Services
Vulnerability Assessment and Penetration Testing
I identify and address vulnerabilities in your systems through comprehensive assessments and ethical hacking techniques. By simulating real-world attacks, I ensure your applications, networks, and infrastructure remain secure against evolving threats. Build resilience with detailed security insights and risk mitigation strategies.
Compliance & Audit
I ensure your organization adheres to industry regulations and frameworks such as GDPR, HIPAA, ISO 27001, and NIST. Through thorough audits and gap assessments, I identify compliance issues, recommend corrective actions, and help you achieve certification, reducing legal and operational risks.
Experiences
Jan 2024 - Aug 2024
Jan 2024 - Aug 2024
Security Analyst
@GREENIE – BGV Startup
Conducted risk assessments and designed security controls for a background verification system handling sensitive identity data (Aadhar, PAN, address, work history).
Performed vulnerability assessments and secured API endpoints to prevent unauthorized access to PII.
Collaborated with developers to implement encryption and access management policies, aligning with industry best practices.
Ensured data security and compliance by identifying and mitigating risks in data verification workflows and third-party integrations.
Jun 2023 - Dec 2023
Jun 2023 - Dec 2023
Intern - Cybersecurity Advisory Services
@AUJAS CYBERSECURITY LTD
Strengthened the company’s ISMS by updating the ISO 27001:2013 framework to align with ISO 27001:2022 controls, achieving a 30% reduction in compliance gaps.
Developed and maintained a comprehensive risk register, identifying 50+ risks and reducing vulnerabilities by 25%.
Conducted assessments on 15+ systems, identifying critical gaps and reducing exploitable vulnerabilities by 40%.
Assisted in creating the SOA and implementing 10+ security controls, achieving a 95% success rate in data protection.
Collaborated with cross-functional teams to enhance security controls and ensure adherence to industry best practices.
Jun 2022 - Jul 2022
Jun 2022 - Jul 2022
Cybersecurity Intern
@CYBER VIDYAPEETH FOUNDATION
Gained hands-on experience in IoT operations by developing and executing 5+ Arduino-based projects, bridging theory with real-world applications.
Conducted research on IoT security vulnerabilities, identifying potential threats and exploitation methods.
Aug 2021 - Sept 2022
Aug 2021 - Sept 2022
Summer Intern
@ERNST & YOUNG LLP
Researched and analyzed Incident Response (IR) frameworks, improving response efficiency by 20% and contributing to a 30% increase in cybersecurity readiness.
Presented findings that boosted compliance with international security standards by 25%.
Developed IR best practices that reduced simulated incident response time by 15%, reinforcing the value of structured frameworks in national cybersecurity.
Contributed to a project, reinforcing the importance of structured frameworks in enhancing national cybersecurity readiness.
Skills
Programming Languages
Python
HTML
CSS
ShellScript
Technological Skills
Linux
VAPT
Identity and Access Management
Cryptography
Network Security
DLP
ISO Standards
NIST Standards
Tools
Burpsuite
Postman
Nmap
Wireshark
Nuclei
J Meter
Nessus
Security Platforms
Bugcrowd
Hackerone
TryHackMe
Operating System
Windows
MacOS
Kali Linux
IDE
Pycharm
VS Code
Google Collab
Jupyter
Projects
InboxGuard
InboxGuard is an AI-powered web application that detects phishing emails using Google’s Gemini API with function calling. It analyzes sender details, links, and manipulative language to generate a detailed risk assessment.
Malware Analysis Sandbox
Malware Analysis Sandbox: A secure, isolated environment for cybersecurity professionals to analyze malware using static and dynamic techniques, gaining insights into behavior without risking system integrity.
DeCap
Decentralized Capital is a blockchain-based app for banking, allowing users to securely manage deposits, request loans, and pay debts through a seamless, user-friendly interface for transparent finances.
Cocktail.exe
A C++ proof-of-concept malware project created for educational purposes, demonstrating persistence, obfuscation, packing, and advanced anti-debugging techniques to showcase key concepts in malware development, evasion techniques, and comprehensive security.
