WORK HISTORY

Team Lead (SecurityTesting) at ValueMentor | 05/2021-04/2023

  • Led a team of five security analysts as a subject matter expert in application security by performing VAPT and QA.
  • Performed automated secure code review for 20+ applications.
  • Performed over 2100 hours of Web VAPT for GCC, UK , US and Indian clients.
  • Performed over 1300 hours of iOS and Android VAPT for GCC client in fintech, insurance and healthcare sector.
  • Responsible for organising up-skilling programs to enhance the team skillset.
  • Trained and onboarded a team of 5 subject matter resources to ensure delivery quality and consistency. • Led over 50+ engagements as SPOC by supporting various stages of an engagement,
  • Scoping & Kickoff
  • Pentesting & Service Delivery
  • ClientInteractions
  • Worked as a program manager for the CEO office driving various programs of CEO office,
    • Designed, developed, and implemented a comprehensive employee performance appraisal framework for the organization.
    • Worked closely with Marketing, Finance, Operations and HR departments to ensure seamless execution of several programs.
    • Responsibly composed and implemented an employee recognition program for recognising employee contributions and achievements.
    • Coordinated participation in a major international event. This involved working with stakeholders across different phases.
    • Worked closely with the leadership team to for tracking annual goal progress.

Security Analyst at Ernst & Young | 09/2019-02/2020

  • Designed modules and trained internal team on penetration testing.
  • Performed internal network testing for clients in Europe and Asia.
  • Identified vulnerabilities in backend webservice endpoints.
  • Responsible for identifying vulnerabilities in web applications.
  • Conducted periodical testing in mobile applications.
  • Performed client level interactions for providing mitigation support.
  • Conducted physical security audit.

Freelance Security Consultant | 08/2017-09/2019

  • Responsible for conducting vulnerable assessments and penetration testing on applications and networks as per requirements.
  • Conducted training programs for business unit managers,IT development team and students.

SKILLS

  • Web Security
  • Network Security
  • Mobile App Security
  • Threat Modelling
  • Vulnerability Managements
  • Active Directory Assessments
  • Automated Secure Code Review
  • Python
  • Leadership
  • Training
  • ProjectManagement
  • EthereumSmartContracts

CERTIFICATION

  • Certified Ethereum Developer
  • Secret Management in Python (Practitioner Level)

ACHIEVEMENTS

  • Elite Hacker - Hack The Box
  • 1000+ reputation in Stackoverflow
  • Delivered talk on Spear phishing and trojans at ISACA Cochin Chapter 2016.
  • Former Asst. Commander (Volunteer) - Kerala Police Cyberdome.
  • Co-founded 0SecCon (Open Security Community)

CONTRIBUTIONS