Benoy Naskar
New Delhi
Summary
Experienced Cybersecurity Professional with over 6 years of expertise in penetration testing, vulnerability assessment, and risk management. Skilled in identifying and mitigating security risks, managing cybersecurity projects, and implementing effective security solutions. Strong problem-solving abilities with a proactive approach to enhancing security postures. Excels in both independent roles and collaborative team environments, ensuring comprehensive security assessments and robust defense strategies.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Assistant Manager | Technology & Transformation
Deloitte
07.2021 - Current
- Provided cybersecurity services for both small-scale strategic engagements and large-scale implementation programs for leading global organizations.
- Conducted red teaming exercises, as well as network and application penetration testing, to identify and mitigate security vulnerabilities.
- Delivered onsite and remote security consulting, including: Cloud security configuration reviews, Cloud penetration testing, Mobile application penetration testing, and Active Directory penetration testing as part of red teaming assessments.
- Collaborated with development teams by providing detailed remediation strategies for identified vulnerabilities, and ensuring proper validation of fixes before closure.
Penetration Tester
Hackdev Technology Pvt Ltd
05.2019 - 06.2021
- Led and executed 30+ VAPT and Red Teaming projects, identifying and mitigating critical security risks.
- Conducted vulnerability assessments on 30+ websites, leveraging tools such as Acunetix, Nexpose, Nikto, DirBuster, Burp Suite, WPScan, and Kali Linux.
- Operated and maintained Dynamic Application Security Testing (DAST) tools, including Nessus Professional, Acunetix, BurpSuite Professional, Pentest-Tools.com, and IBM AppScan.
- Performed VAPT on 50+ servers, utilizing industry-standard tools like Nessus Professional, Kali Linux, Nmap, SQLMap, Metasploit, Netcat, and PuTTY.
- Discovered and reported over 40 critical vulnerabilities, ensuring swift remediation and security hardening.
- Managed Vulnerability Assessment and Remediation, working with analysts and leadership to streamline security guidelines.
- Provided continuous security maintenance, development of patches, and fix implementations to enhance overall system security.
- Delivered cybersecurity training to prestigious law enforcement agencies in India, contributing to national security awareness, and incident response readiness.
Security Analyst
Ignite Technologies
06.2018 - 04.2019
- Conducted in-depth research on various exploitation techniques to identify and assess vulnerabilities.
- Performed regular security assessments and log reviews to detect and mitigate potential threats.
- Executed penetration testing and vulnerability patching, ensuring a high standard of security across applications and networks.
- Published technical blogs and research papers on cybersecurity trends, vulnerabilities, and mitigation strategies.
- Delivered security awareness training to over 25 individuals, providing educational programs and orientation sessions on cybersecurity best practices.
Education
BCA -
Bharati Vidyapeeth
New Delhi01.2021
Skills
- Basic bash & python scripting
- Penetration testing
- API Security Testing
- OWASP Top 10
- AV Evasion
- ISO 27001
- DAST
- Network Security
- Web application security
- Vulnerability Management
- Thick Client Application Security
- Vulnerability Assessment
- Privilege Escalation (Linux/Windows)
- Red Teaming
- Cloud security
- Cybersecurity services
- Vulnerability assessment
- Security compliance
- Risk assessment
- Network security
- Project management
Certification
- Certified Cloud Security Practitioner - AWS, The SecOps Group, 11/01/24
- OSCP, Offensive Security, 04/01/21
- CEHV10, EC-Council, 09/01/18
- Ignite Certified Security Professional (ICSP), Ignite Technologies, 01/01/18
Projects
- Memcached Server Exploits – Researched and published an article on one of the world’s leading cybersecurity blogs, detailing exploitation techniques and mitigation strategies.
- Vulnerable Lab Development – Designed and implemented custom vulnerable environments for penetration testing training and security research.
- Fully Undetectable (FUD) Development – Developed and tested custom security tools for projects led by the Delhi Crime Branch, assisting in cybersecurity investigations.
- Linux Distro Development – Created a lightweight Linux distribution optimized for security research and penetration testing, utilizing minimal system resources.
Timeline
Assistant Manager | Technology & Transformation
Deloitte
07.2021 - Current
Penetration Tester
Hackdev Technology Pvt Ltd
05.2019 - 06.2021
Security Analyst
Ignite Technologies
06.2018 - 04.2019
BCA -
Bharati Vidyapeeth
Similar Profiles
Albert Laurentiu IonAlbert Laurentiu Ion
Junior Information Technology Consultant at DeloitteJunior Information Technology Consultant at Deloitte
Sai Rekha SuradaSai Rekha Surada
Solution Advisor - Manager FCC Investigations Team at DeloitteSolution Advisor - Manager FCC Investigations Team at Deloitte
Sai Ramesh VattiSai Ramesh Vatti
Sr. UIUX Consultant at DeloitteSr. UIUX Consultant at Deloitte