Sep 2023 – Present · 2 yrs 7 mos · India · On-site

• At SecurityBoat, I lead growth, sales, and market expansion for a platform-led offensive security company focused on helping organizations identify and reduce real-world security risk.
• We are building a continuous security testing approach through PTaaS (Penetration Testing as a Service), enabling teams to move beyond one-time assessments and adopt structured, ongoing security validation aligned with modern development cycles.
• Alongside PTaaS, our work includes deep, attacker-driven penetration testing and red teaming engagements across web, API, cloud, and product environments—focused on identifying vulnerabilities that are truly exploitable in real-world scenarios.
• We also offer a Bug Bounty platform to help organizations design and manage vulnerability disclosure programs (both private and public), allowing them to engage with security researchers in a controlled and scalable manner.
• In parallel, we are developing our Attack Surface Management (ASM) platform (currently in beta), focused on providing continuous visibility into externally exposed assets and evolving attack surfaces.
• Across all engagements, the focus remains consistent:
• Identify exploitable vulnerabilities in live environments
• Help teams prioritize and remediate effectively
• Align security testing with engineering workflows and SDLC practices
• As part of my role, I work closely with founders, CISOs, and engineering leaders—particularly across Europe—to position offensive security as a continuous, risk-focused function rather than a periodic compliance activity.
• I also lead GTM strategy, sales enablement, and market expansion, ensuring that our approach to security is communicated in terms of business risk, impact, and decision-making.

Jul 2022 – Sep 2023 · 1 yr 2 mos · Hybrid

• 🔍 Conduct VAPT and SAT: Perform comprehensive Vulnerability Assessment and Penetration Testing (VAPT) to identify and address security weaknesses in applications, systems, and networks. Conduct Security Assessment and Testing (SAT) to evaluate the effectiveness of security controls.
• 🛠️ Implement SCA and DAST: Utilize Software Composition Analysis (SCA) tools to identify and manage open-source components and their associated security risks. Conduct Dynamic Application Security Testing (DAST) to assess web applications for vulnerabilities during runtime.
• 🛡️ Risk Management: Evaluate potential security risks and threats to the organization's assets and infrastructure. Develop and implement risk mitigation strategies and security controls to reduce exposure to cyber threats.
• 🔒 Vulnerability Management: Lead the Vulnerability Management program, which involves continuous monitoring, scanning, and analysis of systems and applications to identify vulnerabilities. Coordinate with stakeholders to prioritize and remediate vulnerabilities based on their criticality

Jun 2021 – Jul 2022 · 1 yr 1 mo · Pune, Maharashtra, India

• 1. Conducts Vulnerability Assessments & Penetration Tests (VAPT) on client's IT infrastructure based on standard testing methodology using automated tools and manual testing.
• 2. Develop and keep updating organization's Penetration testing checklist for Web, Mobile Apps and IT Infrastructure.
• 3. Create comprehensive assessment report with details of identified vulnerabilities, analysis of the risks by assessment of potential impact and detailed recommendation for all the identified risks.
• 4. Develop and execute plan for organization's CERT-In empanelment Process.
• Tools: BurpSuite Pro, Metasploit, Acunetix, Fortify, Kali Linux, Nessus Professional, NMAP, Wireshark, HPing3 etc.

Jan 2020 – May 2021 · 1 yr 4 mos · Pune, Maharashtra, India

• 1. Perform Vulnerability Assessment & Penetration Testing (VAPT) on Web and Mobile Applications according to OWASP Testing Guide.
• 2. Perform Internal and External Network Vulnerability Assessment on client IT Infrastructures.
• 3. Develop and keep updated internal vulnerability checklist for Penetration Testing and Vulnerability Assessment projects.
• Tools: BurpSuite Pro, Metasploit, Acunetix, Kali Linux, Nessus Professional, NMAP, Wireshark, HPing3 etc.

Jan 2018 – Sep 2019 · 1 yr 8 mos · Pune

• 1. Monitor GTT backbone network using various network FMS tool like IBM Netcool and Nagios.
• 2. Troubleshoot the issue with various layer 2 devices like DSLAM, BPX, MGX, L2 switches and layer 3 network devices like core routers and switches.
• 3. Work on configuration issue related to routing protocols like RIP, EIGRP, OSPF, BGP and network concepts like VLAN, VTP, HSRP, VRRP and GLBP.

Jul 2016 – May 2017 · 10 mos · Pune ,Maharashtra

• "Virtual Dressing Room" based on concept of augmented reality.
• Using Unity 3D tool for UI design and Microsoft Kinect sensor for human body detection.