Harish Bodi
Hyderabad
Summary
Over 3.4 years of experience in Information Security Testing. Strong knowledge of OWASP Top Ten Vulnerabilities and their exploit techniques. Extensive experience in dynamic vulnerability assessments and network vulnerability assessments. Proficient in conducting DAST on web applications using tools like SQLMAP to identify vulnerabilities such as Cross-Site Scripting (XSS), SQL Injection, CSRF, and Privilege Escalation. Skilled in manual security assessments using Burp Suite to find vulnerabilities such as privilege escalation and business logic flaws. Experienced in false positive analysis on automated scan results, preparing detailed reports with risk analysis, screenshots, and proof of concepts.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Systems Engineer
Infosys Limited
Hyderabad
12.2021 - Current
- Executed comprehensive web application and network penetration testing using both automated and manual tools, identifying critical vulnerabilities and reducing potential security threats
- Conducted comprehensive security assessments of online applications, identifying critical vulnerabilities in Input and Data Validation, Authentication, Authorization, and Auditing & Logging; mitigated 90% of identified risks within two months
- Scheduled and conducted meetings with developers and business stakeholders to explain identified vulnerabilities and associated risks
- Revalidated vulnerabilities post-remediation, providing go/no-go decisions from an application security perspective
- Coordinated with global development and infrastructure teams to ensure timely vulnerability fixes
- Monitored web applications for security breaches and incidents, providing timely responses and resolutions
- Supported senior security engineers in performing threat modeling and risk assessments
Associate Consultant
Atos Syntel
12.2019 - 07.2020
- Identified and tested vulnerabilities, conducting research in information system and network security
- Conducted web application vulnerability assessments and penetration testing using tools like Burp Suite, OWASP ZAP Proxy, NMap, Nessus, Kali Linux, and Metasploit
- Gained proficiency in understanding application-level vulnerabilities including XSS, SQL Injection, CSRF, authentication bypass, cryptographic attacks, and authentication flaws
Education
B.Tech - Information Technology
Anil Neerukonda Institute of Technology And Science
Visakhapatnam05-2019
Skills
- Vulnerability Testing Tools - DAST: Acunetix Web Vulnerability Scanner, Burp Suite, Z-Attack Proxy, SQLMAP
- Network Vulnerability / Penetration Testing Tools: NMAP, Nessus, Wireshark, Metasploit
- Programming Languages: C, PHP, Java
- Operating Systems: UNIX, KALI-103, Ubuntu-1210, Windows XP/2003
- Security Frameworks: OWASP Top Ten
Certification
- Cisco Certified Network Associate (CCNA)
- Certified Ethical Hacker (CEH) - Pursuing
Languages
Telugu
First Language
Hindi
Intermediate (B1)
B1
English
Proficient (C2)
C2
References
References available upon request.
Timeline
Systems Engineer
Infosys Limited
12.2021 - Current
Associate Consultant
Atos Syntel
12.2019 - 07.2020
B.Tech - Information Technology
Anil Neerukonda Institute of Technology And Science
Similar Profiles
Aniruth GadeAniruth Gade
Project Manager at Infosys LimitedProject Manager at Infosys Limited
Tanish GuptaTanish Gupta
Senior Quality Analyst at Infosys LimitedSenior Quality Analyst at Infosys Limited
Harshita DubeyHarshita Dubey
Java Developer | Senior System Engineer at Infosys LimitedJava Developer | Senior System Engineer at Infosys Limited
Rajeev RaiRajeev Rai
Senior Business Analyst at Infosys LimitedSenior Business Analyst at Infosys Limited
Suresh BhumireddySuresh Bhumireddy
Technical Specialist at Bosch Global Software TechnologiesTechnical Specialist at Bosch Global Software Technologies