8 Years of Experience


Jan, 2019 - Present
HackerU India

Head of Cyber Security (Red Team)

  • Managing the entire Red Teaming Program for HackerU India division.
  • Training advanced cyber security topics.
  • Researching new attack vectors in Red Teaming.
  • Mentoring 100s of students for career in information security.

Nov, 2018 - Jan, 2019

Lead Security Engineer (Product Security Team)

  • Performing vulnerability assessments and penetration testing on regular basis on various products including web, mobile and aws.
  • Automate security checks and integrate into the current CI/CD pipelines.
  • Working with developers to address security issues.
  • Educating developers on secure coding practices with workshops, talks, and lessons.
  • Working on security automation Web, Mobile (iOS, Android), AWS Security assessments.
  • Leading and mentoring team of 7 security engineers.

Oct, 2017 - Nov, 2018

Senior Security Engineer

  • Working on end to end Application Security, AWS Security. Periodic security audits, Actions on findings.
  • Handled Lithium (B2B) bug bounty program.
  • Conducted training for developers on Secure Web App Development, Secure Mobile App Development.
  • Performed security assessment of each sprint, mobile sdk (iOS and Android).
  • Conduct threat modeling, vendor risk analysis.
  • Communicating to clients, (senior) management, and fellow engineers regarding security issues.
  • Support pre-sales in the scoping of security requirements for clients.

Feb, 2016 - Oct, 2017
Philips Healthcare

Senior Software Engineer (Product Security)

  • Performed security assessment of healthcare devices.
  • Visited Philips development center across the world and conducted secure development training for developers.
  • Worked on various IoT Pentest.
  • Presented Philips at various security conferences

Jan, 2013 - Dec, 2015
Persistent Systems Ltd

Domain Consultant (Security)

  • Conducted VA PT assessments for telecom, financial, healthcare and Social clients.
  • Performed Network, Web, Android and iOS Pentest for clients.
  • Worked on Source Code review for Java based enterprise application.


MIT College of Engineering, Pune

Bachelor of Engineering (IT)


OSCE (Offensive Security Certified Expert)


CREST Registered Penetration Tester


AWS Certified Cloud Practitioner


OSWP (Offensive Security Wireless Professional)


OSCP (Offensive Security Certified Professional)


Open Source Projects


Tech Stack:  Objective C, OWASP Mobile Top 10

Role:  iGoat is a learning tool for iOS developers (iPhone, iPad, etc.) and mobile app pentesters. iGoat was inspired by the WebGoat project, and has a similar conceptual flow to it.
As such, iGoat is a safe environment where iOS developers can learn about the major security pitfalls they face as well as how to avoid them.
It is made up of a series of lessons that each teach a single (but vital) security lesson.

My skills

Vulnerability Assessment & Penetration Testing


Web, API, iOS & Android Application Pentesting


Network, AWS, Azure and Google Cloud Security Audits


Exploit Dev, Lateral Movement, AV Bypass Techniques


Security Automation, OSINT, Threat Modelling


Security compliance, ISO 27001, PCI-DSS, HIPAA, GDPR