Klar - AppSec | Security Engineer | DevSecOps

Berlin - Germany

Klar is a digital financial services platform allowing users to manage their money in a secure and personalized way from their smartphone.Quick Banking solutions.
I am part of the Security team where I am leading & building the Appsec Pipeline from scratch.
• Internal / External API Pentesting
• Managed and reconfigured the Enterprise Pentest Program; continuously led as the subject matter expert in vulnerability triage and remediation with Cobalt.
• Collaborated with SRE team during Incident Response.
• Building internal Vulnerability Management with opensource tools.
• Intregating SAST tools to improve CI/CD lifecycle.
• Building Key management with the Devops team.

Skills - Burpsuite Enterprise | Synk | Jira | Notion | Cobalt | Vulnerability Management | Terraform | Postman

BlockFi - AppSec | Red Teaming | Blockchain | Fintech | Crypto

NewYork - USA

BlockFi is a complete cryptocurrency ecosystem for advanced crypto traders. It has over 1 million verified users and over $10 billion in assets. I was part of the Cyber Defense team where I was working with my team members from different nations across the globe. • Established SDLC best practices, including configurations for the WAF allow listing, SAST, and DAST tools. Utilized tooling to manage vulnerability identification and remediation efforts.
• Managed and reconfigured the Enterprise Bug Bounty Program; continuously led as the subject matter expert in vulnerability triage and remediation with Hackerone.
• Collaborated with multiple teams during Incident Response Management as it pertained to Application Security.
• Conducted Network, API, Web Application Penetration tests, and Mobile Security (IOS) identifying multiple vulnerabilities to mitigate enterprise risk.
• Communicated Enterprise needs to thirdparty-vendors, performed in-depth tool assessments to compare functionality, performed Proof of Concepts, and write high-level deliverables to present to leadership.
• Ensuring all security events and incidents (internal/external) are logged into Vulnerability Management and regularly updated and closed Jira tickets within the set SLAs.

Skills - Burpsuite Enterprise | Synk | Jira | AWS Identity and Access Management (AWS IAM) | Vulnerability Management | Defectdojo | Tenable Nessus

Signzy - B2B | RPA | AI | APIs | Fintech | Banking | Digital Security

Bangalore - India

Signzy is enabling 10 million+ end customer and business onboardings every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a strong global partnership with Mastercard and Microsoft.One of the top-notch fintech startups in India.
My day to day activities were -
• Dealing with B2B products with Top Financial Institutions like Citi bank, HDFC, Axis, Pine Labs.
• Day to Day Configuring REST APIs in a secure manner.
• API QA Testing with POSTMAN.
• Penetration Testing.
• Integrating AI-based KYC.
• Collaborating with Product Managers & Clients to integrate flows in a secure architecture.

Community Member - Google Developer Group | Open Source India | Null Bangalore | Defcon India

India

I have worked as Security tester & Quality Assurance for the GDG and been an active member of the family. Worked in different opensource projects as Security & functional tester.
I have worked on -
- Planning, scripting, executing and reporting tests.
- Creating and writing test plans.
- Executing tests to qualify them for that stage of development process.
- Developing tests to automate these tests.
- Diagnosing identified problems and communicating the issues appropriately to the development team.
- Creating and updating associated documentation for the test plans.
- Automation with Selenium/Python.
- Mobile application testing.

Community Member - OWASP

India

- Managing community members.
- Strategic Planning.
- Organizing Talks.
- Presenting Talks.
- Collaborating with OWASP Board members.

Bug Bounty - Bugcrowd | HackerOne

Remote

Most of my weekends I spent my time playing CTFs & Bugbounties.I have been doing bug bounties since 2017 and got acknowledged by Top Programs like Uber, Mastercard, Facebook, Sony, Hubspot, and so on. Top #500 Global rank in Bugcrowd 2019.
Skills: Fuzzing · Bash · Asset Discovery · GraphQL · Elasticsearch · Parser · IDOR · CSRF · RCE · OWASP · Serialization · Reverse Engineering · Python · Docker · Burpsuite

Freelancer - Web Design & Development - HTML | CSS | JS | Bootstrap | SQL| PHP | Python | Wordpress | SEO

India

I have worked as a freelance front-end developer with more than 15+ Startups & Companies.
- HTML
- CSS
- JS
- Wordpress
- PHP
- SQL
- Node
- SEO
- Cloudflare
- Webmail
- Chat Bots Intregation

Information Security & Android Development - Jain University

Banaglore - India

Secondary School - Hindustani Kendriya Vidyalaya (Commerce)

Guwahati - India

Primary School - Luit Valley High School

KPT - India