Penetration Tester & Product Security Expert
📍 Hyderabad, India
Cybersecurity professional with 4+ years of experience in application, cloud, and AI/LLM security. CEH-certified with a proven track record of uncovering 250+ vulnerabilities across 100+ security assessments. Specialized in OWASP frameworks, advanced penetration testing, and securing AI-powered products. Skilled at bridging offensive security insights with practical, scalable product defenses.
I am a Security Analyst with 4+ years of experience in application, cloud, and AI security, currently working as a Security Testing Analyst at Infosys Limited. I bring hands-on expertise in identifying and mitigating vulnerabilities across applications, systems, chatbots, and AI platforms including large language models (LLMs).
Over the course of my career, I have conducted 100+ security assessments and penetration tests on web applications, APIs, cloud platforms, and AI-powered solutions, uncovering 250+ vulnerabilities, including multiple critical and high-severity issues. My remediation-focused approach has consistently helped organizations strengthen their security posture.
My expertise spans the entire security testing lifecycle — from requirements analysis and test plan design to execution, reporting, and remediation guidance. Beyond penetration testing, my work in product security covers:
I specialize in vulnerability management, secure coding practices, and cloud security, with a strong foundation in OWASP and NIST frameworks.
Advancing expertise in cutting-edge security domains
Improving secure coding practices, SAST/DAST pipelines, and CI/CD security automation to build security-first development workflows
Using AI/LLM models to enhance security testing, automate vulnerability discovery, and improve testing efficiency across security assessments
Assessing the security of AI-driven platforms, including LLMs and AI-integrated enterprise applications, to prevent attacks such as prompt injection, data leakage, and model evasion
Technical expertise and security tools proficiency
Pentested 75+ enterprise BI applications handling critical and sensitive data. Assessed authentication, authorization, data validation, session management, and OWASP Top 10 vulnerabilities, uncovering SQL injection, privilege escalation, unauthorized access, sensitive data exposure, and DoS issues, and delivered actionable remediation recommendations.
End-to-end security evaluation of hybrid AWS/Azure infrastructure using automated tools like Prowler and ScoutSuite. Assessed IAM configurations, network security, storage encryption, and compliance with CIS benchmarks. Provided detailed remediation roadmap for 50+ security findings.
Security testing of an enterprise AI chatbot system powered by large language models. Evaluated prompt injection vulnerabilities, content filtering bypasses, and data leakage risks. Developed specialized testing methodologies for LLM-specific attack vectors and model behavior analysis.
Performed architecture-level threat modeling for cloud-based platforms using the STRIDE framework. Identified potential attack vectors and provided targeted risk mitigation strategies, ensuring security considerations were addressed before development for multiple enterprise applications and AI platforms.
Conducted comprehensive API security assessments for platform, wallet, and business application APIs (REST & GraphQL), uncovering authentication and authorization flaws, data exposure, and rate-limiting vulnerabilities. Provided actionable remediation recommendations and implemented automated testing workflows using Burp Suite and custom Python scripts.
Professional security certifications and credentials
Recognition for excellence and outstanding performance
Honored with Infosys' prestigious Platinum Club recognition, awarded to the top 1% of employees for consistently delivering excellence and driving high-impact outcomes.
2024Achieved the highest performance rating in the team for two consecutive years, demonstrating exceptional technical expertise and consistent delivery of superior results.
2023-2024Ready to discuss your security needs or collaborate on projects