Mohit Agrawal
Application Security Engineer
Bangalore
Summary
3.5 years of strong experience as a Cyber Security Specialist who promotes learning and growth and requires highly motivated and skilled employees, seek a challenging position
Overview
4
4
years of professional experience
2020
2020
years of post-secondary education
4
4
Certifications
Work History
Application Security Engineer
GlobalLogic
03.2024 - Current
- Application Security Testing: Conducted SAST, DAST, and SCA using tools like SonarQube, Burp Suite, and dependency track to identify and remediate vulnerabilities in codebase and third-party dependencies.
- Threat Modeling & Secure SDLC: Developed threat models and integrated security best practices into the SDLC, collaborating with cross-functional teams to define security requirements and improve overall security posture.
- Penetration Testing: Performed penetration tests on web applications, APIs, and cloud infrastructure, providing actionable recommendations to fix security loopholes and reduce risk.
- CSPM (Cloud Security Posture Management): Implemented CSPM tools to secure cloud infrastructure by identifying misconfigurations and ensuring compliance with industry standards.
- Security Automation: Automated security testing by integrating tools into CI/CD pipelines, enhancing development workflows and reducing manual efforts in vulnerability detection.
Security Researcher and Malware Analyst
Loginsoft Pvt Ltd
11.2022 - 03.2024
- Conducting in-depth research into emerging security threats, trends, and countermeasures.
- Performing static and dynamic malware analysis on malicious packages in open-source package managers like PyPI and npm.
- Utilizing reverse engineering, deobfuscation techniques, and sandbox environments to understand malware operation, design, and impact.
- Developing strategies and tools to detect and mitigate malware.
- Offensive Security & Red Teaming:
- Conducted internal red team exercises to simulate advanced persistent threats (APTs) and assess organizational detection and response capabilities.
- Performed TTP-based attacks using MITRE ATT&CK framework to evaluate defense evasion and lateral movement risks.
- Developed and executed custom payloads, and phishing simulations to assess employee resilience.
- Emulated real-world attack chains including initial access, privilege escalation, persistence, and exfiltration.
- Integrated red team findings into blue team feedback loop to enhance SOC detection rules and improve SIEM use cases.
- Familiar with tooling such as Impacket, Mimikatz, and custom PowerShell scripts.
Security Analyst
Armour Infosec Pvt Ltd
09.2021 - 07.2022
- Analyzing security logs and monitoring systems to detect and respond to security incidents, unauthorized access attempts, and other malicious activities.
Education
Bachelor of Science - Computer Science
IES IPS Academy-Indore
Skills
Web Application Penetration Testingundefined
Certification
Offensive Security Certified Professional (OSCP), 08/2022
Timeline
Application Security Engineer
GlobalLogic
03.2024 - Current
Security Researcher and Malware Analyst
Loginsoft Pvt Ltd
11.2022 - 03.2024
Security Analyst
Armour Infosec Pvt Ltd
09.2021 - 07.2022
Bachelor of Science - Computer Science
IES IPS Academy-Indore
Similar Profiles
Pavanesh BodduPavanesh Boddu
Analyst at GlobalLogicAnalyst at GlobalLogic
LaDarius BrownLaDarius Brown
AI Content Writer/Analyst at GlobalLogicAI Content Writer/Analyst at GlobalLogic
ELSA GONZÁLEZ GARCÍAELSA GONZÁLEZ GARCÍA
Renewal Desk Analyst at GlobalLogicRenewal Desk Analyst at GlobalLogic
Subrat KumarSubrat Kumar
Associate Software Consultant at GlobalLogicAssociate Software Consultant at GlobalLogic
JAGDISH VITTALJAGDISH VITTAL
Senior Infrastructure Engineer – SAN Storage at Customized IT Solutions Pvt. LtdSenior Infrastructure Engineer – SAN Storage at Customized IT Solutions Pvt. Ltd