- Lead and supervise advanced offensive security operations, including VAPT and Red Teaming.- Stay updated on the latest cybersecurity threats, techniques, and technologies for continuous improvement.- Develop tailored strategies for penetration testing and red teaming.- Provide strategic guidance and oversight for the organization's overall cybersecurity posture.- Lead presales activities, crafting technology-based proposals for end-to-end cybersecurity management.- Act as a mentor to the cybersecurity team, fostering a positive work environment and professional development.- Build and maintain strong client relationships, serving as a trusted advisor on cybersecurity matters.- Advocate for cutting-edge technology tools to enhance cybersecurity services, particularly in monitoring, management, and incident response.- Act as a liaison between the product development team and clients.- Lead and train a team of highly skilled penetration testers, ensuring certifications in PT and Red Teaming (e.g., OSCP and CRTP).- Foster a culture of innovation and excellence within the team, promoting continuous skill development.- Play a pivotal role in obtaining and maintaining accreditations such as CERT-IN and CREST.- Provide strategic leadership in developing and implementing cybersecurity policies and procedures.- Engage in continuous research to evaluate emerging cybersecurity trends and technologies.- Represent the organization in industry conferences, forums, and collaborative initiatives.- Drive incident response planning and execution, ensuring effective response to security incidents.- Manage and increase VAPT sales year on year through strategic business development initiatives.- Establish and maintain relationships with key clients and partners to enhance VAPT service offerings and market presence.

- Lead Offensive Security Consulting, specializing in VAPT and Red Teaming.- Oversee the entire consulting portfolio, contributing to defensive security with expertise in MITRE TTPs.- Develop tailored strategies for penetration testing, red teaming, and SOC consulting, with a focus on proactive threat hunting.- Manage presales activities, crafting technology-based proposals and ensuring end-to-end cybersecurity management.- Serve as a mentor, fostering a positive work environment and building strong client relationships.- Advocate for technology tools to enhance cybersecurity services, emphasizing monitoring and management.- Act as a liaison between the product development team and clients, facilitating real-world use cases for effective SOC operations.- Lead and train a team of highly skilled penetration testers, ensuring certifications in PT and Red Teaming, including OSCP and CRTP.- Assist the organization in obtaining accreditation such as CERT-IN and CREST.

- Assumed leadership in refining and optimizing the Red Team within the organization, continuously assessing the effectiveness of defensive mechanisms implemented by the Blue Team, and implementing strategic improvements as needed.- Led a team in the execution of comprehensive Red Team activities, overseeing vulnerability assessments across diverse platforms, including on-premises, AWS, Azure, and Google Cloud servers. Employed a sophisticated blend of automated tools and manual techniques to ensure robust security testing.- Managed end-to-end activities related to Vulnerability Assessment & Penetration Testing (VAPT), Secure Code Review (SAST/DAST), and evaluated third-party PT & Red Team vendors. Oversaw the entire process to meet audit requirements, ensuring seamless collaboration and effective management with external partners.- Developed and executed a strategic plan to cover MITRE ATT&CK Tactics/Techniques and Procedures (TTPs) across the infrastructure. This involved identifying potential security gaps and providing detailed tracking through ServiceNow and interactive weekly dashboards. Continually educated the defense (Blue Team) to enhance the overall security posture.- Provided essential support for ongoing engagement activities involving Qualys, Nessus, Cymulate, BitSight, fostering a collaborative environment among team members to ensure the timely closure of security issues.- Delivered clear and concise communication of technical findings to leadership, utilizing a risk-based approach to enhance their understanding of the firm's evolving security posture.- Collaborated with stakeholders to ensure the timely closure of Red Team findings, aligning with agreed-upon Service Level Agreements (SLAs).- Contributed to the strategic planning and decision-making processes within the Threat Vulnerability Management Team, actively participating in initiatives to elevate the overall effectiveness of cybersecurity operations."

