BALASUBRAMANAIN S
Cyber Security & Pen Tester
Coimbatore
Summary
I served in the Corps of Signals of the Indian Army for 23 years, specializing in radio, exchange, satellite communication, surveillance systems, and computer networking. During tenure, actively participated in Vulnerability Assessment and Penetration Testing (VAPT) for all Indian Army web applications hosted on the internet, as well as those within the Indian Army's private network. As a committed cybersecurity professional, consistently achieved company goals through organized practices. Excel under pressure, adapt to new situations and challenges, and continually work to enhance organizational interests. Finally, retirement in December 2023 marked the end of a remarkable chapter.
As a part of Cyber security Open-Source Intelligence (OSINT) Analyst with a proven track record in gathering, analyzing, and synthesizing information from publicly available sources. Adept at utilizing various tools and techniques to uncover insights related to individuals, organizations, and cyber threats. Skilled in producing comprehensive reports to support decision-making processes. Strong attention to detail and a commitment to staying abreast of evolving OSINT methodologies and technologies.
CTF (Capture The Flag) player with a passion for cybersecurity challenges. Demonstrated proficiency in solving diverse and complex puzzles, reverse engineering, cryptography, and exploitation. Skilled in leveraging a wide range of tools and techniques to analyze and exploit vulnerabilities. Constantly seeking to expand knowledge in various areas of cybersecurity through active participation in CTF competitions and with a commitment to continuous learning and staying abreast of the latest trends in the field
Overview
17
17
years of professional experience
4
4
years of post-secondary education
3
3
Certificates
4
4
Languages
Work History
IT Technician
Indian Army
07.2006 - 02.2010
- Assisted in migrating critical infrastructure to cloud-based solutions, reducing overhead costs while increasing scalability and performance capabilities.
- Created user accounts and assigned permissions.
- Configured hardware, devices, and software to set up work stations for employees.
- Streamlined IT support processes, resulting in increased productivity within the department.
- Installed and configured operating systems and applications.
- Established, repaired and optimized networks by installing wiring, cabling and devices.
- Installed, configured and maintained computer systems and network connections.
- Configured systems according to prescribed software and hardware frameworks.
- Set up PCs, projectors, and microphones for use in video conferencing rooms.
- Developed and implemented preventive maintenance procedures.
- Conducted regular preventive maintenance on hardware equipment, prolonging lifespan while minimizing unexpected failures.
- Assisted in development of system security protocols.
- Managed inventory of hardware and software assets, ensuring proper allocation and maintenance throughout their lifecycle.
- Performed troubleshooting and repaired peripheral devices such as printers, scanners and NAS, Switch's, PC's.
- Configured and tested new software and hardware.
- Corrected connectivity faults to restore user access to local networks, cloud-based storage and Army web.
Web Developer Intern
Indian Army
04.2010 - 03.2016
- Good knowledge of programming languages PHP, Java, .NET
- Throughout my career, I gained experience in maintaining web servers and databases, including MS SQL, PostgreSQL, and MySQL
- Wrote custom HTML and JavaScript for existing websites.
- We periodically back up our databases and handle maintenance and configuration of switches and firewalls
- Assisted in migration of websites from one platform to another, ensuring a seamless transition for users.
- Followed best practices for software development and web security.
- Worked closely with developers on creating new code.
- Developed user-oriented visuals and features using front-end languages to increase site traffic.
- Optimized web applications for speed, scalability and security.
- Monitoring appliance health check
- Conducted unit testing to deliver optimal browser functionality.
- Ensuring web security devices having latest firmware version
Network Administrator
Network Node
, Assam
02.2016 - 02.2019
- Performed day-to-day LAN and WAN administration, maintenance, and support.
- Monitored system performance and responded to alerts.
- Designed scalable network architecture that allowed for seamless integration of new technologies as the company grew.
- Analyzed complex project server issues and worked on large enterprise and business-critical applications.
- Investigating on the security incidents and preparing the RCA
- Creating policies to block unwanted applications
- Migrating endpoints to the cloud version
- Ensuring all endpoints having the latest version
- Implemented, developed and tested installation and update of file servers, print servers and application servers.
- Implemented and maintained virtual private networks.
- Investigating and finding the root cause of the issues
- Investigate any incidents detected and escalate to the responsible team and ensure proper closure.
- Provide Weekly/Monthly reports on the actions taken to maintain the endpoint health and improve compliance.
