Guhan Kandhavel

Cyber Security Analyst

Bengaluru, India

Profile Score

About

Cyber Security Analyst with professional experience in Vulnerability Assessment and Penetration Testing (VAPT), incident response, and security monitoring within enterprise environments. Proven hands-on expertise in web application, network, and Active Directory security testing, vulnerability validation, and remediation tracking. Experienced in aligning security assessments with OWASP, NIST, ISO/IEC 27001, and MITRE ATT&CK frameworks to reduce organizational risk and strengthen security posture.

Skills & Expertise (31)

Web Application VAPT Expert

9.1/10

Years Exp

Network VAPT Advanced

8.8/10

Years Exp

OWASP ZAP Advanced

8.4/10

Years Exp

Burp Suite Advanced

8.4/10

Years Exp

Snort Cisco Packet Tracer John the Ripper Aircrack-ng SolarWinds WIRESHARK Volatility MITRE ATT&CK Iec 27001 Iso NIST OWASP Splunk Windows Ubuntu Kali Linux File Upload Vulnerabilities SSRF IDOR CSRF XSS SQL Injection OWASP Top 10 Metasploit Nikto Nmap Nessus

Work Experience

Cyber Security Analyst

JoulestoWatts – Client: Robert Bosch

Feb 2025 - Present

Executed Web, Network, and Active Directory penetration testing across internal and external enterprise environments in alignment with OWASP and NIST guidelines. Identified, validated, and documented SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Insecure Direct Object References (IDOR), Server-Side Request Forgery (SSRF), authentication, and configuration vulnerabilities. Reduced false positives by ~25% through manual verification of automated scan results generated using Nessus, Nmap, Burp Suite, and OWASP ZAP. Performed Active Directory security assessments, uncovering misconfigurations related to weak password policies, excessive privileges, legacy protocols, and insecure Kerberos settings. Conducted controlled AD attack simulations including password spraying, Kerberoasting, AS-REP roasting, privilege escalation, and lateral movement in lab and test environments. Authored comprehensive VAPT reports including CVSS-based risk ratings, proof-of-concept evidence, business impact analysis, and prioritized remediation guidance. Collaborated with application, infrastructure, and IAM teams to retest fixes, improving vulnerability closure timelines and reducing repeat findings. Supported incident response and SOC operations through Splunk-based SIEM log analysis, root cause investigation, and post-incident documentation.

Education

Bachelors of Technology Computer Science and Engineering - Amrita Vishwa Vidyapeetam

2020 - 2024 · Afghanistan

Certifications

No certifications added yet

Interested in this developer?

Profile Score Breakdown

📷 Photo 10/10

📄 Resume 10/10

💼 Job Title 10/10

✍️ Bio 10/10

🛠️ Skills 20/20

🎓 Education 10/10

⏱️ Experience 5/15

💰 Rate 0/5

🏆 Certs 0/5

✅ Verified 5/5

Total Score 80/100

Profile Overview

Member sinceMar 2026

Skills (31)

Click a skill to find developers with the same skill

Web Application VAPT Network VAPT OWASP ZAP Burp Suite Snort Cisco Packet Tracer John the Ripper Aircrack-ng SolarWinds WIRESHARK +21 more

Similar Profiles

Asad Babu

Cybersecurity Analyst

Sai Battala

Cyber Security Student

Rakesh Radhakrishnan

Security Analyst

Santhosh Raj Adabala

Security Engineer

View All Developers →