$ cat experience.txt

Check My experience

Professional Experience

Senior Information Security Consultant

09/2021 – Present

qSEAp Infotech Pvt. Ltd

  • Performing and reporting application audits, Vulnerability Assessments/Penetration Testing for IT infrastructure including network devices, operating systems, databases, applications, etc.
  • Conducting application security testing ( manual + automated) , source code review, and providing the recommendations toward the mitigation of vulnerabilities.
  • Black/Grey box testing on Web, Mobile, API and Thick client applications.
  • Developing scripts, framework and custom codes to automate scans using open source tools.
  • Conducting External/internal vulnerability assessment.
  • Recommending corrective measures and ensure the adequacy of existing information security controls.
  • Developing risk remediation plans and security procedures.

Full Stack Developer

06/2019 – 06/2021

Mastertech Web Applications LLP

  • Worked on PHP, MySQL, Jquery & JavaScript to build/customize web applications.
  • Created new web portals using open-source content management systems (CMS) like WordPress and customized them for the required functionalities.
  • Build Android, iPhone, Hybrid Apps for required functionalites/projects.
  • Setup and Configured websites on hosting platforms like Namecheap, Siteground, and other similar cloud hosting providers.
  • Migrated Websites from One Hosting Platform to Another.
  • Designed and developed custom PHP/MySQL based web services or web components for the required functional specifications.
  • Analyzed existing 3rd party free/commercial PHP based wordpress plugins and customized them to enable integration with wordpress based web sites, web portals or web services.
  • Developed and customized plugins/modules for a specific web functionalities or form processing.
  • Reviewed business requirements and researched for available 3rd party softwares or solution providers - for implementation or integration with an existing web services/portals.
  • Developed custom automation/reporting systems for data elements and cross-functional web services.
  • Worked on Blockchain technologies and cryptocurrencies and developed dApps for the same.

Security Researcher

07/2018 – Present

Hackerone, Bugcrowd, Intigriti, Bugbounty.jp, YesWeHack

  • Conducting systematic application security assessments and penetration tests. The assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools.
  • Creating Proof of Concept (PoC) for the vulnerability findings and creating formal reports.
  • Recommending corrective measures and ensure the adequacy of existing information security controls.

Freelancing

08/2017 – 02/2018

Indian Navy - Colaba

  • System hardening to reduce security risk by eliminating potential attack vectors and to condense the system’s attack surface.
  • Auditing, Identifying and Controling potential security vulnerabilities throughout the organization.

Intern - VAPT Analyst

08/2016 – 02/2018

Technotronics Global Security Solution Pvt. Ltd.

  • Worked on various VAPT projects such as Web-Apps, Mobile Apps, and Network Security.
  • Conducted onsite Penetration Test Cases.
  • Helped onboard new members by training them.

Education

B.E Computer Science and Engineering

06/2015 – 05/2019

Datta Meghe College of Engineering (DMCE), Airoli