Open to opportunities

Suman Roy

@sumanroy1

Message

Certified Ethical Hacker passionate about offensive security and research.

India

Message

What I'm looking for

I seek a dynamic role in cybersecurity that fosters continuous learning and impactful contributions.

I'm a Certified Ethical Hacker and Security Researcher with a deep passion for offensive security and securing digital ecosystems. My journey from technical support to advanced cybersecurity research reflects not only adaptability but a relentless commitment to growth. I specialize in manual source code review and vulnerability research, with experience identifying CVEs and correlating findings across libraries for clients such as CheckMarx.

Throughout my career, I have secured organizations by identifying and reporting critical vulnerabilities, including SQL Injections and Remote Code Execution instances. My hands-on experience includes conducting vulnerability assessments and penetration testing for various applications, leveraging expertise in SAST and DAST techniques. I thrive in high-impact environments and bring a curious, self-driven mindset to every challenge.

While I don't hold a formal degree, my career is proof that skill, consistency, and passion can break conventional boundaries in cybersecurity. I am particularly drawn to organizations that emphasize continuous learning and social impact, and I am open to training in unfamiliar technologies and international travel.

Experience

Work history, roles, and key accomplishments

Current

Security Researcher

Current

BugBountyHunter/VDP

Jul 2023 - Present (2 years)

Secured 4 organizations by identifying and reporting critical vulnerabilities, including 7 SQL Injections, 1 Remote Code Execution, and 2 Information Disclosure instances, acknowledged by the Indian Government. Partnered with Hostinger to disrupt a credit card scam operation, protecting over 50 victims and preventing significant financial loss.

Vulnerability Research SQL Injection Penetration Testing SAST DAST

Software Engineer - Security Research

LoginSoft Pvt Ltd

Feb 2024 - Present (1 year 5 months)

Conducted vulnerability research on a wide range of open-source projects, utilizing proprietary software to analyze and correlate data, aiding clients in identifying vulnerable software or dependencies. Performed daily tasks such as correlating data related to CVE and non-CVE vulnerabilities through static analysis and code reviews.

Vulnerability Research Open Source Security Static Analysis Code Review CVE PHP Ruby Go)Python Java JavaScript .NET Framework C

Senior Associate

Wipro Digital Operations & Platform

Nov 2019 - Present (5 years 8 months)

Provided expert technical support for electronic devices, achieving a 95% issue resolution rate while consistently meeting KPIs. Mentored a team of 18 members, bridging skill gaps, introducing new techniques, and driving performance improvements.

Technical Support KPIs Mentoring Performance Improvement

Education

Degrees, certifications, and relevant coursework

Indira Gandhi National Open University

Bachelor of Computer Applications, Computer Applications Development

While I began my academic journey with passion and dedication, personal and financial circumstances led me to make the practical decision to leave college. However, I redirected that adversity into motivation—pursuing certifications, real-world projects, and continuous self-learning in cybersecurity.