Resume

Application Security Engineer

• Methodically identify, exploit, and document security vulnerabilities in business-critical web applications and APIs, utilizing tools like Burp Suite and Metasploit to mitigate OWASP Top 10 threats.
• Spearheaded the secure code review process, conducting rigorous Pull Request (PR) reviews to enforce secure coding standards. Acted as the final quality gatekeeper to prevent vulnerabilities (SQLi, XSS) from reaching production.
• Orchestrated secure CI/CD pipelines using GitHub Actions, designing custom workflows that automate security testing (SAST/DAST) and streamline deployment, ensuring rapid yet secure delivery cycles.
• Fortified cloud infrastructure by implementing best practices for AWS and GCP environments. Hardened Docker containers and Kubernetes clusters to minimize the attack surface and ensure robust runtime protection.
• Managed and mentored a team of developers and interns, overseeing daily operations. Led the end-to-end recruitment process by conducting technical interviews and hiring new talent, fostering a high-performance engineering culture.
• Designed and delivered comprehensive training programs for new employees and interns, focusing on secure coding principles and operational best practices to reduce vulnerability introduction rates.
• Architected secure network layers by configuring Nginx as a reverse proxy and managing SSL/TLS certificate lifecycles, ensuring encrypted communication and defense against Man-in-the-Middle attacks.
• Acted as the primary point of contact for security incidents, analyzing alerts and executing rapid triage and escalation procedures to maintain operational resilience and minimize business impact.

Offensive Security Practitioner

• Advanced penetration testing on multiple machines (Era, Mirage, Outbound, Faraday, Voleur, Sorcery)
• Windows & Linux exploitation, web application vulnerabilities, and Active Directory attacks
• Web exploitation techniques including SQLi, SSTI, credential harvesting, and CVE exploitation
• Active Directory enumeration and privilege escalation using BloodHound, Kerberoasting
• Post-exploitation techniques - DPAPI decryption, NTDS.dit extraction, persistence creation
• Secure source code reviews identifying logic flaws and OWASP Top 10 vulnerabilities

Senior Full Stack Engineer

• Directed the strategic migration of legacy systems to a modern Strapi and Next.js architecture, embedding security controls at the design phase ("Security by Design") to ensure the new framework eliminated historical technical debt and vulnerability inheritance.
• Led the end-to-end development of bespoke Strapi plugins and custom backend modules, optimizing system performance and ensuring seamless, secure data handling between microservices.
• Designed and implemented granular Role-Based Access Control (RBAC) and logical data segregation within the CMS ecosystem, ensuring strict adherence to the Principle of Least Privilege for diverse user groups.
• Integrated complex backend services with Next.js frontends, engineering robust connections that prioritized responsive user experience while enforcing secure data rendering and state management practices.
• Collaborated on organizational change management and service desk initiatives, aligning technical deliverables with corporate IT policies and security governance procedures to meet strict compliance goals.
• Proactively evaluated and prototyped emerging tools for the development stack, driving the modernization of integration processes and optimizing the software delivery lifecycle for efficiency and security.

Software Development Analyst / Full Stack Developer

• Spearheaded the end-to-end development of complex SaaS and B2B ERP systems using Python, Node.js, React.js, and Vue.js (TypeScript). Designed responsive, modern UIs with Tailwind CSS while strictly adhering to SOLID principles.
• Engineered robust CI/CD pipelines using Ansible, Buildkite, Jenkins, and GitHub Actions/Workflows. Automated Docker containerization and Kubernetes orchestration to achieve zero-downtime deployments and consistent environments.
• Orchestrated cloud-native infrastructure on AWS and GCP, managing Linux server images and custom configurations. Implemented infrastructure-as-code to streamline provisioning and optimize server performance.
• Architected scalable microservices and implemented event-driven architecture using Kafka for real-time data processing. Developed high-performance REST APIs and GraphQL endpoints (tested via Postman) to facilitate seamless communication between services.
• Designed complex, high-availability database schemas for PostgreSQL, MongoDB, and SQL. Implemented robust database backup strategies using WAL scripts and performed rigorous optimization for data integrity.
• Architected secure authentication flows using OAuth2 and OIDC for payment gateway integrations and SMTP services. Implemented HashiCorp Vault for secret management and integrated Snyk for vulnerability scanning.
• Enhanced system reliability by implementing monitoring stacks with Prometheus, Grafana, Splunk, and AWS CloudWatch. Leveraged AI coding tools like Claude, Gemini, and Codex to accelerate development cycles.

Application Engineer

• Integrated ERP solutions and IoT devices for enterprise resource planning
• Designed complex reports and customized business processes
• Worked on database integrity, workflow automation, and internationalization

• OSCP+ (OffSec Certified Professional Plus)

Master of Technology (MTech)

• Computer Software Engineering

Bachelor of Engineering (BE)

• Computer Engineering