🔒 Cybersecurity Specialist | OSCP Certified | Web App & API Penetration Tester 🔒 📱 iOS Security EnthusiastWith a proven track record in securing web applications and APIs coupled with an Offensive Security Certified Professional (OSCP) certification, I am dedicated to fortifying digital ecosystems against sophisticated cyber threats.Professional Background:As an experienced web application and API penetration tester, I specialize in identifying and remedying vulnerabilities and perform end to end bug triaging across complex digital infrastructures. My expertise spans from performing in-depth assessments of web applications to scrutinizing APIs for security flaws, ensuring robust protection against potential exploits.Technical Proficiency:Web Application Security: Proficient in conducting comprehensive assessments to detect and address vulnerabilities such as SQL injection, IDOR's, cross-site scripting (XSS), and broken authentication.API Security Testing: Skilled in evaluating the security posture of APIs, including authentication mechanisms, data validation, and access controls, to safeguard against unauthorized access and data breaches.Threat Modeling: Capable of analyzing potential attack vectors and developing mitigation strategies to preemptively address security risks.Secure Code Review: Experienced in reviewing source code for security vulnerabilities and providing actionable recommendations for remediation and build abuse case review checklist's. iOS Security EnthusiastDriven iOS Security Enthusiast passionate about uncovering vulnerabilities in mobile applications. Possesses a good understanding of iOS security principles and leverages knowledge of common attack vectors (jailbreaking different ios devices, running custom frida code injection) to identify potential weaknesses.
-
Security EngineerCaterpillar Inc. Sep 2022 - PresentIrving, Texas, UsPart of the Cloud Operations Security Team supports the Cat Digital development community by providing Administration and SME responsibilities for the DevSecOps tools used in Cat Digital. Assisting the development teams in identifying and remediating vulnerabilities discovered during the development lifecycle. Setting guidelines, auditing, and compliance of supported tools.
-
It Security EngineerCaterpillar Inc. Mar 2020 - Sep 2022Irving, Texas, Us
-
Cyber Security AnalystPrincipal Financial Group Jul 2018 - Dec 2019Des Moines, Iowa, Us• Perform Penetration Tests and Vulnerability Analysis on web applications, mobile applications, thick clients, and embedded devices.• Adequately explain, present, demonstrate, and document the operational impact of a vulnerability.• Research and maintain proficiency in tools, techniques, countermeasures, trends in vulnerabilities, and other security topics.• Analyze business impact and exposure based on emerging security threats, vulnerabilities, risks and help to adjust our overall security strategy accordingly.• Perform technical security assessments as well as develop technical solutions to help mitigate security vulnerabilities. -
Penetration TesterIt Consulting Apr 2016 - Jun 2018•Identified and prioritized vulnerabilities (critical, high, medium, low) in applications and API’s based on the OWASP Top 10•Performed regular penetration testing (weekly or as needed) on various applications.•Developed Abuse case review checklist for API’s using API manager like APIGEE •Developed and presented a comprehensive security testing checklist to the company. •Ensured the security testing checklist covered all relevant security controls•Identified and reported vulnerabilities like file upload vulnerabilities, path traversal vulnerabilities, SQL injection vulnerabilities, and others. Collaborated with the development team to remediate these vulnerabilities.•Maintained and updated the security testing checklist regularly to reflect the latest threats and attack vectors. •Analyzed HP Fortify source code scan reports and coordinated with application vendors and penetration testers to prioritize application security testing.•Provided comprehensive knowledge transfer sessions to the development team to enhance their understanding of security vulnerabilities•Utilized various browser extensions like FoxyProxy, Wappalyzer, Live HTTP Headers, and Tamper Data during penetration testing to gather information and manipulate requests.
Gautam S. Education Details
-
New England CollegeCybersecurity -
International Technological University (Itu)Computer Software Engineering
-
St.Marys College Of Engineering And TechnologyComputer Science Engineering
Frequently Asked Questions about Gautam S.
What company does Gautam S. work for?
Gautam S. works for Caterpillar Inc.
What is Gautam S.'s role at the current company?
Gautam S.'s current role is IT Security Engineer at Caterpillar Inc..
What schools did Gautam S. attend?
Gautam S. attended New England College, International Technological University (Itu), St.marys College Of Engineering And Technology.
Who are Gautam S.'s colleagues?
Gautam S.'s colleagues are Matthew Johnston, Samuel Johnson, Sandy Maas, Wim Desmyter, Renan SimĂŁo, Desmyter Sonia, Edilene Fernandes.
Free Chrome Extension
Find emails, phones & company data instantly
Aero Online
Your AI prospecting assistant
Select data to include:
0 records Ă— $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial