Back to Developers
Kavya C

Kavya C

Analyst

80
Profile Score

About

Total 5.7 years Of Experience and 4+ years of experience in security testing (Web applications, Mobile Applications, Api, Network, Cloud) Conducted vulnerability assessment of multiple servers and network devices. Assisting in review of business solution architectures from security point of view which helps avoiding security related issues/threats at the early stage of project Covertly and verifying vulnerabilities to eliminate false positives Learned Agile environment based on CI/CD and using development approach. Skilled using Various Tools for web application penetration tests such as Burp Suite, OWASP ZAP, Wireshark, Nmap, Nessus. Proficient in understanding application-level vulnerabilities like XSS, SQL Injection, authentication bypass, weak cryptography, Session Management, etc. Skilled in executing OWASP top 10 test cases. I learned application architecture review form few projects. Mentoring and training the team members/interns on application vulnerability assessment Publishing monthly dashboards, taking follow up for closure of vulnerabilities. Manual web application penetration testing using Burp Suite. I am proficient in identifying application-level vulnerabilities like XSS, SQL Injection, CSRF, IDOR, Authentication & Authorization bypass and Cryptographic flaws etc. False positives removal by analyzing the results from automated scanners. Reporting the vulnerabilities with evidence, business impact and remediation steps. Used Nessus and Nmap to perform network wide security assessments. Provided details of the issues identified and the remediation plan for the stakeholders. Using standards like CVSS (Common Vulnerability Scoring System) to provide the severity (Critical, High, Medium, Low) rating to the vulnerabilities identified. Reporting the identified issues in the industry standard framework. Learned security assessments (Web Based Applications, Web services, Penetration Testing and Vulnerability Assessment.) Update with the new hackings and latest vulnerabilities to ensure no such loopholes are present in the existing system. A self-starter with a positive attitude, willingness to learn new concepts and accept challenges.

Skills & Expertise (34)

Burp Suite Pro Advanced
8.9/10
3.7
Years Exp
OWASP ZAP Advanced
8.1/10
3.7
Years Exp
AWS Intermediate
8.0/10
3.7
Years Exp
Postman Intermediate
7.5/10
3.7
Years Exp
SonarQube Intermediate
7.2/10
3.7
Years Exp
OWASP Top 10 Mobile Application API Network CLOUD SAST DAST Jenkins SANS 25 XSS SQL Injection CSRF IDOR Authentication & Authorization Bypass Cryptographic Flaws Web Application Veracode Appscan Work Audit Bench Metasploit WIRESHARK Fortify Nessus Nmap Web-inspect Frida Rapid7 Qualys SOAP UI

Work Experience

Associate

ALIENS

Mar 2022 - Dec 2022

Conducted web application penetration testing on business applications. Perform infrastructure security assessments by analyzing the networks, enumeration of services on hosts and identify vulnerabilities. Exploitation of identified vulnerabilities in network hosts by using existing exploits or manual methodologies. Manual web application penetration testing using Burp Suite. False positives removal by analyzing the results from automated scanners. Reporting the vulnerabilities with evidence, business impact and remediation steps. Responsible for timely delivery of status updates and final reports to clients. Work closely with developers and network/system administrators while fixing the findings. Vulnerability management by keeping track of reported issues and ensuring fixing.

Analyst

DELOITTE

Jan 2023 - Present

Conducted web application penetration testing on business applications. Perform infrastructure security assessments by analyzing the networks, enumeration of services on hosts and identify vulnerabilities. Exploitation of identified vulnerabilities in network hosts by using existing exploits or manual methodologies. Manual web application penetration testing using Burp Suite. I am proficient in identifying application-level vulnerabilities like XSS, SQL Injection, CSRF, IDOR, Authentication & Authorization bypass and Cryptographic flaws etc. False positives removal by analyzing the results from automated scanners. Reporting the vulnerabilities with evidence, business impact and remediation steps. Responsible for timely delivery of status updates and final reports to clients. Work closely with developers and network/system administrators while fixing the findings. Vulnerability management by keeping track of reported issues and ensuring fixing.

Education

MBA - Dhruva College of Management

- 2021 · Afghanistan

Interested in this developer?

Profile Score Breakdown

📷 Photo 10/10
📄 Resume 10/10
💼 Job Title 10/10
✍️ Bio 10/10
🛠️ Skills 20/20
🎓 Education 10/10
⏱️ Experience 5/15
💰 Rate 0/5
🏆 Certs 0/5
Verified 5/5
Total Score 80/100

Profile Overview

Member sinceMar 2026

Availability Details

Visa Status

Need Sponsorship

Relocation

Open to Relocation

Skills (34)

Burp Suite Pro OWASP ZAP AWS Postman SonarQube OWASP Top 10 Mobile Application API Network CLOUD +24 more

Similar Profiles

Shrinithi V

Shrinithi V

Analyst

$100/hr Ranveer Singh

Ranveer Singh

Analyst

preethi kurella

preethi kurella

Analyst

Tanaajee w

Tanaajee w

Analyst

View All Developers →