Shubham Nema

Consultant

Bengaluru, Karnataka, India4 yrs 11 mos experience
Highly Stable

Key Highlights

  • Expert in Vulnerability Assessment and Penetration Testing.
  • Strong hands-on experience in Web and API Security Testing.
  • Passionate about offensive security and ethical hacking.
Stackforce AI infers this person is a Cybersecurity Consultant specializing in Fintech and Application Security.

Contact

LinkedIn

Skills

Core Skills

Vulnerability Assessment (vapt)Web Application Penetration TestingApi Security TestingNetwork Penetration Testing

Other Skills

Vulnerability AssessmentPenetration Testing (VAPT)Web Application SecurityWeb/API security testingMobile pentestingAPI TestingNetwork Security TestingFinTechCompliance AssessmentsRisk FrameworksBFSINEMANISTSatellite Systems EngineeringInformation Security

About

I am a Cybersecurity Consultant with **4.8+ years of experience in Vulnerability Assessment and Penetration Testing (VAPT)**, specializing in identifying and mitigating security risks across **web applications, APIs, and network infrastructures**. Currently working as a **Senior Consultant in Professional Services**, I perform security assessments for organizations across **banking, insurance, e-commerce, and fintech sectors**. My work focuses on discovering real-world attack vectors, validating vulnerabilities, and helping organizations strengthen their overall security posture. I have strong hands-on experience in **Web Application Security Testing, API Security Assessments, Internal and External Network Penetration Testing, Segmentation Testing, and Attack Surface Mapping**. I follow industry-recognized frameworks such as **OWASP Top 10, NIST, and MITRE ATT&CK** to conduct structured and effective security assessments. My technical expertise includes identifying vulnerabilities such as **SQL Injection, Cross-Site Scripting (XSS), IDOR, authentication and authorization flaws, and security misconfigurations**, along with analyzing complex business logic vulnerabilities that automated scanners often miss. I regularly use industry-standard tools including **Burp Suite Pro, Nessus, Nmap, SQLMap, Wireshark, TestSSL, and Kali Linux** to perform both manual and automated testing. 🔹 **Core Skills** • Web Application Penetration Testing • API Security Testing (REST, SOAP, GraphQL) • Network Penetration Testing (Internal & External) • Vulnerability Assessment (VAPT) • Attack Surface Mapping (ASM) • Security Reporting & Risk Analysis I am passionate about **offensive security, ethical hacking, and continuous learning**, and I enjoy collaborating with security professionals and organizations to improve application and infrastructure security. 📩 Open to connecting with cybersecurity professionals, security researchers, and organizations interested in strengthening their security posture.

Experience

4 yrs 11 mos
Total Experience
2 yrs 3 mos
Average Tenure
7 mos
Current Experience

Ultraviolet cyber

Senior Consultant

Nov 2025 – Present · 7 mos · Bengaluru, Karnataka, India · On-site

  • Conduct comprehensive Vulnerability Assessment and Penetration Testing (VAPT) for web applications, APIs, and network infrastructures across banking, insurance, e-commerce, and fintech domains.
  • Perform manual and automated Web Application Security Testing following OWASP Top 10 guidelines using tools such as Burp Suite Pro.
  • Execute API security assessments including RESTful APIs, SOAP services, and GraphQL endpoints to identify vulnerabilities and business logic flaws.
  • Conduct internal and external network penetration testing, including testing in CDE and non-CDE environments.
  • Perform segmentation testing and Attack Surface Mapping (ASM) to identify security gaps and improve network security posture.
  • Identify critical vulnerabilities such as SQL Injection, XSS, IDOR, Authentication & Authorization flaws, and security misconfigurations, and provide remediation recommendations.
  • Utilize industry-standard tools including Burp Suite Pro, Nessus, Nmap, SQLMap, Wireshark, TestSSL, and Kali Linux during security assessments.
  • Prepare detailed technical reports and risk assessments with actionable remediation steps for development and security teams.
  • Collaborate with clients and internal teams to validate vulnerabilities, support remediation efforts, and ensure security compliance.
  • Deliver technical presentations and security insights to stakeholders while consistently meeting project timelines and quality standards.
Vulnerability AssessmentPenetration Testing (VAPT)Web Application SecurityVulnerability Assessment (VAPT)Web Application Penetration Testing

