Anurag Tiwari — Product Manager

A results-driven cybersecurity professional with over a year of experience specializing in web application and API security. I specialize in going beyond automated scans to find critical business logic and API vulnerabilities that other tools miss. Using my expertise with Burp Suite Professional, Nessus, and Qualys WAS, I've consistently identified and reported security flaws that could have led to significant data exposure. My biggest wins include working directly with developers to ensure swift remediation, turning a list of vulnerabilities into a strengthened, resilient application. What sets me apart is my ability to translate technical risk into clear business impact. I excel at creating detailed reports and presenting findings to both technical and non-technical leaders, securing buy-in for security initiatives and fostering a culture of "secure by design." My passion for this field drives me to continually expand my skills; I’m actively learning cloud security, manual code review, AI security and red teaming in my free time to stay ahead of the curve. I am driven by the challenge of outthinking modern threats and protecting digital assets. I am seeking a team where I can apply my hands-on expertise and proactive problem-solving to build more resilient and secure systems.

Stackforce AI infers this person is a Cybersecurity professional specializing in web application and API security.

Location: Hyderabad, Telangana, India

Experience: 1 yr 10 mos

Skills

Application Security
Web Application Security Assessment
Cyber Security
Cybersecurity
Ethical Hacking
Team Management

Career Highlights

Expert in identifying critical API vulnerabilities.
Skilled in translating technical risks into business impact.
Proactive in learning emerging security technologies.

Work Experience

Deloitte

Application Security Analyst (10 mos)

Advisory Analyst Trainee (1 yr)

iAspire Mind Foundation

Security Trainee (5 mos)

Technical Board IIIT Bhagalpur

Secretary HackElite (Official Cybersecurity Club) Technical Board, IIIT Bhagalpur (1 yr 1 mo)

Secretary HackElite (Official Cybersecurity Club) Technical Board, IIIT Bhagalpur (5 mos)

Cyber Security Lead (1 yr 5 mos)

Virtually Testing Foundation

Cyber Security Engineer (Intern) (2 mos)

DigiLocker

Security Testing Intern (2 mos)

IIIT Bhagalpur

Tarang coordinator @ Artificium, Board of Cultural Activities (1 yr 5 mos)

Cyber Security Club DSC-IIIT Bhagalpur

Co Lead (2 mos)

Education

Bachelor of Technology - BTech at Indian Institute of Information Technology Bhagalpur

High School Diploma at Jawahar Navodaya Vidyalaya,Basdei, Surajpur

Anurag Tiwari

Product Manager

Hyderabad, Telangana, India1 yr 10 mos experience

Most Likely To SwitchAI Enabled

Key Highlights

Expert in identifying critical API vulnerabilities.
Skilled in translating technical risks into business impact.
Proactive in learning emerging security technologies.

Stackforce AI infers this person is a Cybersecurity professional specializing in web application and API security.

Contact

Skills

Core Skills

Application SecurityWeb Application Security AssessmentCyber SecurityCybersecurityEthical HackingTeam Management

Other Skills

API TestingAWSAWS CLIAWS SecurityAmazon Web Services (AWS)Api securityApplication Security AssessmentsArtificial IntelligenceArtificial Intelligence (AI)AzureAzure CLIAzure SecurityBroken Access ControlBurp SuiteC (Programming Language)

About

Experience

1 yr 10 mos

Total Experience

1 yr 10 mos

Average Tenure

1 yr 10 mos

Current Experience

Deloitte

2 roles

Application Security Analyst

Promoted

Aug 2025 – Present · 10 mos · Hyderabad, Telangana, India

Identified and prioritized critical vulnerabilities in web applications and APIs by performing manual penetration tests and leveraging automated DAST and SAST tools, including Burp Suite Professional, Qualys WAS, Web Inspect and Nessus.
Contributed to a more secure SDLC by collaborating with developers to remediate security flaws, reducing the application's attack surface.
Authored and presented detailed, risk-assessed reports to technical teams and leadership, translating complex security findings into clear business risks and driving remediation efforts.
Conducted targeted security assessments to uncover complex business logic flaws and authentication bypasses that automated tools failed to detect.

Web Application Security AssessmentMicrosoft OfficeTeam ManagementApplication SecurityCloud SecurityApplication Security Assessments

Advisory Analyst Trainee

Aug 2024 – Aug 2025 · 1 yr · Hyderabad, Telangana, India

As an Advisory Analyst at Deloitte, I have contributed my Cyber Security skills to the Cyber Applications Team, enabling us to create impactful solutions for clients and society.
Conducted thorough analysis of cyber threats and vulnerabilities to develop proactive security measures.
Implemented innovative strategies to enhance data protection and mitigate risks in client systems.
Collaborated with cross-functional teams to ensure the successful implementation of security measures.

Microsoft OfficeBurp SuiteApplication SecurityCyber securityCyber Security

Iaspire mind foundation

Security Trainee

Jan 2024 – Jun 2024 · 5 mos · Bhubaneswar, Odisha, India

LinuxWindowsMicrosoft OfficeTeam ManagementBurp SuitePython (Programming Language)+15

Technical board iiit bhagalpur

3 roles

Secretary HackElite (Official Cybersecurity Club) Technical Board, IIIT Bhagalpur

Jan 2023 – Feb 2024 · 1 yr 1 mo · Bhagalpur, Bihar, India

Microsoft OfficeEthical HackingCloud ComputingCyber securityInformation SecuritySocial Engineering

Secretary HackElite (Official Cybersecurity Club) Technical Board, IIIT Bhagalpur

Jan 2023 – Jun 2023 · 5 mos · Bhagalpur, Bihar, India

Microsoft OfficeEthical HackingCloud ComputingCyber securityInformation SecuritySocial Engineering

Cyber Security Lead

Jan 2022 – Jun 2023 · 1 yr 5 mos · Bhagalpur, Bihar, India

Encouraged, persuaded, managed new joiners and developed training plan after reseaching and analysed their performance for enhancing their skills.
Presented and organiased talks on several topics in the annual fest.
Managed multiple initiatives while delivering continuous support to the core team members.

Team ManagementPython (Programming Language)Ethical HackingTime ManagementCloud ComputingCommunication+2

Virtually testing foundation

Cyber Security Engineer (Intern)

May 2022 – Jul 2022 · 2 mos · Remote

👉 Learnt core aspects of cyber security like OSINT, MITRE ATTACK, NIST Framework, Splunk, Pentesting methodology, Android Security, WAPT, Pfsense firewalls, Active Directory,Cloud Concepts, etc.
👉 Learnt the professional etiquette of the corporate world like professional communication, email writing, presentation making, time management, etc.
👉 Learnt the importance of internship and ways to increase networking in the industry.

Networking

Digilocker

Security Testing Intern

Apr 2022 – Jun 2022 · 2 mos · Remote

👉 Learnt and performed Vulnerability Scanning and its assessment.
👉 Learnt the core aspects of WAPT, & gained hands on experiences with industry renowned tools like Burpsuite, Owasp Zap, Nmap, Postman, etc.
👉 Learnt manual testing in the websites for security bugs.
👉 Learnt the professional ethics of corporate world like report writing, professional communication, time management,etc.

Networking