CURRICULUM VITAE

Balaji Sharma

Security Analyst / Pen Tester

CEH / OSCP

E-mail: adfwnm@r.postjobfree.com

: +91-808*******

Summary

5+ years of experience in Cyber Security Domain that includes vulnerability assessment and penetration testing of web applications, networks and android apps, proficient in security research, planning and execution.

Objective

Interested to work as cyber security professional where my knowledge and skills are better utilized for reaching goals of my organization, which in turn would enhance my personal growth and abilities for reaching higher levels step by step in the organization. Experience

Company: Tech Mahindra

Designation: Security Analyst

Duration: 10th Dec 2018 – Till Date

Project: Telecom

Roles and responsibilities:

- Involved in Security Testing of Web Application.

- Involved in Vulnerability Assessment and Penetration Testing of Network.

- Involved in Security Testing of Android apps.

- Involved in Secure Code review.

- Penetration testing of APIs.

- Configuration review of Firewall, Switch, Router and Database.

- Preparation of reports.

- Co-ordinate with Development team to patch the Vulnerabilities.

- Managing Security tool licenses (Purchase, upgradation & renewal) .

- Managing vulnerability assessment and research & development center lab Company: Network Intelligence Pvt Ltd

Designation: Cyber Security Analyst

Duration: 4th Dec 2017 – 30th Nov 2018

Project:

- Performed web application pen testing for various clients and figured out critical vulnerabilities like SQLi, Hidden XSS, RCE, Account Take Over etc.

- Worked on Black Box project for Abu-Dhabi clients and found Reflected XSS and open redirection in applications which were already tested and patched.

- Performed penetration testing on web applications and network for Abu Dhabi clients.

- Performed penetration testing of web application, mobile application and network at various client locations.

- Tested various banking web applications and mobile applications.

- Performed security testing of PayZaap mobile application by HDFC and was successfully able to bypass Root detection and SSL pinning.

- Performed security testing of data over voice on POS Machine.

- Currently working at client location and my role is to secure their network and pen testing of various E-Commerce, Banking, and Content management applications. Roles and responsibilities:

- Penetration testing of web application like.

- Vulnerability assessment and penetration testing of network.

- Penetration testing of API.

- Penetration testing of android application.

- Configuration review of various network devices.

- Preparation of reports.

- Performing penetration testing at client location.

- Communicating with clients regarding projects.

Company: Cybage Software Pvt Ltd

Designation: Technical Support Executive

Duration: 8th June 2015 – 1st Dec 2017

Project: Yesmail Enterprise 7 and Yesmail 360i

Project Description: The project deals with the cross-channel communication platform within Yes Lifecycle Marketing. Yesmail delivers beyond the boundaries of traditional email service providers to seamlessly integrate email, SMS, Push, social media. Yesmail helps enterprises to get connected directly to their subscribers via sending notification emails, SMS. Yesmail tool is used for sending bulk emails to end users.

Project: Domo

Project Description: Domo, Inc is a form of business intelligence (BI) that is a business management platform, delivered as a service, to CEOs and executives. The service is designed to provide direct, simplified, real time access to business data without any IT involvement. It is a software-as-a-service (SaaS) venture.

Roles and responsibilities:

- Responsible for performing security testing.

- Managing software releases with performing penetration testing before and after change in software.

- Handling customer complaints regarding the product.

- Monitoring cyber-attacks on application.

- Checking alerts related to software from monitoring tools like Zenoss, New-relic, Splunk and Thousand Eyes.

- Performing penetration testing on various end points of application.

- Involved in daily status calls, meetings and sending the status mails to the client regularly.

- Running automation tools like Nessus, Netsparker, Nikto, Spiderfoot.

- Performing network penetration testing of client IPs. Education:

- S.S.C Passed in 2008 from Priyadarshani English Medium School (Maharashtra Board)

- H.S.C Passed in 2010 from M.I.T College (Maharashtra Board)

- BCA – Bachelor’s in computer application from Foresight College in 2013 (Pune University)

- PGDBM - Post-graduation diploma in business management (Information technology) From Foresight College in 2016 (Pune University)

Certification:

- OSCP (Offensive Security Certified Professional) – July 2020

- CEH (Certified Ethical Hacker) – Nov 2017

- CISC (Certified Information Security consultant) from Institute of information security (IIS Pune) in 2017.

- JCHNE Certification from Jetking in 2011.

- Diploma in Software Testing from Profound in 2015. Security Tools Hands On:

IBM AppScan, HP Fortify Web Inspect, Wireshark, Nmap, Nikto, Nessus, Spiderfoot, Burpsuite, Sqlmap, Acunetix, Netsparker, John the Ripper, Traceroute, Hydra, Anonsurf (anonymity), Ettercap, Metasploit Framework, Aircrack-ng, Firebug, Wappalyzer, apk-tool, apk-signer, JD-GUI, ADB, Drozer etc.

Monitoring Tools Hands On:

Zenoss, New-relic, Splunk and Thousand Eyes.

Co-curricular Activities:

- Conducted workshops in School and College on Ethical Hacking

- Played Inter-School and Inter-District in Karate Championship Personal Profile

Name : Balaji Sharma

Father’s Name : Paramhans Sharma

Address : Sr.no:73, Trimurti Colony, Adarsh nagar, Dighi, Pune Date of Birth : 15th Jul 1993

Marital Status : Married

Contact this candidate