About
Certified Ethical Hacker (CEH v13) and ISO 27001:2022 Lead Auditor with hands-on experience in Red Team engineering, Security Operations Center (SOC) monitoring, Purple Team collaboration, Vulnerability Assessment and Penetration Testing (VAPT), IT Audit, and regulatory compliance. Skilled in adversary simulation, web and API security testing, privilege escalation, detection engineering, SIEM monitoring (Wazuh), incident response, vulnerability management, and compliance implementation aligned with MITRE ATT&CK, OWASP, NIST, PTES, RBI guidelines, and DPDP Act & Rules 2025. Experienced in drafting detailed technical and executive-level security reports for stakeholders and company directors to support strategic risk decisions.
Skills & Expertise (60)
Work Experience
Cybersecurity Analyst
Laxmi India Finance Ltd. (NBFC)
Mar 2025 - Present
Conduct Red Team–style Vulnerability Assessment and Penetration Testing (VAPT) on internal systems, APIs, and third-party applications. Perform white-box penetration testing on PHP-based web applications. Execute OSINT and reconnaissance using Shodan, Recon-ng, Subfinder, Whois, Dnsrecon, Dirb, Netcraft, Wappalyzer, and Wayback Machine. Perform exploitation, including SQL injection, authentication bypass, privilege escalation, and post-exploitation validation. Conduct adversary simulations mapped to the MITRE ATT&CK framework. Perform Security Operations Center (SOC) monitoring using Wazuh SIEM for log analysis, real-time threat detection, and incident correlation. Develop detection rules and support threat hunting initiatives. Design and execute Purple Team exercises to validate detection coverage and improve incident response effectiveness. Author incident response playbooks for ransomware, phishing, and insider threat scenarios. Develop cybersecurity policies (encryption, endpoint security, data protection, business continuity) aligned with ISO 27001 and RBI guidelines. Successfully implemented the DPDP Act and DPDP Rules 2025 across the NBFC environment. Conduct vendor risk assessments for Loan Management System (LMS) and Loan Origination System (LOS). Implement phishing simulation campaigns and dark web monitoring strategies. Prepare comprehensive technical VAPT reports and executive-level risk summaries for senior management, stakeholders, and board directors. Present security findings, risk ratings, and remediation roadmaps to support informed strategic decision-making. Active member of the Cybersecurity Incident Response Team.
Network Engineer Intern
Scogo Networks Pvt. Ltd. (SBI Life Insurance)
Mar 2023 - Apr 2023
Carried out network health checks and server maintenance for 1000+ users. Provided Level-1 technical support for network and security issues. Assisted in branch-level security hardening.
Education
Bachelor of Technology – Computer Science Engineering - Arya College of Engineering, Jaipur
2021 - 2025 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
