1 yr 4 mos · Rajasthan, India

• Web Application VAPT
• Securing linux server from internal and external attacks
• Maintaining SAST integrated tools for In-house Application
• Maintaining CI/CD Pipelines of the Application
• Perform OS Hardening on Linux servers
• Configure Docker Images on multiple ongoing platforms

Feb 2019 – Jan 2020 · 11 mos · Rajasthan, India

• Maintaining CI/CD Pipelines of the Application
• Perform OS Hardening on Linux servers
• Configure Docker Images on multiple ongoing platforms

May 2018 – Jun 2018 · 1 mo · Jaipur, Rajasthan, India

• Learn about the major concept of Cyber Security
• Perform various methodology for VA and PT

Jun 2017 – Jun 2017 · 0 mo · Bikaner, Rajasthan, India

• Did training in CCNA
• Learn about many things related to cisco routers and switches.
• Worked on IP subnetting
• Configure Routers using Putty
• Worked on creating LAN Cable of cross and straight type of LAN cable.