[email protected] | linkedin.com/in/bhavsec


  • Information security enthusiast with industry level certifications and a strong interest in penetration testing and offensive security.
  • Strong background in security tools, emerging technologies, processes and best practices.
  • An author of ReconSpider an Open-Source Intelligence (OSINT) security tool on GitHub.
  • Reported Security Vulnerabilities in Netherlands Government, Dell, Sophos etc.


Networking: Storage Networks, Network Security, Server Networks, IP Protocols, LAN/WAN Switching, Troubleshooting.

Security Assessment: SAST, DAST, VAPT, Open-Source Analysis, OWASP top 10, Mitre Att&ck Framework, SANS top 25.

Operating Systems: Ubuntu, CentOS, Kali Linux, MacOS, Windows Servers.

Cloud/DevOps technologies: Docker, CI /CD, Azure, Web Server, AWS Cloud, Python, Bash.

Security & Testing tools: Snyk, BloodHound, Veracode, Burp Suite, Tenable.io, Nmap, gobuster, ExtraHop, Metasploit, OWASP ZAP, Netsparker, Postman, Wireshark etc.


eCPPT - eLearn Security Certified Professional Penetration Tester - June 2022

ThrowBack Network - AD Pentesting Network - TryHackMe - May 2022

eJPT - eLearn Security Junior Penetration Tester - INE - Jan 2022

Introduction to Azure Penetration Testing - Altered Security - Jan 2022

[SC-900] Microsoft Certified: Security, Compliance, and Identity Funtamentals - Nov 2021

Security Engineering on AWS - Amazon Web Services - Oct 2021

Foundations of Operationalizing MITRE ATT&CK - AttackIQ - Aug 2021

Splunk 7.x Fundamentals Training - Splunk Education - Jul 2021

[NSE1] Fortinet Network Security Expert Level 1: Certified Associate - Jun 2021

Cyber Security Essentials - Cisco - Jun 2021

[PCEP-30-01] PCEP - Certified Entry-Level Python Programmer - Jun 2021

[CEH V10] Certified Ethical Hacker - EC-Council - Dec 2020

MacOS for IT Administrators - LinkedIn Learning - May 2020

Unix Badge - Pentester Lab - Apr 2020

Learn HTML - Codecademy - Oct 2018

Applied CS with Android - Google - Sept 2017

C/C++, PHP, MySQL Trainings - IIT Bombay (Govt. of India) - Mar 2017

AFCEH 9.0 - Talent Edge Bangalore - Oct 2015


Senior Security Analyst - Gore Mutual Insurance, Ontario, Canada - July 2022 - Present

Application Security Analyst - Gore Mutual Insurance, Ontario, Canada - Aug 2021 - July 2022

  • Conducting source code reviews using Veracode and Snyk, triaging and reporting vulnerabilities, guiding developers with vulnerability remediation.
  • Performing automated and manual vulnerability assessments and penetration tests on web applications, networks and infrastructure.
  • Conducting focused research on newly identified threats and vulnerabilities.
  • Providing recommendations on system patching, hardening of web application and servers to mitigate potential risks.

Application Security Tester - Saluber MD LLC., Remote - Aug 2020 - July 2021

  • Experience with managing an enterprise level SIEM platform.
  • Strong understanding of variety of IT systems, applications and configurations.
  • Prioritizing and classifying bugs according to severity.
  • Familiarity with basic reverse engineering principles.

Network and Cyber Security Analyst - EH1 Infotech, Mohali, India - Jan 2019 - Oct 2019

  • Responsible for monitoring and debugging network connectivity issues using Wireshark for packet analysis.
  • Analyzed Security of an IT development firm, tested the vulnerabilities, securing the site from threats.
  • Configured Microsoft Windows servers, setup and deployed domain controllers, VMs & Active Directory.
  • Performed VAPT and provided recommendations to management on Security implementation.

Security Consultant Intern - Supive Technologies Chandigarh, India - Jun 2018 - Dec 2018

  • Implemented best practices of securing the overall web-applications.
  • Responsible for securing the web applications of an online business module.
  • Performing vulnerability assessment and penetration testing on projects.


Founder and Leader - Security and Research Community - SECARMY - Feb 2019 - Jan 2020

  • Organizing Capture-The-Flag (CTF) competitions.
  • Writing security concerning blogs and posts.
  • Making podcasts with security researchers around the world.
  • Broadcasting cyber security-related conferences & webinars.

Volunteer Team Leader - Intersquad Cyber Intelligence New Delhi, India - Mar 2018 - Apr 2018

  • Worked remotely in the Security Team of Inter Squad Cyber Intelligence.
  • Tested web-applications and reported various bugs/vulnerabilities.
  • Organized a hackathon based on cybersecurity for attendees.
  • Supervise the whole conference as a team manager.


Attestation of College Studies in Computer Science and Software Testing - 2020 - 2021

Matrix College of Management Technology and Healthcare Inc - Montreal, QC

  • Major in Computer Science; Minors in Software Testing
  • Cumulative GPA: 4.0/4.0; (Top 10% of class)
  • Relevant Coursework: Software Development; Operating Systems; Algorithms

Diploma in Computer Engineering (Verified by WES) - 2015 - 2018

Chandigarh Polytechnic College - Punjab, India

The Tribune Newspaper - WanaCry Ransomware Research

Covered in news article on The Tribune Newspaper for spreading awareness regarding removal of WannaCry ransomware and protecting personal files by creating a system restore point.


National Cyber Security Center - Reported bug in Netherlands Government Website

Bugcrowd - Hall of Fame - Reported bugs in Companies like Dell, Sophos, DarkMatter etc.


Recon Spider - Open Source Intelligence Framework (GPL-3.0 License)

Recon Spider is most Advanced OSINT Framework for scanning IP Address, Emails, Websites, Organizations and find out information from different sources available on the internet about the target.