Skip to main content
HimalayasHimalayas logo
Umang SarswatUS
Open to opportunities

Umang Sarswat

@umangsarswat

I’m a red team operator who exposes identity and Tier-0 compromise paths to drive measurable defenses.

India
Message

What I'm looking for

I’m looking to lead assumed-breach red team and adversary emulation work in real enterprise environments, mapped to MITRE ATT&CK. I want roles where I can measure SOC/EDR coverage, run C2-driven threat emulation, and deliver CISO-ready remediation roadmaps with retesting sign-off.

I’m an adversary simulation operator and red team/security consultant with 6+ years breaking enterprise defenses, specializing in Active Directory attack path exploitation and C2-driven threat emulation across Windows AD environments (5,000–20,000+ identities). I hold OSCP, CRTE, and CRTO, and I focus on AD CS abuse (ESC1–ESC8), Kerberos/NTLM/RBCD attack chains, and end-to-end red team lifecycle operations with Cobalt Strike and Sliver.

Every engagement ends with SOC detection coverage analysis, blue team knowledge transfer, and validated remediation sign-off. I consistently uncover domain-level compromise paths that client tooling and SOC detections miss, then translate complex multi-stage attack chains into CISO-level risk narratives and prioritized remediation roadmaps—while actively building Azure AD / Entra ID and hybrid identity red team capability (AZ-900 → AZ-500 in progress).

Experience

Work history, roles, and key accomplishments

AC
Current

Red Team Operator

Aujas Cybersecurity

Sep 2022 - Present (3 years 9 months)

Led end-to-end assumed-breach red team engagements in enterprise Windows AD environments (5,000–20,000+ identities), identifying Tier-0 compromise paths and detection gaps. Delivered Cobalt Strike/Sliver-based MITRE ATT&CK emulations, mapped SOC coverage, and produced CISO-facing risk narratives with retesting-based remediation sign-off.

Active Directory Attack Path AnalysisAD CS Abuse (ESC1–ESC8)Cobalt StrikeSliver C2BloodHound SharpHoundDCSync Pass The Hash Pass The TicketSOC Detection Coverage Testing
GS

Penetration Tester

Gray Hat Security

Jun 2018 - Feb 2022 (3 years 8 months)

Performed full-scope VAPT across web applications, REST/SOAP APIs, and enterprise internal networks, manually chaining OWASP Top 10 and business-logic issues into critical compromise paths. Built Active Directory security assessment capability (privilege escalation, insecure ACLs/trust relationships) and delivered risk-ranked findings and executive remediation roadmaps with validation.

OWASP Top 10Internal Network VAPTPrivilege Escalation & ACL ACE AnalysisBurp suiteNmap Nessus Scanning

Education

Degrees, certifications, and relevant coursework

Ranchi University logoRU

Ranchi University

Bachelor of Science, Information Technology

Bachelor of Science in Information Technology from Ranchi University.

Tech stack

Software and tools used professionally

Microsoft Azure logo

Microsoft Azure

Gmail logo

Gmail

PowerShell logo

PowerShell

Wireshark logo

Wireshark

Windows logo

Windows

Mapped logo

Mapped

Burp Suite logo

Burp Suite

Nmap logo

Nmap

Metasploit logo

Metasploit

Evidence logo

Evidence

Bash

Movement logo

Movement

Availability

Open to opportunities

Location

India

Authorized to work in

India

Job categories

Red Team OperatorRed Team OperatorPenetration TesterSecurity ConsultantPurple TeamRed TeamerRed Team SpecialistRed Team EngineerRed Team Lead

Skills

Red Team OperationsAssumed Breach EngagementsAdversary EmulationLateral MovementPersistenceDefense EvasionPost Exploitation C2 InfrastructureCobalt StrikeMalleable C2 ProfilesSliverActive Directory Attack Path AnalysisTier 0 Asset ExposureAD CS Abuse (ESC1–ESC8)KerberoastingAS REP RoastingDCSyncPass The HashPass The TicketGolden Silver TicketRBCD AbuseConstrained Unconstrained DelegationACL ACE ExploitationLSASS Credential DumpingBloodHound SharpHoundCertificationRubeusMimikatzImpacket SuiteResponderPower ViewSharpUpAzure AD Entra ID FundamentalsOWASP Top 10SMB RelayLLMNR NBT NS PoisoningBurp suiteNmapNessusMetasploitWiresharkPythonPowerShellBASHCVSS 3.1 ScoringExecutive RiskBlue Team Debrief FacilitationEvidenceGmailMappedMicrosoft AzureMovementWindows

Interested in hiring Umang?

You can contact Umang and 90k+ other talented remote workers on Himalayas.

Message Umang

People also viewed

View all talent

Find your dream job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan