Jan 2023 – Dec 2023 · 11 mos · Remote

• Researching new cyber security attack vectors in cyber security.
• Designing educational exercises to enhance developers' security knowledge for Kontra Application Security (https://application.security/).
• Coding and developing these educational exercises for hands-on learning.

Jan 2020 – Dec 2023 · 3 yrs 11 mos · Remote

Nov 2018 – Jan 2020 · 1 yr 2 mos

• Headed and mentored a team of 7 security engineers.
• Collaborated with cross-functional teams (development, operations, QA, etc.) to ensure product security.
• Provided expert guidance in security architecture and design principles to engineering teams.
• Provided training and mentorship to other engineers on security best practices, tools, and processes, reaching over 1,000 developers in Indonesia, Singapore, and India.
• Developed secure coding guidelines and ensured products were built from the ground up with security in mind.
• Led the identification, assessment, prioritization, and remediation of security vulnerabilities in products.
• Oversaw penetration testing and security assessments, ensuring identified vulnerabilities were addressed in a timely manner.
• Led the technical response during security incidents related to products, coordinating with other teams to mitigate threats.

Oct 2017 – Nov 2018 · 1 yr 1 mo · Bengaluru, Karnataka, India

• Integrated solutions to detect and prevent security flaws in code and infrastructure.
• Conducted thorough source code reviews to identify and address potential security vulnerabilities and flaws.
• Assisted the pre-sales team by responding to security questionnaires and providing expert insights to prospective clients.
• Managed and oversaw the bug bounty program, addressing reported vulnerabilities and coordinating with researchers.
• Conducted vendor risk analyses to evaluate and ensure third-party services and products met the company's security standards.
• Worked on cloud security measures, implementing best practices and tools to secure cloud infrastructure and applications.

Apr 2017 – Present · 9 yrs

• Project details: https://igoatapp.com/
• Adding the latest iOS vulnerabilities to iGoat
• Coordinating with developers and security professionals from all over the world
• Adding defense in depth for iGoat
• Presenting iGoat in worldwide conferences

Sep 2016 – Present · 9 yrs 7 mos · Remote

• Leading a global team to carry out penetration tests on different systems and technologies.
• Performing security checks on web, network, mobile, API, and cloud platforms to identify and manage risks.
• Acting as the primary point of contact for clients, managing expectations, and ensuring clear communication of pentest findings through comprehensive reports

Feb 2016 – Oct 2017 · 1 yr 8 mos · Bengaluru, Karnataka, India

• Conducted web application security assessments to identify potential vulnerabilities and recommend mitigation strategies.
• Performed security assessments on mobile applications across Android and iOS platforms, pinpointing weaknesses related to data leakage, insecure storage, and insecure communication.
• Executed network security assessments, focusing on potential entry points, weak configurations, and outdated protocols.

Mar 2015 – Present · 11 yrs 1 mo

• One of the top mobile security researcher worldwide
• Reporting high severity and quality vulnerabilities

Jun 2013 – Dec 2015 · 2 yrs 6 mos · Pune/Pimpri-Chinchwad Area

• Worked on RFPs to outline the scope of security engagements, detailing methodologies, deliverables, and timelines.
• Assisted in the preparation of proposals, ensuring they met client requirements and complied with industry best practices.
• Developed and integrated security automation tools to streamline vulnerability detection and reporting processes.
• Worked with development teams to embed security checks within CI/CD pipelines, reducing manual effort and enhancing security coverage.
• Assisted in incident response activities, collaborating with teams to contain and mitigate potential security breaches.
• Conducted post-incident reviews to identify root causes and recommend preventive measures