monster200360

Discovered 10+ critical vulnerabilities in the organization’s APIs and web applications | Performed penetration testing of the organization’s mobile app, API, and web applications using Burp Suite, Frida, and MobSF | Administered the Continuous Vulnerability Management process | Conducted quarterly DAST scans of the PCI segment using Rapid7 Nexpose | Performed SCA scans of the entire organization’s codebase using Snyk | Worked with DefectDojo to document vulnerabilities and create remediation tasks in Jira | Developed a Telegram bot in Python to receive real-time alerts from IBM QRadar | Contributed to the development of the company’s SDLC documentation | Piloted the Krontech PAM system and created documentation and video-based user guides for the organization’s knowledge base | Developed Windows 10/11/Server “golden image” security standards based on CIS Benchmarks | Administered servers and workstations running Red Hat Enterprise Linux, SUSE Linux, Ubuntu Linux, and Windows 10/11 on VMware and Azure | Participated in additional security research activities, including exploring the HackRF toolkit.

Participated in 10+ task-based CTF competitions | Developed and delivered a lecture on XSS vulnerabilities | Worked with cybersecurity tools such as Burp Suite, OWASP ZAP, Nmap, Wireshark, Gobuster, Dirbuster, ffuf, Hydra, Aircrack-ng, Metasploit Framework, Nessus, YARA, and others.