Manishi Gautam
Gurugram
Summary
Results-driven Information Security Analyst with expertise in Vulnerability Assessment, Penetration Testing, and Cloud Security, I specialize in securing critical infrastructure and optimizing security processes. Skilled in Python-based automation and CI/CD pipeline security, I have a track record of enhancing security posture while improving efficiency. Passionate about continuous learning and problem-solving, I aim to bring my technical skills and proactive approach to a dynamic organization focused on advancing cybersecurity.
Overview
3
3
years of professional experience
1
1
Certification
Work History
Information Security Analyst
Bharti Airtel
10.2023 - Current
- PCI DSS-Compliant Payment Security: Secured high-risk, PCI DSS-compliant payment flows by conducting in-depth assessments to uncover and address vulnerabilities affecting 150 million users, fortifying transaction data integrity. These actions reduced security risks and ensured resilience in critical financial transactions.
- Core Telecom (ESIM) Pentesting: Led penetration testing on the ESIM infrastructure, a core telecom backend service essential for connectivity. Identified and remediated critical vulnerabilities impacting 380 million users, significantly enhancing the security and stability of telecom services.
- Optimized DevSecOps in CI/CD: Optimized CI/CD pipeline by implementing parallelization, incremental scanning, and enhanced security checks (DAST, secrets detection). Reduced build times by 25%, accelerating deployment cycles while ensuring robust security.
- IOT and Red Teaming: Collaborated with IoT and Red Teams on 5+ projects to strengthen security across interconnected IoT and application platforms. Joint evaluations identified unique vulnerabilities, reinforcing protections across critical systems and reducing attack surfaces.
- Cloud Security & Architecture Review: Strengthened AWS-hosted resources by conducting architecture reviews on 10+ and optimizing IAM policies, data encryption, and secure access controls Improved the overall cloud security posture, securing critical data and ensuring compliance.
- Python-Based Security Automation: Developed a custom Burp Suite extension in Python, automating complex testing processes and increasing vulnerability detection speed. This game-changing tool significantly enhanced team efficiency by 90% and assessment accuracy.
Sr. Security Analyst
Innovador Infotech
09.2021 - 10.2023
- Cross-Industry Penetration Testing: Conducted over 80+ assessments across sectors like Finance, Healthcare, Government, and E-commerce, proactively identifying critical vulnerabilities to secure millions of user accounts and ensure compliance with regulatory standards
- Comprehensive Security Assessments Across Diverse Systems: Led end-to-end security assessments across web applications, APIs, mobile apps, and networks, crafting tailored strategies to address each system’s unique threats, reducing potential attack surfaces by 30%, and bolstering overall security resilience
- Rigorous Penetration Testing with Industry Standards: Executed penetration tests and vulnerability exploitation following OWASP, PTES, CIS, and SANS methodologies, effectively identifying and validating high-risk vulnerabilities, enabling clients to fortify systems and improve compliance with security standards
- Detailed Reporting for Targeted Remediation: Developed in-depth reports detailing vulnerabilities, prioritizing remediation strategies, and providing clear, actionable recommendations that empowered clients to address issues swiftly, resulting in a 40% reduction in unresolved vulnerabilities
- Team Skill Development and Continuous Learning Culture: Fostered a collaborative and growth-oriented environment, organizing regular knowledge-sharing sessions and supporting team certifications, increasing testing efficiency by 25% and earning commendations for team expertise and client satisfaction
Education
Bachelor of Science - Computer Science
Galgotias University
Greater Noida, Uttar Pradesh10.2021
Skills
- Penetration Testing (VAPT)
- Application Security
- Secure Software Development Lifecycle (SDLC)
- CI/CD Pipeline Security (DevSecOps)
- Threat Modeling
- Manual Source Code Reviews
- Security Architecture Design
- Bug Bounty Program Management
- API Security
- Programming Languages (Java, Python)
- Mobile Security (Android and iOS)
Certification
- Certified Ethical Hacker v11 (CEH) - EC-Council
- Certified Cloud Security Practitioner - AWS (CCSP-AWS) - The SecOps Group
- Qualys Certified Specialist - Pentesting Expert - Qualys
- Certified AppSec Practitioner (CAP) - The SecOps Group
Awards
- Airtel Einstein Award - Bharti Airtel
- Airtel Execution Excellence - Bharti Airtel
- Hall of Fame - Nykaa
- Airtel Ace Award (x2) - Bharti Airtel
- Top 1% on TryHackMe - Solved 70+ Labs and gained 15+ Badges
- HackerRank Silver Badge - Achieved Silver Badges on HackerRank for Problem Solving, Python, and C Programming
Tools Expertise
- Git
- Jenkins
- Burp Suite
- Blackduck
- Coverity
- Accunetix
- SqlMap
- CodeQL
- Immunity Debugger
- Python
- Wireshark
- Nuclei
- Frida
- Kali Linux
- Fortify
- OwaspZap
- Metasploit
- Docker
Timeline
Information Security Analyst
Bharti Airtel
10.2023 - Current
Sr. Security Analyst
Innovador Infotech
09.2021 - 10.2023
- Certified Ethical Hacker v11 (CEH) - EC-Council
- Certified Cloud Security Practitioner - AWS (CCSP-AWS) - The SecOps Group
- Qualys Certified Specialist - Pentesting Expert - Qualys
- Certified AppSec Practitioner (CAP) - The SecOps Group
Bachelor of Science - Computer Science
Galgotias University
Similar Profiles
Yacouba SoireYacouba Soire
Inventory Manager at Airtel Burkina, Bharti AirtelInventory Manager at Airtel Burkina, Bharti Airtel
Ranjit PanikarRanjit Panikar
Account Manager - B2B Business Development at Bharti Airtel Limited (Airtel Business)Account Manager - B2B Business Development at Bharti Airtel Limited (Airtel Business)
Swagata ChakrabortySwagata Chakraborty
Deputy Manager at Bharti AirtelDeputy Manager at Bharti Airtel