About
Professional with almost 10 years of experience in IT and skilled VA/PT with 5+ years of professional experience in Enterprise security management with hands-on experience in vulnerabilities assessment, vulnerabilities management, vulnerabilities remediation and penetration testing.
Skills & Expertise (25)
Work Experience
Vulnerability Assessor / Penetration Tester
CRM Services India Pvt. Ltd.
November-2017 - May-2025
Conducted comprehensive web and mobile application penetration testing (Android & iOS), applying both Static (SAST) and Dynamic (DAST) analysis techniques. Leveraged tools such as Burp Suite, OWASP ZAP, SQLMap, AppScan, and Acunetix for identifying vulnerabilities in enterprise-grade web applications. Performed API and Web Services testing to identify insecure endpoints, improper authentication, and data leaks. Prepared detailed step-by-step PoC reports and coordinated with application vendors to drive effective remediation. Adhered to security best practices, referencing OWASP Top 10 and SANS 25, performing black-box and grey-box testing scenarios. Worked under defined SDLC processes, contributing security inputs during pre-production testing and go-live assessments.
Infrastructure Security Specialist
Employer 1 & 2
January-2015 - October-2017
Led infrastructure vulnerability management initiatives, assessing internal and external networks using tools like Nessus, Nexpose, Qualys, and NMAP. Managed the remediation lifecycle of millions of vulnerabilities, working closely with patch management teams to eliminate critical exposures. Implemented periodic risk assessments for enterprise IT environments, focusing on configuration weaknesses, open ports, outdated protocols, and misconfigurations. Utilized Kali Linux, Metasploit, Exploit-DB, and ZENMAP to simulate real-world attacks and evaluate defense mechanisms. Generated and presented executive-level reports highlighting risk metrics, trends, and remediation status to internal security leadership and stakeholders.
Security Consultant / Client Focal Point
Employer 2
Current Project-1.5 - Present
Acted as Focal Point of Contact for a key client in the banking domain to manage penetration testing, governance, and risk compliance engagements. Specialized in regulatory frameworks such as PCI-DSS and HIPAA, aligning security operations with enterprise compliance requirements. Coordinated annual penetration testing and go-live security assessments, engaging vendors and third-party application owners. Led security reviews, risk classification, and issue resolution efforts in coordination with developers, ensuring effective patching and secure deployment. Provided strategic guidance to the client's internal teams and reported directly to the CISO, contributing to high-level decision-making on infrastructure risks. Delivered well-documented risk assessment and penetration testing reports using Microsoft Word, Excel, and PowerPoint for audit and compliance records.
Education
B. Tech in Information Technology
2009 - 2013 · India
Higher Secondary Certificate (HSC)
2007 - 2009 · India
Secondary School Certificate (SSC)
2005 - 2007 · India
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Current Company
CRM SERVICES Pvt. Ltd
Notice Period / Can Join
Immediately
Skills (25)
Similar Profiles
Siddh Patel
Vulnerability Assessment and Penetration Testing (VAPT) professional
Sonam Diwate
Vulnerability Assessment Analyst
OM PATIL
Vulnerability Assessment & Penetration Testing (VAPT) Analyst
Mohan Thadakara
Penetration Tester | Ethical Hacking & Vulnerability Assessment | Network Security | Web Application Security