Security Engineer specializing in endpoint security, cloud governance, and application security. Experienced in strengthening data protection, improving compliance rates, and implementing security hardening across enterprise environments.
Developed and implemented an enterprise security program for an ed-tech startup, ensuring strong cybersecurity. Managed Incident Response for a phishing attack, swiftly mitigating threats and minimizing damage. Developed a security plan and roadmap integrating SIEM, IDS, firewalls, and compliance with NIST, ISO, and cyber laws.
Led the development and implementation of an integrated security solution using IPS, IDS, and EDR technologies. Performed network security assessments, identified vulnerabilities, deployed endpoint security, and enforced DLP strategies. Implemented SOAR tools for efficient incident response and disaster recovery.
Comprehensive cloud security implementation covering IAM, AWS GuardDuty, WAF configurations, and security hardening across AWS and Azure environments. Focused on cloud security compliance and best practices.
Hands-on penetration testing projects covering web application exploitation, network attacks, privilege escalation, and post-exploitation techniques using industry-standard tools.
Implementation of secure coding practices, vulnerability analysis, and building secure applications. Focus on preventing common vulnerabilities like SQL injection, XSS, and CSRF.
Low-level binary exploitation, reverse engineering, and vulnerability research in C programs and Unix systems. Includes buffer overflow, format string exploits, and return-oriented programming.
Network security implementations including packet analysis, intrusion detection, firewall configurations, and network-based attacks and defenses.
Comprehensive exploration of security tools and frameworks used in information security, including SIEM, vulnerability scanners, and security automation.
Security analysis and exploitation of embedded systems, IoT devices, and hardware security including firmware analysis and hardware hacking techniques.
Secure Coding, Cloud Security, Penetration Testing, Security Tools for Information Security, Network Security & Hacking of C and Unix Binaries
Network and Protocols, Wireless Communication, Embedded Systems, Linear Integrated Systems, Control Systems & Object-Oriented Programming
Published thesis at International Conference on Communication & Signal Processing (ICCSP) 2020
Hands-on cybersecurity training and challenges
Achieved Top 11% rank (918 out of 8487) in the National Cyber League Spring 2025 Capture the Flag Individual Game
Achieved Top 12% rank (1038 out of 8484) in the National Cyber League Fall 2024 Capture the Flag Individual Game
Detailed documentation of my security challenges and CTF solutions
I maintain comprehensive writeups of TryHackMe rooms on my Notion page, covering various cybersecurity topics including penetration testing, web exploitation, privilege escalation, and network security. Each writeup includes detailed methodology, tool usage, and key learnings from the challenges.
Comprehensive exploration of the OWASP Top 10 web application security risks, including injection attacks, broken authentication, XSS, and security misconfigurations.
→ Read WriteupIntroduction to penetration testing methodology covering reconnaissance, scanning, enumeration, exploitation, and post-exploitation techniques.
→ Read WriteupAdvanced buffer overflow exploitation techniques including stack analysis, shellcode development, and bypassing modern protections like DEP and ASLR.
→ Read WriteupCommon Linux privilege escalation vectors including SUID binaries, kernel exploits, cron jobs, and misconfigured services with practical examples.
→ Read WriteupSQL injection, XSS, CSRF, and other web vulnerabilities with hands-on exploitation techniques and mitigation strategies.
→ Read WriteupAdvanced AD exploitation covering Kerberoasting, Golden Tickets, Pass-the-Hash, and domain enumeration using tools like BloodHound and Mimikatz.
→ Read WriteupeLearning Junior Penetration Tester
Network Security Associate - Fortinet