Contributor to the Threat Vulnerability Management Team (TVM):- Spearheaded the establishment of a Red Team within the organization, evaluating the effectiveness of defensive mechanisms set up by the Blue Team.- Held accountable for leading and executing Red Team activities, including vulnerability assessments across diverse platforms such as on-premises, AWS, Azure, and Google Cloud servers, utilizing a combination of automated tools and manual techniques.- Executed Vulnerability Assessment & Penetration Testing (VAPT), Secure Code Review (SAST/DAST), and assessed potential third-party PT & Red Team vendors to meet audit requirements, overseeing end-to-end management with vendors.- Formulated a strategic plan to cover MITRE ATT&CK Tactics/Techniques and Procedures (TTPs) across the infrastructure, identifying potential gaps and providing detailed tracking through ServiceNow and interactive weekly dashboards to educate the defense (Blue Team) for enhancing security posture.- Supported ongoing engagement activities in Qualys, Nessus, Cymulate, BitSight, fostering collaboration among team members to ensure timely closure.- Effectively communicated technical findings to leadership using a risk-based approach, aiding in their understanding of the firm's security posture on an ongoing basis.- Collaborated with stakeholders to ensure the timely closure of Red Team findings within agreed-upon Service Level Agreements (SLAs).- Offered guidance and mentorship to junior engineers, maintaining consistent high standards of work ethics and reporting quality.

- Conducting in-depth security analyses of software applications based on project requirements.- Demonstrating substantial expertise in web application attacks and defense strategies, encompassing knowledge of OWASP Top 10 and CWE Top 25 (SQL injection, XSS, CSRF, DoS, logic flaws, API attacks, etc.).- Conducting secure code reviews both manually and using automated tools like Veracode.- Utilizing application security tools, including web application security scanners, static code analysis, and vulnerability scanners.- Applying penetration testing techniques with tools such as Nessus, Burp, Volatility Framework, Metasploit, etc.- Executing penetration tests on client networks to uncover security vulnerabilities.- Validating client applications, conducting in-depth code analyses from a security perspective, and proposing mitigation strategies to address security flaws at the code level in line with project requirements.- Identifying critical system security loopholes through comprehensive scanning with tools like nmap, Nessus, etc.- Identifying security vulnerabilities in mobile applications across various platforms (iOS/Android/Windows).- Formulating responses for Request for Proposals (RFPs) for prospective clients and providing quotations for services/skills.- Conducting PCI DSS compliance validation alongside Vulnerability Assessment and implementing Segmentation controls.- Making contributions to the security community through research, open-source projects, blogs, or publications.

- Oversight of high-level content management updates, remediations, and reviews, ensuring alignment with organizational objectives through direct engagement with Directors and Partners.- Facilitation of weekly team calls to maintain open communication and keep the US counterpart informed about ongoing and upcoming projects.- Assistance in developing a comprehensive training plan for new hires to ensure a smooth onboarding process and effective assimilation into the team.- Active participation in senior analyst focus group discussions to enhance team learning, promote knowledge sharing, and facilitate conflict resolution.- Provision of mentorship and guidance to new hires through on-the-job training, accelerating their acclimatization to roles and responsibilities.- Introduction of new modules in the SharePoint tracking site, showcasing adaptability and technological proficiency to enhance project tracking capabilities.- Management of updates to the SharePoint tracking site to ensure its relevance and effectiveness in meeting evolving project management needs.- Maintenance of existing workflows within the SharePoint tracking site, guaranteeing seamless functionality and promoting operational consistency.

- Accountable for content management within the 'Deloitte Audit' domain for practitioners.- Led project management and owned individual client relationships in Chile, India, Portugal, and Mexico.- Oversaw end-to-end service delivery, ensuring high-quality content for clients.- Engaged with clients to assess qualifications, gather requirements, and presented findings to the team.- Utilized CMS tools (Xmetal, EMS, web applications) for efficient content management.- Authored, reviewed, and published content in the production environment.- Demonstrated the ability to understand and communicate technical challenges, providing solutions in a non-technical manner.- Conducted comprehensive quality reviews at various project stages through peer and final evaluations.

- Managed content using SharePoint 2010 Solution, overseeing the organization and accessibility of information.- Successfully migrated critical content from the SharePoint 2007 platform to SharePoint 2010, ensuring seamless data transfer.- Implemented a new layout using HTML for various content sections, employing content editor web-parts to enhance visual appeal and functionality.- Maintained regular and effective communication with US delegates to provide updates on project progress, address concerns, and ensure alignment with expectations.- Actively participated in project planning, contributing insights to coding strategies, and performed ongoing maintenance to optimize system performance and reliability."

Completed rigorous .Net training, including SQL Server 2005, AJAX, CSS, XML, and DLLs.