Kirti Kharb

Experienced cybersecurity consultant proficient in deploying effective security solutions, specializing in Onsite-ME projects. Recognized for adeptly identifying vulnerabilities, proposing corrective measures, and elevating overall security posture. A collaborative team member with strong skills in security testing, documentation, research, and suggesting security improvements.

• Banking & Financial services (BFSI)
• E-Commerce
• Hospitality
• Healthcare
• IT/ITES
• Social Media

Vulnerability Assessment and Penetration Testing (VAPT):

• Conducted successful SAST and DAST security testing across a diverse range of applications, Provided real-time feedback on security flaws utilizing a comprehensive suite of SAST and DAST tools.
• Expertise in identifying, analyzing, and prioritizing security vulnerabilities. Proficient in using CVSS to evaluate risk levels and EPSS to forecast exploitability.
• Tested and remediated code-level vulnerabilities in web, mobile and network, while also simulating real-world attack scenarios.
• Familiar with tools such as Rapid7, Checkmarx, and Black Duck for managing vulnerabilities across cloud platforms and on-premises environments.

Cyber Threat Intelligence (CTI) Assessment:

• Conducted CTI assessments across various applications, offering meticulous reporting and documentation.
• Expertise includes utilizing SIEM and OSINT for threat analysis, understanding cyber attack vectors, and employing incident response protocols.

Cloud Security:

• Understanding of cloud environments, including AWS and Azure ensuring security best practices for infrastructure, identity management and data storage.
• Implement and manage security controls for cloud-based applications and services.

Internal Audits:

• Conducted in-depth analysis to identify vulnerabilities in authentication protocols and sensitive data storage within mobile applications. Ensured adherence to policy compliance standards through rigorous verification processes.
• Performed thorough reviews encompassing network architecture, firewall rules, and backup policies. Conducted comprehensive technology inventory assessments. Provided recommendations for network architecture improvements and offered mitigation strategies.
• Conduct security assessments for container configurations and implement security policies to mitigate potential risks. Automated security monitoring and reporting processes using python and java scripts, enhancing the team's efficiency in vulnerability tracking and mitigation.