I am a software developer at heart who loves looking at code through a security lens. I have hands-on experience with secure code reviews and threat modeling, and I love everything bug bounty and penetration testing (OSCP soon!). I enjoy giving back to the security community through open-source contributions. You can find my work on Github. If my work interests you, feel free to connect with me on Linkedin.
I am currently on the lookout for technical and hands-on application or offensive security engineering roles in the United States.
Entegris Inc.
June 2023 - December 2023Responsible for handling security incidents and proactively staying updated on latest threat intelligence. In addition, I created specialized SOPs to enhance the company's response processes to real-world scenarios.
Northeastern University
January 2023 - April 2023Conducted lab sessions, graded assignments and assisted graduate students throughout the spring 2023 semester for the Foundations of Information Assurance (CY 5010) course at Khoury College of Computer Sciences, Northeastern University.
Oracle Corporation (Bengaluru, India)
June 2019 - July 2022Escalation Management Application (EMA): Gathered customer requirements, designed POCs and delivered 150+ enhancements and bug fixes for a robust tool used to track Escalations across 40+ Oracle products.
Publicis.Sapient (Bengaluru, India)
Feb 2019 - May 2019Bookstore Management Application: Worked on the user interface for a multipage Bookstore Management application and carried out Static Application Security Testing to identify and resolve potential security flaws in the source code.
Bharatiya Nabhikiya Vidyut Nigam Ltd. (Chennai, India)
May 2017 - July 2017Prototype Manipulator: Executed an automation project involving calibration and integration of sensors and actuators on a logic board. Developed a user friendly GUI to control inputs to the prototype.
Khoury College of Computer Sciences, Northeastern University (Boston, MA)
September 2022 - May 2024 (Expected)BMS College of Engineering (Bengaluru, India)
August 2015 - May 2019Executed thorough passive reconnaissance on a top tier gaming peripheral
company and analyzed potential attack surfaces that could be used by an attacker.
Tools used: Spiderfoot, Shodan, Wappalyzer, TheHarvester, dnsdumpster
Gained foothold on given vulnerable machine using known exploits and escalated to root user privileges. Tools used: Metasploit, Nmap, BurpSuite
Studied and presented a case study of a data breach at a social media company that occurred in early 2019. Analyzed a different approach to the post breach scenarios.
Programmed a cryptographic system using Bash with which users can digitally sign, encrypt and share files among multiple users.
Setup a virtual machine to act as a firewall, DNS resolver and router for a host machine to be able to communicate with the internet
More on the way..!
C/C++, Python, Go, Java, Bash, Javascript
Microsoft E5, Secureworks Taegis XDR, TrendMicro Vision One, Tenable, MISP
HTML5, Bootstrap, React.js
Spring MVC, Hibernate ORM, RESTful APIs, Postman
BurpSuite, Wireshark, Metasploit, Nmap, Shodan, Censys, pfSense, OpenSSL, Autopsy, CrypTool
Docker, Kubernetes, Terraform, Jira, Confluence, Git
In addition to the above mentioned skills, I have taken the following courses to further hone my skillset
Offensive Security Certified Professional (OSCP) work in progress
HackTheBox Academy Pentester Path
eLearnSecurity Junior Penetration Tester v2 certification
Practical Ethical Hacker
Cryptography and Network Security, Cyber Incident Response and Digital Forensics, Threat Modeling, Penetration Testing Essential Learning
AWS Certified Developer training