Kanishk Singh

Cyber security- VAPT

Key Strengths

Extensive experience (5.4 years) in Vulnerability Assessment and Penetration Testing (VAPT) across diverse sectors including enterprise, government, and public sector clients.
Demonstrated proficiency with a wide array of open-source and commercial VAPT tools (Burp Suite, Metasploit, Nessus, Acunetix, QualysGuard, etc.).
Strong practical skills validated by high scores in multiple practical IT Security Auditing tests (90% each) and a competitive CTF performance (17th Rank).
Solid theoretical foundation in ethical hacking, evidenced by a high score (88%) on the Certified Ethical Hacker (CEH) exam and holding the certification.
Proven ability to conduct comprehensive VAPT for network/infrastructure and web applications, covering OWASP Top 10, authentication, session management, and access control.
Experience in analyzing scan reports, suggesting remediation plans, and auditing configurations of network and security devices.
Managed over 100+ VAPT projects, showcasing strong project management and client delivery capabilities.
Experience with securing diverse environments including legacy systems, public-facing websites, corporate networks, and cloud assets.
Recognized with 'Business Extraordinaire Award' and 'Client Extraordinaire Award' at EY, indicating strong performance and client satisfaction.

Skill Analysis

Capture The Flag (CTF)

★★★★★

90%

The candidate achieved a high rank and points in a competitive CTF, indicating strong practical cybersecurity skills. While a direct percentage isn't given, the achievement suggests a high level of proficiency.

Ethical HackingPenetration TestingVulnerability AssessmentProblem SolvingCybersecurity Challenges

Strengths

Demonstrated ability to participate and score in competitive cybersecurity challenges (17th Rank, 130 Points in C3iHub IIT Kanpur CTF).
Indicates strong practical skills in identifying and exploiting vulnerabilities in a simulated environment.

Cultural & Operational Fit

Cultural Fit Analysis

The candidate's experience spans a wide range of clients in both the private (Finance, FMCG, Banking, Healthcare, Education) and public sectors (Skill Enhancement, Law Enforcement, Digital Infrastructure). This diversity of projects and client types suggests adaptability and an ability to work within varied organizational cultures and regulatory environments. Their involvement in securing critical infrastructure for government ministries and large enterprises indicates a strong sense of responsibility and commitment to high-impact work. The awards received at EY ('Business Extraordinaire', 'Client Extraordinaire') further underscore a proactive, client-focused, and high-achieving mindset, which aligns well with performance-driven cultures. The breadth of skills and tools used also shows a willingness to continuously learn and adapt to new technologies and challenges.

Soft Skills & Operational Fit

The candidate demonstrates strong analytical and problem-solving skills, as highlighted in their professional summary and project descriptions (e.g., identifying challenges and proposing solutions for complex legacy systems). Their high score in the CERT-In Personal Interaction Session suggests excellent communication and client-facing abilities, crucial for presenting findings and recommendations. The ability to work independently and as part of a team, coupled with strong initiative and self-motivation, indicates a good operational fit for demanding cybersecurity roles. The candidate's experience managing numerous projects also points to strong organizational skills and the ability to deliver under defined timelines.

AI is analyzing your overall score…

Identifying your key strengths…

Evaluating your skill match against the job requirements…

Assessing your cultural and operational fit

About

Cyber Security Engineer with 5.4 Years' Experience in conducting and implementing security practices to protect a company or organization's computer network/infrastructure and web application from cyber-attacks and help set and maintain security standards. Strong mix of experience across enterprise and government & public sector clients. Experience on Network Vulnerability Scanning Penetration Testing • Application Security Testing/Penetration Testing • Network Security Testing/Penetration Testing • Experience of using open-source tools and commercials tools such as but not limited to Burp Suite, Metasploit, Nessus, Acunetix • Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions • In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database. Independently able to perform Web Application and Network VAPT using automated and manual approach • Self-starter and ability to deliver under defined time lines • Strong technical, analytical and problem-solving skills • Strong initiative, self-motivation, ability to complete tasks on time • Excellent troubleshooting, problem solving, decision-making, and organizational skills • Ability to work independently and as a team member to diagnose and resolve IT issues

