I am a Senior Cyber Security Engineer with over 7 years of experience in the IT industry, specializing in Application Security. I am certified in GWAPT (GIAC Web Application Penetration Tester) and GSLC (GIAC Security Leadership). My expertise includes Vulnerability Assessment & Penetration Testing, Vulnerability Management, Secure Development, DAST, and SAST. I have a strong track record of performing manual and automated application penetration tests and mentoring team members in vulnerability discovery and strategy.
In my current role at Factset Research Systems, I am responsible for conducting interviews, onboarding, and training new team members. I also work on secure source code analysis (SAST) and dynamic application security tests (DAST). I excel at explaining, presenting, and demonstrating the operational impact of vulnerabilities and ensuring that processes are appropriately documented. Additionally, I lead the Application Security Champion project and work on integrating security tools with CI/CD pipelining (DevSecOps).
Prior to my current position, I worked as a Cyber Security Analyst at Tata Consultancy Services, where I focused on the secure development of the HackQuest contest for 3rd-year B.Tech students. I conducted secure code testing, false positive analysis, and detailed discussions on vulnerability remediation with stakeholders. I also performed dynamic application security testing for finance clients in the US and UK, following OWASP top 10 and ASVS standards.