MARCH 2023 - PRESENT

Associate Consultant - Information Security

ANZEN Technologies Pvt. Ltd.  

• Performed 30+ end-to-end security assessments for enterprise clients across telecom, finance, healthcare, and ecommerce sectors — including Web, Mobile, API, and Network VAPT, tailored to black-box or gray-box methodologies.
• Conducted 20+ network VAPT audits (internal and external), leveraging tools like Nessus, Qualys, Nmap, and manual techniques to identify misconfigurations, privilege escalations, and unpatched vulnerabilities.
• Performed 10+ API security assessments by fuzzing endpoints, analyzing authentication flaws, and identifying logic bypass issues as per OWASP API Top 10.
• Executed secure code reviews for applications developed in Java, Python, .Net and PHP, identifying 50+ critical flaws such as hardcoded secrets, insecure deserialization, and broken access control.
• Led red team engagements focusing on reconnaissance, lateral movement and privilege escalation using MITRE ATT&CK framework; collaborated with blue teams to validate detection and response mechanisms.
• Conducted wireless penetration testing of enterprise infrastructure to identify rogue access points, WPA/WPA2 cracking vulnerabilities, and misconfigured segmentation.
• Analyzed IoT firmware for reverse engineering and vulnerability identification, including insecure storage and hardcoded credentials; supported remediation planning.
• Managed vulnerability lifecycle using Qualys VMDR: triaged reports, prioritized risk buckets, and collaborated with cross functional teams and stakeholders to remediate issues before deadlines breach.
• Delivered 50+ detailed technical and executive reports, providing risk ratings, mitigation steps, and custom remediation walkthroughs aligned with NIST and OWASP standards.
• Developed custom automation scripts for network VAPT assessments to streamline repetitive checks, reducing manual effort and reporting time.
• Contributed to internal knowledge base and process improvement initiatives, mentoring junior interns and standardizing report templates for the security team.

SEP 2022 - FEB 2023

Cyber Security Intern

Quantum Learnings  

• Discovered and resolved top 10 OWASP vulnerabilities in client’s web application.
• Successfully completed 100+ PortSwigger labs to improve my skills in web application security.
• Linux Automation using bash and Ansible.
• Utilized Qualys Suites and FortiGate 2000E firewall for security enhancements.

AUG 2022 - DEC 2022

Cyber Security Trainee

Corizo  

• Conducted penetration testing on a vulnerable machine using Kali Linux and ethical hacking techniques.
• Generated comprehensive vulnerability reports as a result of the testing.
• Utilized web application security tools such as BurpSuite, Havij, and SQLmap to proactively hunt bugs.
• Participated in bug bounty programs to identify and exploit vulnerabilities.

JUL 2021 - DEC 2021

Jr. Software Developer

VST InfoTech  

• Developed a personality prediction software using Machine Learning, AI concepts, and the Python programming language.
• Designed the software to analyze social media data and accurately predict a person's personality.

2025 - 2027

Master of Business Administration (MBA)

Information Technology

Parul University (PU)  

2017 - 2022

Bachelor of Engineering (B.E)

Computer Engineering; Honor's Cyber Security

Savitribai Phule Pune University (SPPU)  

August 2025 - Currently Studying

Certified Red Team Analyst [CRTA]

CW Labs Pvt. Ltd.  

• Red Teaming in External Environment
• Red Teaming in Internal Environment

June 2024 - Currently Studying

Certified Penetration Testing Professional (C|PENT)

EC-Council  

• Advanced Windows Attacks
• Attacking IOT Systems
• Writing Exploits: Advanced Binary Exploitation
• Bypassing a Filtered Network
• Pentesting Operational Technology (OT)
• Access Hidden Networks with Pivoting
• Double Pivoting
• Privilege Escalation
• Evading Defense Mechanisms
• Attack Automation with Scripts
• Weaponize Your Exploits
• Write Professional Reports

March 2023 - February 2024

Certified Cybersecurity Technician (C|CT)

EC-Council  

• Information security
• Network security
• Computer forensics
• Risk management
• Incident handling
• Industry best practices

NOV 2022 - FEB 2023

Certificate Course on

Cyber Security & Ethical Hacking (CSEH100)

Cumulative Grade: A

National Institute of Electronics & Information Technology (NIELIT)  

• Virtualization & Networking Basics
• Linux Fundamentals & Shell Scripting
• Overview of Windows & its Security features
• Overview of Information Security, Mobile devices & its Security features
• Introduction to Ethical Hacking, Threats, Vulnerabilities, Attacks & Ethical hacking Phases
• Malware Analysis
• Host/Device Security , Network Security
• Cryptography, Webserver Configuring, Securing and validating Services
• Penetration Testing methodologies
• Wi-Fi Security, Cloud security, Security Auditing Formalities

Issued JUL 2022

The Complete Cyber Security Course

StationX  

• Hackers Exposed
• Network Security
• Anonymous Browsing
• End Point Protection

Issued FEB 2023

Career Essentials in System Administration by Microsoft and LinkedIn

Microsoft and LinkedIn  

• System Administration
• Network Administration
• Network Security

Issued FEB 2023

Career Essentials in Software Development by Microsoft and LinkedIn

Microsoft and LinkedIn  

• Programming
• Software Development

Issued OCT 2023

AWS Certified Security - Specialty

Amazon Web Services (AWS)  

• AWS Cloud Security
• AWS Cloud Fundamentals