Open to opportunities

sonika bansal

@sonikabansal

Message

I am a cybersecurity analyst specializing in vulnerability management with 13+ years in QA and AppSec.

Saudi Arabia

Message

What I'm looking for

I'm seeking cybersecurity roles in Vulnerability Management, AppSec, or SOC—based in Saudi Arabia or remote. I want hands-on vulnerability discovery, SIEM/incident response work, and collaborative teams; available immediately and flexible across time zones.

I am a certified cybersecurity professional (CompTIA Security+, CEH) with 13+ years of software testing experience and a recent focus on vulnerability management and application security. I bridge QA practices with security testing to find and remediate critical risks across web and mobile platforms.

I have performed vulnerability discovery on e-commerce and payments modules, validated RBAC, XSS and SQLi issues, and verified secure payment flows using tools like Postman, Burp Suite, Wireshark and CyberChef. I also analyze security logs using Windows Event Viewer and investigate suspicious activities.

My background includes SIEM monitoring, alert investigation, phishing email analysis, API security testing, and network forensics guided by MITRE ATT&CK. I have applied OWASP principles in cross-platform testing and worked with Palo Alto firewall logs and API/traffic monitoring tools.

I am available immediately and seeking roles in Vulnerability Management, AppSec, or SOC—open to positions in Saudi Arabia or remote work. I bring strong communication, client interaction, and training experience to help teams reduce risk and improve security posture.

Experience

Work history, roles, and key accomplishments

Quality Tester

Mumzworld

Oct 2020 - Sep 2024 (3 years 11 months)

Performed vulnerability discovery across e-commerce modules (checkout, payments, wallets), validated RBAC, XSS and SQLi, and verified secure payment flows to Netsuite. Analyzed security logs and investigated suspicious activities to improve detection and remediation.

OWASP Top 10 Burp suite Postman)Wireshark Fiddler API Testing NetSuite Payment Flow Validation

Associate Test Lead

Icreon Communication

Apr 2017 - Jan 2020 (2 years 9 months)

Led functional, security and GDPR testing for multiple Web/Mobile projects (CSCS, USM, Johngreed, PUMA), improving defect detection across checkout and role-based workflows. Coordinated test execution and reporting using JIRA and HP ALM.

Functional Testing Security Testing Jira Postman)SQL Magento Test Planning

Sr Test Analyst

CIMB Bank

Sep 2014 - Apr 2015 (7 months)

Executed SIT, UAT and regression testing for the GST module on Silverlake CBS, ensuring transactional accuracy and compliance. Managed test cases and defect tracking using HP ALM to support stable production releases.

Silverlake CBS Regression Testing SQL AS 400

Sr Test Analyst

HP Sdn Bhd

Aug 2013 - Aug 2014 (1 year)

Led testing for a rebate automation module (GRS) using SAP and Eclipse in an Agile environment, driving module delivery and defect resolution. Coordinated cross-functional testing and user acceptance activities.

Agile Eclipse Module Testing UAT

IT Analyst

Tata Consultancy Services

Mar 2010 - Aug 2013 (3 years 5 months)

Conducted functional testing for banking systems (HDFC EDW, RBS), managing test design, execution and defect tracking across Oracle, Sybase and POS/payment flows. Produced test plans and supplementary data packs to support releases.

Functional Testing SQL Oracle Sybase POS Testing Test Planning HP QC Data Validation

QA/Fraud Analyst

Quatrro

Oct 2008 - Nov 2009 (1 year 1 month)

Monitored and identified fraudulent and counterfeit checks, enabling timely mitigation to prevent financial losses. Documented incidents and collaborated with stakeholders for resolution.

Fraud Detection Transaction Monitoring QA Analytics Process Improvement

Software Developer

Agni Infomedia Ltd

Aug 2007 - Aug 2008 (1 year)

Collaborated with cross-functional teams to implement new features and fix bugs, contributing to product enhancements and improved stability. Participated in requirement analysis and code reviews.

Software Development Cross Functional Collaboration Code Review

Education

Degrees, certifications, and relevant coursework

UP Technical University

Master of Computer Applications, Computer Applications

2005 - 2007

Grade: 78%

Completed Master of Computer Applications (M.C.A) from UP Technical University (2005–2007) with 78%.

Bhopal University

Bachelor of Computer Applications, Computer Applications

Grade: 80.30%

Completed Bachelor of Computer Applications (BCA) from Bhopal University in 2005 with 80.30%.

Great Lakes Learning

Post Graduation Program in Cyber Security, Cyber Security

Grade: A+

Activities and societies: Capstone projects: 1) Planning Security Operations & Monitoring using Risk Control Mapping — identified critical risks, performed structured risk assessment, mapped risks, developed control implementation plans, and designed a monitoring strategy. 2) Creating an AI Usage Policy for Organizational Security — identified AI chatbot use cases, key concerns, privacy analysis, and recommendations for employee usage.

Completed Post Graduation Program in Cyber Security from Great Lakes Learning with A+ grade, including capstone projects on Security Operations & Monitoring and an AI Usage Policy for organizational security.