[email protected] | linkedin.com/in/bhavsec

PROFILE


  • Information security enthusiast with Certified Ethical Hacker certification and strong interest in information security, specifically penetration testing and offensive security.
  • Strong background in security tools, emerging technologies, processes and best practices.
  • An author of ReconSpider an Open-Source Intelligence (OSINT) security tool on GitHub.
  • Reported Security Vulnerabilities in Netherlands Government, Dell, Sophos etc.

TECHNICAL EXPERTISE


Networking: Storage Networks, Network Security, Server Networks, IP Protocols, LAN/WAN Switching, Troubleshooting.

Security Assessment: SAST, DAST, VAPT, Open-Source Analysis, OWASP top 10, Mitre Att&ck Framework, SANS top 25.

Operating Systems: Ubuntu, CentOS, Kali Linux, Mac OS, Windows Servers.

DevOps technologies: Docker, CI /CD, Private Cloud, Web Server, AWS Cloud, Python, Bash.

Security & Testing tools: Acunetix, BloodHound, Checkmarx, Burp Suit, Tenable Nessus, Nmap, gobuster, IBM AppScan, Metasploit, OWASP ZAP, Netsparker, Postman, Wireshark etc.

CERTIFICATIONS & TRAININGS


Foundations of Operationalizing MITRE ATT&CK - AttackIQ - Aug 2021

Splunk 7.x Fundamentals Training - Splunk Education - Jul 2021

[NSE1] Fortinet Network Security Expert Level 1: Certified Associate - Jun 2021

Cyber Security Essentials - Cisco - Jun 2021

[PCEP-30-01] PCEP - Certified Entry-Level Python Programmer - Jun 2021

[CEH V10] Certified Ethical Hacker - EC-Council - Dec 2020

MacOS for IT Administrators - LinkedIn Learning - May 2020

Unix Badge - Pentester Lab - Apr 2020

Learn HTML - Codecademy - Oct 2018

Applied CS with Android - Google - Sept 2017

C/C++, PHP, MySQL Trainings - IIT Bombay (Govt. of India) - Mar 2017

AFCEH 9.0 - Talent Edge Bangalore - Oct 2015

EXPERIENCE


Application Security Analyst - Gore Mutual Insurance, Ontario, Canada - Aug 2021 - Present

  • I’ll update it after getting atleast 2 months of experience

Application Security Tester - Saluber MD LLC., Remote - Aug 2020 - July 2021

  • Experience with managing an enterprise level SIEM platform.
  • Strong understanding of variety of IT systems, applications and configurations.
  • Prioritizing and classifying bugs according to severity.
  • Familiarity with basic reverse engineering principles.

Network and Cyber Security Analyst - EH1 Infotech, Mohali, India - Jan 2019 - Oct 2019

  • Responsible for monitoring and debugging network connectivity issues using Wireshark for packet analysis.
  • Analyzed Security of an IT development firm, tested the vulnerabilities, securing the site from threats.
  • Configured Microsoft Windows servers, setup and deployed domain controllers, VMs & Active Directory.
  • Performed VAPT and provided recommendations to management on Security implementation.

Founder and Leader - Security and Research Community - SECARMY - Feb 2019 - Jan 2020

  • Organizing Capture-The-Flag (CTF) competitions.
  • Writing security concerning blogs and posts.
  • Making podcasts with security researchers around the world.
  • Broadcasting cyber security-related conferences & webinars.

Security Consultant Intern - Supive Technologies Chandigarh, India - Jun 2018 - Dec 2018

  • Implemented best practices of securing the overall web-applications.
  • Responsible for securing the web applications of an online business module.
  • Performing vulnerability assessment and penetration testing on projects.

Volunteer Team Leader - Intersquad Cyber Intelligence New Delhi, India - Mar 2018 - Apr 2018

  • Worked remotely in the Security Team of Inter Squad Cyber Intelligence.
  • Tested web-applications and reported various bugs/vulnerabilities.
  • Organized a hackathon based on cybersecurity for attendees.
  • Supervise the whole conference as a team manager.

EDUCATION


Attestation of College Studies in Computer Science and Software Testing - 2020 - 2021

Matrix College of Management Technology and Healthcare Inc - Montreal, QC

  • Major in Computer Science; Minors in Software Testing
  • Cumulative GPA: 4.0/4.0; (Top 10% of class)
  • Relevant Coursework: Software Development; Operating Systems; Algorithms

Diploma in Computer Engineering (Verified by WES) - 2015 - 2018

Chandigarh Polytechnic College - Punjab, India


The Tribune Newspaper - WanaCry Ransomware Research

Covered in news article on The Tribune Newspaper for spreading awareness regarding removal of WannaCry ransomware and protecting personal files by creating a system restore point.

www.tribuneindia.com

National Cyber Security Center - Reported bug in Netherlands Government Website

Bugcrowd - Hall of Fame - Reported bugs in Companies like Dell, Sophos, DarkMatter etc.

PROJECTS

Recon Spider - Open Source Intelligence Framework (GPL-3.0 License)

Recon Spider is most Advanced OSINT Framework for scanning IP Address, Emails, Websites, Organizations and find out information from different sources available on the internet about the target.

www.github.com/bhavsec/reconspider