Black duck

2 roles

Professional Services Consulting, Senior Consultant

Mar 2025 – Mar 2026 · 1 yr · Bengaluru, Karnataka, India · Hybrid

Web/API security testingMobile pentestingWeb Application Penetration TestingAPI Security Testing

Profesional services consulting, Consultant

Nov 2024 – Mar 2026 · 1 yr 4 mos · Bengaluru, Karnataka, India · Hybrid

Synopsys inc

2 roles

Professional Services Consulting,Consultant

Promoted

Feb 2024 – Oct 2024 · 8 mos · Hybrid

  • Network Security & Assessment: Conduct internal and external security assessments, attack surface mapping, and segmentation to enhance overall cybersecurity.
  • Vulnerability Assessment & Penetration Testing (VAPT): Perform in-depth web and API security testing to identify vulnerabilities and strengthen security postures.
  • Risk Mitigation & Compliance: Analyze security gaps, provide remediation strategies, and ensure compliance with industry standards.
  • Security Troubleshooting: Handle and resolve security-related issues efficiently, ensuring minimal downtime and risk exposure.
  • Collaboration & Reporting: Work closely with teams to improve security frameworks and deliver timely, detailed reports for informed decision-making.
API TestingWeb Application SecurityVulnerability Assessment (VAPT)Web Application Penetration Testing

Security Service Associate

Jun 2021 – Oct 2024 · 3 yrs 4 mos · Hybrid

  • Experienced In Network(Internal, External, segmentation and attack surface discovery) and Web Testing.
  • Work for more than 15 clients and 100+ assessments
Vulnerability AssessmentPenetration Testing (VAPT)Network Security TestingVulnerability Assessment (VAPT)Network Penetration Testing

Education

CDAC Bangalore

PG Diploma

Jan 2020 – Jan 2021

Oriental Institute of Science & Technology

Bachelor of Engineering - BE — Electrical and Electronics Engineering

Jan 2014 – Jan 2018

Govt.School of Excellence Narsinghpur

12th — Mathematics science

Jan 2009 – Jan 2014

Stackforce found 100+ more professionals with Vulnerability Assessment (vapt) & Web Application Penetration Testing

Explore similar profiles based on matching skills and experience

MS

Mohammed Mohiuddin Shariff

Product Security Engineer

at Groww

Bengaluru, India8 yrs 10 mos exp
CybersecurityWeb Application Security
SS

Siddhant Sawalka

Offensive Security Services, Senior Consultant

at UltraViolet Cyber

Bengaluru, India5 yrs 10 mos exp
Web Application Security TestingAPI Security Testing
VA

Vinay Ankalkoti

Security Consultant

at Kroll

Bengaluru, India6 yrs 10 mos exp
PM

Peyton Murray

GTM & ADR

at Oligo Security

Boston, USA5 yrs 7 mos exp
Application SecurityCybersecurity SalesVulnerability Management
AR

Aditya Raj

Offensive Security Services (OSS)

at UltraViolet Cyber

Bengaluru, India1 yr 7 mos exp
Static Application Security Testing (SAST)Web Application SecurityBlokchain securitySmart ContractsVulnerability Assessment
Akansh Kumar

Akansh Kumar

Software Engineer

at Blue Yonder

Tempe, United States5 yrs exp
.NET FrameworkJavaKubernetesAPI DevelopmentPerformance Testing
Hritik Talwatkar

Hritik Talwatkar

Senior Member of Technical Staff

at Siemens EDA (Siemens Digital Industries Software)

Bengaluru, India2 yrs 2 mos exp
Software DevelopmentFPGA prototypingNetworking
Abhay Sati

Abhay Sati

Senior Security Consultant

at UltraViolet Cyber

Bengaluru, India2 yrs 11 mos exp
Application Security ArchitectureSecurity ImplementationSCASASTPenetration Testing