Cyber security- VAPT with 4+ years in Vulnerability Assessment and Penetration Testing
AI is analyzing your overall score…
Identifying your key strengths…
Evaluating your skill match against the job requirements…
Assessing your cultural and operational fit
A Professional in Information Security technologies with Comprehensive knowledge on fundamental working of multiple Network Security concepts and working in tandem with a team in a challenging and competitive environment to contribute forward for the success of esteem organization by hard work and acquired skills. Experienced Information Security Engineer working in a team environment and have hands on knowledge on Application and network security tools & technology. Having around 4.10 Years of experience in Vulnerability Assessment and Pen testing. Currently working as Consultant - Cybersec at KPMG Global Services (Bangalore).
JNTU – Anantapur, India
Master of Technology · Computer Science
August 1, 2016 – June 30, 2016
KPMG Global Services
Consultant - Cybersec
January 1, 2026 – Present
Bengaluru, Karnataka, India
RR Donnelley India Outsource Pvt Ltd
Not specified
March 1, 2024 – January 1, 2026
Chennai, Tamil Nadu, India
RNS Worldwide MSSP Pvt Ltd
Not specified
June 1, 2021 – March 1, 2024
Pune, Maharashtra, India
Project Experience (3)
June 19, 2026 – Present
Managed assignments and client relationships by developing Security Assessment Plan, Security Assessment Report, Security Assessment Questionnaire, Rules of Engagement, kick off Brief, and Exit Brief templates. Performed Vulnerability Assessments and Data Classification. Performed host, network, web application, penetration tests. Created/Reviewed Security Policies, Standards and Procedures. Proposed remediation strategies for remediating system vulnerabilities. Provided technical review and testing of new technologies such as Enterprise security. Advised on secure data deletion and equipment sanitization, decommissioning. and reuse guidelines for high security environments. Experienced in using Kali Linux to do web application assessment with tools like Dirbuster, gobuster, nikto, SQLmap, Nmap etc. Coordinated with dev team to ensure closure of reported vulnerabilities by explaining the ease of exploitation and impact of the issue. Conducted security event monitoring for corporate wide in-scope networks & applications. Conducted onsite penetration tests from an insider threat perspective. Identified the critical, High, Medium, Low vulnerabilities in the application based on OWASP Top 10 and SANS 25 and prioritizing them based on the criticality.
Project Experience (2)
June 19, 2026 – Present
Performed Vulnerability Assessments and Data Classification. Performed host, network, web application, app penetration tests. Proposed remediation strategies for remediating system vulnerabilities. Provided technical review and testing of new technologies such as Enterprise security. Advised on secure data deletion and equipment sanitization, decommissioning. and reuse guidelines for high security environments. Conducted security event monitoring for corporate wide in-scope networks & applications. Found common web site security issues (XSS, CSRF, SQL injection, information leakage, application logic etc.) across various platforms. Directed research pertaining to the latest vulnerabilities, tools, and the latest technological advances in combating unauthorized access to information. Conducted wireless pen-testing in various environments. Created secure virtualized labs for exploit creation & developed proof-of-concept exploits, malware distribution analysis and security product testing.
Project Experience (1)
June 19, 2026 – Present
Managed assignments and client relationships by developing Security Assessment Plan, Security Assessment Report, Security Assessment Questionnaire, Rules of Engagement, kick off Brief, and Exit Brief templates. Performed Vulnerability Assessments and Data Classification. Performed host, network, web application, penetration tests. Created/Reviewed Security Policies, Standards and Procedures. Proposed remediation strategies for remediating system vulnerabilities. Provided technical review and testing of new technologies such as Enterprise security. Advised on secure data deletion and equipment sanitization, decommissioning. and reuse guidelines for high security environments. Conducted security event monitoring for corporate wide in-scope networks & applications. Conducted onsite penetration tests from an insider threat perspective. Conducted wireless pen-testing in various environments. Created secure virtualized labs for exploit creation & developed proof-of-concept exploits, malware distribution analysis and security product testing. Found common web site security issues (XSS, CSRF, SQL injection, information leakage, application logic etc.) across various platforms. Directed research pertaining to the latest vulnerabilities, tools, and the latest technological advances in combating unauthorized access to information.
Cultural Fit Analysis
The candidate has worked across multiple organizations (KPMG, RR Donnelley, RNS Worldwide) and has experience with diverse project types including internal network VAPT, web application VAPT, VOIP server VAPT, and wireless network VAPT for government organizations and IT companies in different geographical locations (Dubai, Abu Dhabi, Sharjah). This suggests adaptability and exposure to varied work cultures and client requirements, indicating a reasonable cultural fit for roles requiring diverse engagement.
Soft Skills & Operational Fit
The candidate's resume indicates experience in managing client relationships, coordinating with dev teams, and leading technical review meetings, suggesting good communication and collaboration skills. The repeated project descriptions, however, make it difficult to assess the breadth of operational experience beyond core VAPT tasks. The ability to work in a challenging environment is mentioned, but not explicitly demonstrated with examples.