Summary
Overview
Work History
Education
Skills
Certification
General Competencies
Achievements Awards
Timeline
Generic
PIYUSH CHOURASIA

PIYUSH CHOURASIA

Lead Cyber Security Engineer
Hyderabad

Summary

Information Security professional with 6 years of experience in Web Application Security, VAPT, SAST/DAST, Secure Code Review, Vulnerability Management, GRC, and Network Security. Skilled in identifying vulnerabilities, assessing risks, and implementing effective security controls to protect critical assets.

Vulnerability Management Tools: Qualys, Nessus, Rapid7, CrowdStrike Network Security Tools: Nmap, Wireshark, Metasploit, Kali Linux Source Code Review & Application Security Tools: Burp Suite Pro, SonarQube, Checkmarx. Strong analytical and problem-solving skills with a proactive and detail-oriented approach. Holds a B.Tech in Electronics Engineering and is passionate about improving security posture in dynamic and complex environments.

Overview

6
6
years of professional experience
3
3
Certifications

Work History

Lead Security Engineer

Mphasis
03.2025 - Current
  • Company Overview: An experienced IT security professional with a focus on application security and migration at Mphasis.
  • Experienced IT security professional with a focus on application security and migration at Mphasis.
  • Implemented pre- and post-migration security controls for applications during cloud-to-on-premises (lift-and-shift) migrations, and on-premises-to-on-premises migrations.
  • Hands-on experience with SAST and DAST tools, primarily using Checkmarx, to identify and mitigate application vulnerabilities.
  • Analyzed scan results, identified false positives, and shared detailed security reports with the development and security teams.
  • Actively collaborated to remediate vulnerabilities, ensuring secure code practices, and compliance with security standards.
  • Strong understanding of secure SDLC, application risk management, and compliance frameworks.
  • Worked closely with cross-functional teams to integrate security best practices across the software development lifecycle.
  • Experienced IT security professional with a focus on application security and migration at Mphasis.

Software Engineer

Code Icons
01.2023 - 08.2024


  • Managed security service for a leading financial institution, and performed VAPT (Vulnerability Assessments and Penetration Testing) on web applications, SAST, DAST, and web services.
  • Conducted Vulnerability Assessments (VAs), Risk Assessments, and remediation tracking via ServiceNow, ensuring SLA compliance and effective patch management using tools like Rapid7, Nessus, and CrowdStrike.
  • Knowledge of the OWASP Top 10, SANS Top 25, and other web-related vulnerabilities.
  • Providing awareness and solutions to the developers for the reported vulnerabilities.
  • Implemented cloud security best practices to secure SaaS, PaaS, and IaaS environments; proactively monitored, assessed, and remediated security vulnerabilities across AWS and Azure using tools such as AWS Security Hub, Azure Security Center, and AWS CloudTrail.

Software Analyst

Tech Mahindra
05.2019 - 07.2022
  • Conducted Vulnerability Assessment and Penetration Testing (VAPT) on web applications, REST APIs, and network infrastructure, identifying security flaws, and assisting in remediation efforts.
  • Performed Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to detect vulnerabilities in source code and runtime environments.
  • Specialized in API security testing, focusing on issues like broken authentication, insecure data transmission, excessive data exposure, and logic flaws.
  • Hands-on experience with industry-standard tools, including: Vulnerability Assessment and Pentesting: Burp Suite Pro, Code Analysis and SAST Tools: Checkmarx, API Testing: Postman, and Burp Suite (with extensions).
  • Applied comprehensive knowledge of OWASP Top 10, SANS Top 25, CWE, and CVSS v3 to assess and prioritize vulnerabilities based on severity and business impact.
  • Assisted in the creation of security test cases and validation of remediation activities to ensure full resolution before ticket closure.
  • Handled threat assessment by detecting, analyzing, and mitigating internal and external security risks using and Qualys, and coordinated remediation through ServiceNow.
  • Collaborated with developers and system owners to promote secure coding practices, and integrate security early into the SDLC.
  • Created technical reports, vulnerability summaries, and dashboards for internal review and audit readiness.
  • Delivered presentations and walkthroughs of security findings to technical and non-technical stakeholders.


Education

Bachelor of Engineering - Electronics and Communication Engineering

Rajiv Gandhi Proudyogiki Vishwavidyalaya

Post-Graduate Certificate - Post Graduate Diploma In Computer Application PGDC

Skills

  • Web Application Penetration Testing
  • BurpSuit Pro
  • SQLMAP
  • API Testing
  • Postman
  • Network Security
  • Metasploit
  • Wireshark
  • NMAP
  • Incident Response
  • LogRhythm
  • Vulnerability Assessment VAPT
  • Nessus

Certification

Certified Ethical Hacker

General Competencies

  • Python
  • JavaScript
  • HTML
  • CSS

Achievements Awards

  • Appreciation certificate from 'intel.com' for XSS vulnerability.
  • Actively participate in public/private bug bounty programs on YesWeHack.
  • Reading cyber security updates, red team assessment, CTF and vulnerability exploits.

Timeline

Lead Security Engineer

Mphasis
03.2025 - Current

Software Engineer

Code Icons
01.2023 - 08.2024

Software Analyst

Tech Mahindra
05.2019 - 07.2022

Post-Graduate Certificate - Post Graduate Diploma In Computer Application PGDC

Bachelor of Engineering - Electronics and Communication Engineering

Rajiv Gandhi Proudyogiki Vishwavidyalaya
PIYUSH CHOURASIALead Cyber Security Engineer