Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Kunal Patil

Pune

Summary

I have 2.8+ years of hands-on experience in penetration testing and vulnerability management, focusing on securing web, API, network, and cloud environments. Skilled in identifying, exploiting, and reporting vulnerabilities using tools such as Burp Suite, Nessus, Qualys VMDR, and Nmap. Experienced with the vulnerability lifecycle including discovery, assessment, remediation tracking, validation, and compliance reporting (ISO 27001, PCI-DSS, HIPAA). Knowledgeable in handling zero-day vulnerabilities, audit support, and applying risk-based prioritization with CVSS, EPSS, and CISA KEV. Strong understanding of OWASP Top 10, NIST standards, and MITRE ATT&CK framework, with experience in manual and automated security assessments, preparing proof-of-concepts (POCs), risk assessments, and remediation guidance.

Overview

3
3
years of professional experience
1
1
Certification

Work History

Application Security Analyst

Cognizant
01.2023 - Current
  • Performed penetration testing for web, API, and network (internal and external) applications across multiple project.
  • Conducted manual code reviews and security testing to identify logic flaws, misconfigurations, and vulnerable services.
  • Identified open ports and network misconfigurations, simulating attacker techniques with custom scripts.
  • Prepared detailed reports with PoCs, risk assessments, and remediation guidance, supporting a measurable reduction in security risks.
  • Gained exposure to the vulnerability management lifecycle, including discovery, prioritization, remediation tracking, and compliance reporting.

Bug Bounty Hunter

Bugcrowd/Hackerone
08.2022 - 12.2023
  • Performed external penetration testing on web, Network and API endpoints to identify and exploit over 200 security vulnerabilities.
  • Performed complete automated regex and manual security testing of the web application.
  • Collaborated in private programs involving Authentication bypass, Information disclosure, Business logic flaws, and SQL injection.
  • Recognized in Bug Bounty programs of Fortune 100 companies with 100+ rewards and multiple Hall of Fame acknowledgments; also featured as Top Researcher in MSRC (Microsoft Security Response Center) – Q1 2025.

Education

Bachelor of Engineering - Computer Engineering

Kavayitri Bahinabai Chaudhari North Maharashtra University
06.2023

Post Graduate Diploma in Cyber Security & Forensics - Cyber Security & Forensics

Kharghar Centre C-DAC
03.2025

Skills

  • Vulnerability Management
  • Penetration Testing
  • Web Security Testing
  • API Security Testing
  • Cloud Security
  • Secure Code Review
  • Burp Suite
  • Nmap
  • Dirsearch
  • OWASP ZAP
  • Postman
  • Nessus

Certification

  • Certified Ethical Hacker (CEH v13), EC-Council
  • Microsoft Azure Administrator Associate, Microsoft
  • PG Diploma in Cyber Security & Forensics (PG-DCSF), CDAC

Timeline

Application Security Analyst

Cognizant
01.2023 - Current

Bug Bounty Hunter

Bugcrowd/Hackerone
08.2022 - 12.2023

Bachelor of Engineering - Computer Engineering

Kavayitri Bahinabai Chaudhari North Maharashtra University

Post Graduate Diploma in Cyber Security & Forensics - Cyber Security & Forensics

Kharghar Centre C-DAC

Similar Profiles

CREATE PROFILE
Kunal Patil