RAHUL GANDHI JAYABALAN

At Brickendon, as a Senior Security Consultant, I manage all the software development security related activities such as introducing best security practices into SDLC, performing regular code scanning and monitoring, performing security testing on APls, periodic penetration tests, etc.

At Anoud Technologies, as a senior security analyst, I manage and perform several security related operations including Web penetration testing, Network vulnerability assessment, SOC operations and Email Security management.
My job responsibilities include,
• Performing Black box, Grey box and White box security testing using OWASP methodologies.
• Working as a part of development team throughout the SDLC and performing security testing for every release.
• Creating a professional assessment report with a detailed walk-through of the findings (POCs) and remediation plan.
• Preparing and reviewing risk assessment reports with developers and site owners.
• Periodically following up with the developers on the remediation of reported findings and conducting retests to make sure the vulnerabilities are completely fixed.
• Conducting security testing on Android and /OS mobile applications.
• Being a part of Security Operations Control (SOC) and managing SIEM activities using LogRhythm.
• Creating email policies and managing email gateways.
• Engaging Red Team activities and train developers on secure coding practices.

• Northern Lights Technology Development
• In this role, I am responsible for conducting vulnerability assessments and penetration testing on web applications using OWASP Top 10 and other most popular web application testing methodologies
• My job responsibilities include
• Planning and scheduling penetration tests with our clients on a timely basis
• Performing Black box, Grey box and White box security testing
• Presenting and reviewing the assessment report with developers and site owners
• Providing remediation planning to developers after reporting the identified vulnerabilities
• Finding and demonstrating new tools to other members in our team
• Achievements:
• During my tenure, I have found several critical vulnerabilities that include Unrestricted File Uploads, injection attacks such as SQL injection, Cross site scripting, etc, CSRF, privilege escalations and many broken access control vulnerabilities
• I have received good feedback from our clients and onsite peers for my work in this project and for the delivery of reports on-time.

• In this role, I was responsible for providing technical support, performing audits and reporting day-to-day security activities
• Achievements:
• As an QA Analyst, I received several appreciations from our onsite peers for regularly conducting good audits and tuning the project in the best way possible.