FARIDA BANU KARAMALLA
Cyber Security Engineer
Bangalore,KA
Summary
Cybersecurity Engineer with 2+ years of hands-on experience in Application Security, specializing in SAST, SCA, DAST, Mobile Penetration Testing, and vulnerability assessment. Proficient in tools such as Burp Suite, Postman, and GRYPE, with strong expertise in identifying, analyzing, and remediating OWASP Top 10 vulnerabilities. Skilled in performing secure code reviews, API testing, threat modeling, and delivering actionable security recommendations to development teams.
Overview
3
3
years of professional experience
1
1
Certification
Work History
Security Engineer
TATA Consultancy Services
Bangalore
07.2023 - Current
- Performed manual security testing with Burp Suite and secure code reviews using Fortify to ensure vulnerability-free deployments.
- Executed SAST (Fortify), DAST (WebInspect/ZAP), and SCA to detect insecure code, validate OWASP Top 10 controls, and assess third-party risks.
- Used Grype to scan container images and packages, identifying high-severity CVEs and improving supply-chain security.
- Conducted vulnerability assessments with Nessus & Web Inspect, recommending OS patching and configuration hardening for production servers.
- Performed Mobile Pentesting and API security testing using Burp Suite, Postman, and Grype to find misconfigurations and insecure coding flaws.
- Identified and mitigated OWASP Top 10 issues including XSS, SQLi, IDOR, Broken Access Control, and SSRF.
- Supported secure SDLC through threat modeling and continuous security validation across all development stages.
Associate Software Engineer
Capgemini Technology Services India Limited
Mumbai
07.2022 - 11.2022
- Developed a proof-of-concept (POC) application implementing complete CRUD operations.
- Gained experience in secure coding practices, code review, and testing that built a strong foundation for transitioning into application security and penetration testing roles.
Education
Master of Computer Applications - undefined
Andhra University
12.2025
Bachelor's of Science - CS and Physics
Yogi Vemana University
10.2022
Skills
- SAST
- DAST
- SCA
- GRYPE
- OWASP ZAP
- BURP SUITE
- JENKINS
- FORTIFY
- NESSUS
- POSTMAN
- METASPLOIT
- WinsCP
- PuTTy
- Threat modeling
- Vulnerability Assessment
- SDLC
- Perspicacity
- JAVA
- PYTHON
- HTML
- CSS
- BASH SCRIPTING
Certification
- Azure Administrator Associate (AZ -104)
- TCS Certified Security Engineer
- Microsoft Identity and Access Administrator (SC-300)
- eJPT Certification from Udemy
Accomplishments
- Xcelerate Warrior certificate from Tata Consultancy Services
- On The Spot Award from Tata Consultancy Services
- AI Idea Igniter certificate from TCS
Languages
English
Telugu
Urdu
Kannada
Hindi
Personal Information
Title: Security Engineer
Hobbies and Interests
- Cybersecurity Research
- CTF Challenges
- Ethical Hacking & Bug Bounties
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Interests
Cloud security
Thickclient penetration testing
Timeline
Security Engineer
TATA Consultancy Services
07.2023 - Current
Associate Software Engineer
Capgemini Technology Services India Limited
07.2022 - 11.2022
Master of Computer Applications - undefined
Andhra University
Bachelor's of Science - CS and Physics
Yogi Vemana University