Security Analyst with 4+ years in VAPT & Application Security
AI is analyzing your overall score…
Identifying your key strengths…
Evaluating your skill match against the job requirements…
Assessing your cultural and operational fit
Having overall 5.5 years of IT Experience, which includes Web Application security with Vulnerability Assessment and Penetration Testing (VAPT) , Network Security , API’s, Mobile Penetration Testing, Desktop Support. Good Experience in OWASP TOP 10 Web Applications Threats. Performed DAST (Dynamic Application Security Testing) on various Web Applications. Identified various SQL Injections, XSS, CSRF , XML, Authentication and Authorization attacks in Penetration Testing. Worked closely with developers and design to remediate identified security flaws and skilled in preparing executive reports for every assessment, also involved in meeting calls with respective clients.
GVR&S College of Engineering and Technology Guntur
B.Tech (ECE) · Electronics and Communication Engineering
August 1, 2016 – June 30, 2019
Tata consultancy services (TCS)
Security Analyst
June 1, 2022 – Present
Bengaluru, Karnataka, India
Capgemini Technology Services India Ltd
Associate Consultant
September 1, 2021 – March 1, 2022
Bengaluru, Karnataka, India
BEPL
Software Engineer
February 1, 2020 – August 1, 2021
Hyderābād, Telangana, India
Application Security Testing
June 1, 2022 – Present
Manually walkthrough the application to understand the application functionality. Test The Application Thoroughly in all areas (Authentication, Session management, Authorization, Input Validation,) and observe the Findings. Conducted Vulnerability Assessments for multiple clients (Banking, Healthcare, HRMS etc.) to evaluate attack vectors, Identify System Vulnerabilities and develop remediation plans and Security Procedures. Performed VAPT for 30+ applications. Proficient in understanding application-level vulnerabilities like SQL injection, Authentication bypass, Weak Cryptography, Authentication flaws. Conducting Security Assessment test cases related to Authentication and Authorization, input validation, Session management, File upload/Inclusion, Browser related Issues like Browser RefreshBack Attack. Execute different payloads to attack the system for finding vulnerabilities with respect to input validation, authentication checks, etc. Identifying the Critical, High, Medium, Low-level vulnerabilities in the Applications based on OWASP Standards and prioritizing them based on their CVSS Scores. Experience in preparing executive reports for every assessment and conduct closing meeting calls with respective clients. Worked with different application teams to help them understand the vulnerabilities listed and provide recommendations to fix the same with respect to OWASP standards. Providing description with comments to Development team for better understanding of Vulnerabilities. Identification of different vulnerabilities of applications by using proxies like Burp suite to validate the server-side validations.
BUSSINESS TECHNOLOGY ANALYST
September 1, 2021 – March 1, 2022
Served as a foundational member in penetration testing, gaining hands-on exposure to core security assessment methodologies and tools. Conducted Web Application Penetration Testing, identifying vulnerabilities based on OWASP Top 10 and CWE guidelines. Performed Mobile Application Penetration Testing (Android & iOS), assessing insecure data storage, insecure communication, and platform-specific vulnerabilities. Assisted in preparing security assessment reports and Proof of Concepts (PoCs) with clear, actionable remediation steps.
CRTP – Certified Red Team
Unknown
May 1, 2026 – Present
CEH (Certified Ethical Hacker)
Unknown
May 1, 2026 – Present