RISHAB SHARMA
Hyderabad
Summary
Cybersecurity professional with 3 years of experience in penetration testing and vulnerability assessment. Improved security posture for over 10 clients through advanced threat detection, resulting in a 5% reduction in attack surface. Conducted over 50 vulnerability assessments in 2024, achieving a 95% client satisfaction rate. Expertise in threat detection and security enhancement positions well for a Security Consultant role at Global Business Technology (GBT).
Overview
3
3
years of professional experience
1
1
Certification
Work History
Senior Pen-tester L2
NopalCyber
Hyderabad
07.2022 - Current
- Company Overview: A cybersecurity firm specializing in proactive threat assessments
- Conducted penetration tests on various Web, API, Mobile, Thick Client applications, WiFi, and Infrastructure, along with Endpoint Configuration Reviews for multiple clients
- Developed code to automate PenTest activities to improve efficiency and accuracy in identifying vulnerabilities
- Engaged in managerial activities, collaborating with client's project managers and developers to explain the testing process and preparing Statement of Work, PenTest documents for engagements
- Performed vulnerability scans on the servers and devices using Nessus scanners and discovered security weaknesses
- Created an attack surface discovery (ASD) report for clients, identifying vulnerabilities and making security recommendations
- Develop and integrate ordered security controls and checks into CI/CD workflows to detect issues before deployment
- Conducted CIS Benchmark security assessments for Windows, Linux, Nginx, Apache, IIS servers, and databases (MySQL, PostgreSQL, MSSQL), including configuration reviews and Active Directory security assessments based on CIS hardening guidelines
- Provided detailed remediation guidance to align systems with CIS Level 1 and Level 2 benchmarks
- Conducted Breach and Attack Simulation (BAS) assessments to evaluate enterprise risk and security posture, identify attack paths, and validate security controls against real-world threats
- Automated security compliance checks using OpenSCAP, CIS-CAT Pro, and custom scripts
- Simulated adversary tactics, techniques, and procedures (TTPs) using automated and manual testing methods to assess the effectiveness of detection and response mechanisms
- Utilized BAS platform such Pentera to execute simulated attack scenarios across various kill chain phases
- Scoping & Planning: Define scope, objectives, timelines, and resources for penetration tests.
- Task Delegation: Assign tasks to junior testers based on expertise and workload
- Reporting: Create executive and technical reports with actionable recommendations
- A cybersecurity firm specializing in proactive threat assessments
- Enhanced Client Security: Improved security posture for 30 clients using advanced threat detection.
- Optimized Attack Surface: Reduced attack surface by 5% with comprehensive vulnerability scans and assessments.
- VAPT: Conducted over 50 VAPT in 2024 with 95% client satisfaction.
Education
Bachelor of Engineering -
Nagpur University
Skills
- Attack surface management
- Pentesting testing
- Automated testing
- SAST
- DAST
- Kali Linux
- Vulnerability assessment
- Mobile application pentesting
- API pentesting
- JAVA
- Nessus
- OSINT
- Python
- Code review
- Qualys
- SQL
- SIEM/EDR
- OWASP
- Wireshark
- PowerShell
- SDLC
- Client communication
- Reporting and documentation
- Burp Suite
- PHP
- AWS
- Breach simulation
Certification
- CRTE
- Certified Ethical Hacker (CEH)
- Certified Penetration Tester (NCPT)
Accomplishments
- Enhanced Client Security, Improved security posture for 30 clients using advanced threat detection.
- Optimized Attack Surface, Reduced attack surface by 5% with comprehensive vulnerability scans and assessments.
- VAPT, Conducted over 50 VAPT in 2024 with 95% client satisfaction.
Timeline
Senior Pen-tester L2
NopalCyber
07.2022 - Current
Bachelor of Engineering -
Nagpur University
Similar Profiles
ARAVA ANANTHA RAOARAVA ANANTHA RAO
Information Security Manager at Tata Consultancy ServicesInformation Security Manager at Tata Consultancy Services
SRINIVAS NEELAMSRINIVAS NEELAM
Senior Service Engineer at S SCIENTIFIC INSTRUMENTSSenior Service Engineer at S SCIENTIFIC INSTRUMENTS
Naga Durga Sainath SomisettyNaga Durga Sainath Somisetty
Planning In Charge at Larsen And Toubro ConstructionPlanning In Charge at Larsen And Toubro Construction
Vamshika EslavathVamshika Eslavath
Assistant Manager at Travelodge LimitedAssistant Manager at Travelodge Limited
KRISHNA PAVAN CHAMARTHIKRISHNA PAVAN CHAMARTHI
Web Application Pen-tester at Indian ServersWeb Application Pen-tester at Indian Servers