- Prepare training plan and material for new joiner to use and get trained
Penetration Tester
Indian Army (Army Cyber Group)
02.2019 - 12.2023
- During my tenure, I actively participated in Vulnerability Assessment and Penetration Testing (VAPT) for all Indian Army web applications hosted on the internet, as well as those within the Indian Army's private network
- As a committed cybersecurity professional, I consistently achieved company goals through organized practices
- Expertise in finding the business logic vulnerabilities, price manipulation, OTP Bypass, CSRF Attacks, XSS attacks, SQL Injection, IDOR, file upload restriction bypass vulnerabilities and so on.
- Review and analysis of proposed technical solutions to identify appropriate security controls.
- Managing & coordinating the team to deliver the applications on a stipulated time.
- Following the OWASP Security Testing guidelines for both Web and Mobile Applications
- Good experience in performing penetration testing- secure code review Foritfy (MicroFocus SCA) and HCL APP Scan Standard(HCL) Tools.
- Experience in implementing the CI/CD pipeline using HCL App Scan Source for Static Code Analysis.
Monitoring the Top 10 API risks for all the application - Experience in writing Bash, shell scripts to automate manual process.
- Analyze the source code by performing reverse engineering and work with engineering team to resolve the issues.
- Monitoring the Top 10 API risks for all the application.
- Reverse engineering the private API and intercepting the application traffic through Burp Proxy, MITM, proxy & Postman tool.
- Code review of features and critical security components.
- Providing remediation steps and guidelines to fix the identified vulnerabilities as per the OWASP Standards
- Part time bug bounty hunter to hunt for the public responsible disclosure programs.
- Conducting Secure Code Review training to the developers as per the OWASP Standards.
- Handling AV related task such as Virus and Spyware.
- Experienced cybersecurity professional with a strong background in threat analysis.
- Conducted security audits to identify vulnerabilities of IT assets held at
various Indian Army Directorates and Command Headquarters. As a
part of audit teams reviewed violations of computer security procedures
and developed mitigation plans. - Skilled in conducting risk assessments and developing comprehensive security strategies to mitigate cyber threats.
- Excellent communication and collaboration abilities for effective cross-functional teamwork in ensuring a secure digital environment.
- Prepare training plan and material for new joiner to use and get trained.
- I excel under pressure, adapt to new situations and challenges, and continually work to enhance organizational interests
- Finally, my retirement in December 2023 marked the end of a remarkable chapter.
Education
High School Diploma -
SRMHS, Higher Sec School
Pollachi04.1996
Advance Diploma in Science - Diploma in IT & Communication
IGNOU
Jabalpur 06.2012 - 01.2013
Equivalent Graduation From Indian Army -
IGNOU
New Delhi 01.2021 - 04.2024
Skills
Pen Testerundefined
Accomplishments
I Was Awarded GOC-in-C WC Commendation in year 2011 for best performance for Maintaining IT Infrastructure and Servers.
Certification
Certified [CEH], [EC-Counsil]
Languages
Tamil
Upper intermediate (B2)
English
Upper intermediate (B2)
Hindi
Intermediate (B1)
Malayalam
Intermediate (B1)
Timeline
Certified [CND], [EC-Counsil]
04-2024
Certified [CEH], [EC-Counsil]
02-2023
Equivalent Graduation From Indian Army -
IGNOU
01.2021 - 04.2024
IBM Certified Specialist - Rational AppScan Standard EditionIBM Certified Specialist - Rational AppScan Standard Edition Trident Group India
09-2020
Penetration Tester
Indian Army (Army Cyber Group)
02.2019 - 12.2023
Network Administrator
Network Node
02.2016 - 02.2019
Advance Diploma in Science - Diploma in IT & Communication
IGNOU
06.2012 - 01.2013
Web Developer Intern
Indian Army
04.2010 - 03.2016
IT Technician
Indian Army
07.2006 - 02.2010
High School Diploma -
SRMHS, Higher Sec School
Similar Profiles
Mishbah KhanMishbah Khan
Senior Security and Operations Leader at Indian ArmySenior Security and Operations Leader at Indian Army
Ashok Kumar MarakaAshok Kumar Maraka
Havildar at Indian ArmyHavildar at Indian Army
Dhanabalan MDhanabalan M
Soldier at Indian ArmySoldier at Indian Army