$ whoami:

Parag Ahire

Senior Information Security Consultant

09/2021 – Present

qSEAp Infotech Pvt. Ltd

• Performing and reporting application audits, Vulnerability Assessments/Penetration Testing for IT infrastructure including network devices, operating systems, databases, applications, etc.
• Conducting application security testing ( manual + automated) , source code review, and providing the recommendations toward the mitigation of vulnerabilities.
• Black/Grey box testing on Web, Mobile, API and Thick client applications.
• Developing scripts, framework and custom codes to automate scans using open source tools.
• Conducting External/internal vulnerability assessment.
• Recommending corrective measures and ensure the adequacy of existing information security controls.
• Developing risk remediation plans and security procedures.

Full Stack Developer

06/2019 – 06/2021

Mastertech Web Applications LLP

• Worked on PHP, MySQL, Jquery & JavaScript to build/customize web applications.
• Created new web portals using open-source content management systems (CMS) like WordPress and customized them for the required functionalities.
• Build Android, iPhone, Hybrid Apps for required functionalites/projects.
• Setup and Configured websites on hosting platforms like Namecheap, Siteground, and other similar cloud hosting providers.
• Migrated Websites from One Hosting Platform to Another.
• Designed and developed custom PHP/MySQL based web services or web components for the required functional specifications.
• Analyzed existing 3rd party free/commercial PHP based wordpress plugins and customized them to enable integration with wordpress based web sites, web portals or web services.
• Developed and customized plugins/modules for a specific web functionalities or form processing.
• Reviewed business requirements and researched for available 3rd party softwares or solution providers - for implementation or integration with an existing web services/portals.
• Developed custom automation/reporting systems for data elements and cross-functional web services.
• Worked on Blockchain technologies and cryptocurrencies and developed dApps for the same.

Security Researcher

07/2018 – Present

Hackerone, Bugcrowd, Intigriti, Bugbounty.jp, YesWeHack

• Conducting systematic application security assessments and penetration tests. The assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools.
• Creating Proof of Concept (PoC) for the vulnerability findings and creating formal reports.
• Recommending corrective measures and ensure the adequacy of existing information security controls.

Freelancing

08/2017 – 02/2018

Indian Navy - Colaba

• System hardening to reduce security risk by eliminating potential attack vectors and to condense the system’s attack surface.
• Auditing, Identifying and Controling potential security vulnerabilities throughout the organization.

Intern - VAPT Analyst

08/2016 – 02/2018

Technotronics Global Security Solution Pvt. Ltd.

• Worked on various VAPT projects such as Web-Apps, Mobile Apps, and Network Security.
• Conducted onsite Penetration Test Cases.
• Helped onboard new members by training them.

B.E Computer Science and Engineering

06/2015 – 05/2019

Datta Meghe College of Engineering (DMCE), Airoli