Top Skills

Cloud Security

Experience

Ernst & Young LLP

Associate Consultant

January 1, 2025 – Present

New Delhi, Delhi, India

ASPL Info Services Private Limited

Associate Engineer

July 1, 2022 – January 1, 2025

Bengaluru, Karnataka, India

The Codingo

Analyst

February 1, 2021 – July 1, 2022

Lucknow, Uttar Pradesh, India

World Wide Web Software Application Services

Test Engineer

June 1, 2016 – January 1, 2021

Lucknow, Uttar Pradesh, India

Great Value Foods

Electrical Maintenance Engineer

January 1, 2014 – December 1, 2015

Greater Noida, Uttar Pradesh, India

Upase Automation & Controls

Trainee Engineer

December 1, 2012 – December 1, 2013

Pune, Maharashtra, India

Projects

VAPT for Network/Infrastructure and Web Applications

December 1, 2012 – June 1, 2026

Managed over 100+ projects for enterprise and government & public sector clients spanning various sectors including Finance, FMCG, Banking, Skill Enhancement, Law Enforcement, Digital Infrastructure, Healthcare, Education, Textiles, and Tools Manufacturing, both in India and abroad. Worked with one of the largest vertically integrated manufacturers of quality jersey garments in the Indian Ocean region, one of the leading banking service providers from Western Africa, chain of prominent educational institutions from one of the leading countries of Arabian Peninsula, leading restaurant chain from North American region and across various government ministries & departments. Key Projects (Private Sector): Project 1: 248 Network IPs, 2 Web Applications with 104 Dynamic pages. This cybersecurity project focused on securing the infrastructure of a renowned educational organization with over 200+ IP addresses spread across two different geographic locations. The organization faced significant challenges, including legacy systems, outdated operating systems, and public-facing websites with complex functionalities built on older technologies. Challenges Identified- Large Attack Surface, Public-Facing Websites, Outdated Technologies, Legacy System Dependencies. Approach & Solutions- Comprehensive VAPT, Network Segmentation, Web Application Security Hardening, Patch Management Strategy, Legacy System Protection. Project 2: 100 Network IPs, 8 Web applications This cybersecurity project was undertaken to secure the infrastructure of a corporate headquarters with over 100+ IP addresses, and 8 public-facing websites including critical internal systems, including HRMS and e-commerce portals. The organization faced several challenges, such as outdated servers, websites built on older technologies, and dependencies on legacy systems that could not be immediately replaced. Challenges Identified- Corporate Network Security, Public-Facing Websites, Outdated Servers, Older Web Technologies. Approach & Solutions- Network Security Enhancement, Web Application Security Hardening, Server Hardening & Patch Management, Securing HRMS & E-commerce Portals, Legacy System Protection. Project 3: 115 Network IPS, 6 Web applications This cybersecurity project was undertaken to secure the infrastructure of a corporate headquarter as well as Mumbai office of an NBFC having over 100+ IP addresses which includes on premise and cloud, and 8 websites out of which 2 are public facing and 6 are internal websites developed for various financial operations. The organization faced several challenges, such as outdated servers, websites built on older technologies, and dependencies on legacy systems that could not be immediately replaced. Challenges Identified- Corporate Network Security, Public-Facing Websites, Cloud Assets, Outdated Servers, Older Web Technologies. Approach & Solutions- Network Security Enhancement, Web Application Security Hardening, Server Hardening & Patch Management, Securing Cloud Infra Portals, Legacy System Protection. Key Projects (Government & Public Sector)- • Skill Enhancement Platform • Verifiable Credentialing Infrastructure • Smart Traffic Solutions • Law enforcement systems (CCTNS) • Healthcare Mobility Platform • Digital Aviation Mobility Platform

