NR
Open to opportunities

Nihal roa

@nihalroa

Cybersecurity Engineer with expertise in penetration testing and cloud security.

United States
Message

What I'm looking for

I seek a challenging role in cybersecurity where I can leverage my skills in penetration testing and cloud security, while contributing to a proactive security culture and continuous improvement.

I am a Cybersecurity Engineer with over 6 years of experience specializing in penetration testing, secure SDLC, and multi-cloud security across AWS, Azure, and GCP. My expertise lies in threat detection, red team operations, and implementing AI/ML-driven security solutions to enhance the resilience of network, application, and cloud infrastructures. I have a proven track record in conducting vulnerability assessments, risk mitigation, and ensuring compliance with various regulatory standards including PCI-DSS, SOX, FISMA, FedRAMP, and GDPR.

Throughout my career, I have successfully integrated secure SDLC practices into CI/CD pipelines, automating security validations and significantly reducing code risks. My role as a Sr. Penetration Tester at Commerce Bank involved conducting comprehensive network and application penetration tests, identifying critical vulnerabilities, and providing actionable remediation guidance. I have also led purple team exercises to simulate adversary tactics, validating detection rules and enhancing overall security posture.

My commitment to continuous learning and improvement drives me to stay updated on the latest trends in cybersecurity. I am passionate about leveraging my skills to fortify organizations against emerging threats and contribute to a culture of security awareness and compliance.

Experience

Work history, roles, and key accomplishments

CB

Application Security Engineer

Customer Bank

Nov 2022 - Jul 2023 (8 months)

Integrated secure SDLC practices into CI/CD pipelines, automating security testing and enhancing application security. Developed machine learning models for threat detection and conducted threat modeling to align with compliance requirements.

CI CD PipelinesThreat ModelingMachine LearningOWASPSonarQubeZAPVeracodePython

Education

Degrees, certifications, and relevant coursework

CB

Commerce Bank

Sr. Penetration Tester, Penetration Testing

2024 -

Conducted network pen tests with Metasploit, Nessus, Nmap, identifying privilege escalations, lateral moves, and exploits, streamlined remediation workflows and accelerated vulnerability response. Tested web apps using Burp Suite and Hydra, identifying REST API and OAuth flaws in cloud/mobile setups.

CB

Customer Bank

Application Security Engineer, Application Security

2022 - 2024

Integrated secure SDLC in CI/CD pipelines, automating SAST, DAST, IAST using SonarQube, ZAP, and Veracode while preserving agile DevOps velocity. Designed ML-driven anomaly models for real-time threat detection; used behavior analysis to improve detection accuracy, reducing false positives.

CO

Cognizant

Cybersecurity Analyst, Cybersecurity

2019 - 2022

Architected SIEM solutions for real-time threat detection, integrating threat intelligence feeds to enhance proactive, continuous defense measures. Led internal readiness audits for SOC 2 and ISO 27001 compliance, remediating policy and access gaps ahead of external assessment. Conducted vulnerability assessments and penetration testing to identify weaknesses and apply rapid remediation, securing

Tech stack

Software and tools used professionally

Splunk logo

Splunk

GitHub logo

GitHub

SonarQube logo

SonarQube

Veracode logo

Veracode

Kubernetes logo

Kubernetes

Gmail logo

Gmail

Java logo

Java

PHP logo

PHP

PowerShell logo

PowerShell

Wireshark logo

Wireshark

Linux logo

Linux

macOS logo

macOS

Windows logo

Windows

Kali Linux logo

Kali Linux

ZAP logo

ZAP

CrowdStrike logo

CrowdStrike

Firefox logo

Firefox

Zap logo

Zap

SQL logo

SQL

Snyk logo

Snyk

Burp Suite logo

Burp Suite

Nmap logo

Nmap

Metasploit logo

Metasploit

Availability

Open to opportunities

Location

United States

Authorized to work in

United States

Job categories

Senior Cybersecurity Engineer

Skills

Penetration TestingCloud SecurityVulnerability AssessmentThreat DetectionRed Team OperationsDevSecOpsCI CD Security IntegrationAI ML SecurityKali LinuxMetasploitBurp suiteNessusSplunkAWSAzureGCPPythonJavaC++SQLDockerKubernetesSonarQubeVeracodePHPPowerShellWiresharkMacOSWindowsZAPCrowdstrikeFirefoxGitHubSnykNmapGmailLinux

Interested in hiring Nihal?

You can contact Nihal and 90k+ other talented remote workers on Himalayas.

Message Nihal

People also viewed

View all talent

Find your dream job

Sign up now and join over 85,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Nihal roa - Sr. Penetration Tester - Commerce Bank | Himalayas