Key Strengths

Extensive experience (5.4 years) in Vulnerability Assessment and Penetration Testing (VAPT) across diverse sectors including enterprise, government, and public sector clients.
Demonstrated proficiency with a wide array of open-source and commercial VAPT tools (Burp Suite, Metasploit, Nessus, Acunetix, QualysGuard, etc.).
Strong practical skills validated by high scores in multiple practical IT Security Auditing tests (90% each) and a competitive CTF performance (17th Rank).
Solid theoretical foundation in ethical hacking, evidenced by a high score (88%) on the Certified Ethical Hacker (CEH) exam and holding the certification.
Proven ability to conduct comprehensive VAPT for network/infrastructure and web applications, covering OWASP Top 10, authentication, session management, and access control.
Experience in analyzing scan reports, suggesting remediation plans, and auditing configurations of network and security devices.
Managed over 100+ VAPT projects, showcasing strong project management and client delivery capabilities.
Experience with securing diverse environments including legacy systems, public-facing websites, corporate networks, and cloud assets.
Recognized with 'Business Extraordinaire Award' and 'Client Extraordinaire Award' at EY, indicating strong performance and client satisfaction.

Skill Analysis

Capture The Flag (CTF)

★★★★★

90%

Ethical HackingPenetration TestingVulnerability AssessmentProblem SolvingCybersecurity Challenges

Strengths

Demonstrated ability to participate and score in competitive cybersecurity challenges (17th Rank, 130 Points in C3iHub IIT Kanpur CTF).
Indicates strong practical skills in identifying and exploiting vulnerabilities in a simulated environment.

Cultural & Operational Fit

Cultural Fit Analysis

Soft Skills & Operational Fit

IT Security Auditing (Offline Practical Skill Test)

★★★★★

90%

Another 90% score in an offline practical skill test reinforces the candidate's consistent and high-level practical expertise in IT Security Auditing.

Vulnerability AssessmentPenetration TestingTool Usage (Burp Suite, Nessus, Metasploit)Web Application SecurityNetwork SecurityReporting

Strengths

Achieved 90% in an offline practical skill test for IT Security Auditing, further validating hands-on technical expertise.
Suggests consistent high performance across different practical assessment formats.

Limitations

Specific challenges encountered or areas requiring improvement in an offline, potentially more complex, environment are not specified.

Certified Ethical Hacker (CEH)

★★★★★

88%

An 88% score on the CEH exam indicates a solid grasp of ethical hacking concepts and methodologies, a fundamental requirement for a VAPT role.

Ethical Hacking MethodologiesFootprinting and ReconnaissanceScanning NetworksEnumerationVulnerability AnalysisSystem HackingMalware ThreatsSniffingSocial EngineeringDenial of ServiceSession HijackingEvading IDS, Firewalls, and HoneypotsWeb Server HackingWeb Application HackingSQL InjectionWireless Network HackingMobile Platform HackingIoT HackingCloud Computing SecurityCryptography

Strengths

Scored 110/125 (88%) on the Certified Ethical Hacker exam, demonstrating a strong theoretical and foundational understanding of ethical hacking principles and techniques.
Possesses a recognized industry certification validating core cybersecurity knowledge.

Limitations

The CEH exam is primarily knowledge-based; practical application depth beyond the exam is not directly assessed by this score alone.

Kanishk Singh

Key Strengths

Skill Analysis

Capture The Flag (CTF)

Cultural & Operational Fit

About

Top Skills

Skills

Education

Experience

Projects

Certifications

Key Strengths

Skill Analysis

Capture The Flag (CTF)

Cultural & Operational Fit

IT Security Auditing (Personal Interaction)

IT Security Auditing (Online Practical Skill Test)

IT Security Auditing (Offline Practical Skill Test)

Certified Ethical Hacker (CEH)