SHEKHAR GUPTA
CyberSecurity Consultant
Mumbai
Summary
To work in a reputed organization where I can utilize IT security knowledge with good understanding of security concepts and practices. Responsible for performing Cybersecurity services for PCI DSS Audits and helped financial sectors, service providers in various countries in maintaining PCI-DSS compliance by performing their security testing activities.
Overview
8
8
years of professional experience
6
6
years of post-secondary education
3
3
Certifications
2
2
Languages
Work History
Cybersecurity Consultant
ControlCase International PVT. LTD
05.2022 - Current
- Perform penetration tests on computer systems, networks and applications
- Perform Vulnerability Assessment and Penetration testing using industry standard tools such and Vulnerability Scanners for e.g Qualys, Nessus, WebInspect, Acunetix, Metaexploit, Burp Suite Pro, Netsparker etc
- Develop and maintain security testing plans
- Automate penetration and other security testing on networks, systems and applications
- Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
- Produce actionable, threat-based, reports on security testing results.
- Perform tests on applications, network devices, and cloud infrastructures
- Validate security improvements with additional testing
- Write technical and executive reports.
- Document security and compliance issues
- Increased employee awareness of cybersecurity best practices by developing and delivering training programs.
Associate Consultant (Security Analyst)
ControlCase International PVT. LTD
01.2019 - 05.2022
- Analyzing logs through NextGen & Rapid7 SIEM and work on daily operational tasks as per relevant events generated and take an action as per reputation of malicious files or threats to secure organization's network and hosts
- Lead and respond to security incidents and investigations and targets reviews of suspect areas
- Delivered high-quality presentations showcasing key findings and recommendations to both internal stakeholders and clients.
- Identify and resolve root causes of security-related problems
- Determine incident response by applying event analysis and correlation from multiple log sources such as Windows, Unix, Firewalls, Routers, Switches, IPS, Antivirus and Flow Data using SIEM technology
- Capable of finding, filtering and grouping events to gain information based on correlation rules
- To create the search query in SIEM for any suspicious alerts & events for any malicious indicators on endpoints
- Scheduling Reporting to client on daily, weekly and monthly basis
- Manage customer service calls, service desk requests and emails as per defined procedures
- Acts as Incident Handler, to own the responsibility of resolving the incidents based on SLA and priority as per business needs
- Perform health monitoring supervision, basic technical support/troubleshooting and handle emergency escalations
- Escalate customer emergency support calls to relevant GSOC Analysts per process
- Escalate unclassified incidents findings to related GSOC team (Level 2)
- Provide accurate, complete and timely written documentation and shift handover reports to stakeholders
- Must support traditional SOC operational activities to maintain approved SLA'
IT Support Engineer
KAPL PVT. Ltd
05.2017 - 01.2019
- Monitors anomalies and suspicious content in SEPM console dashboard
- Performing initial determination of incident to determine risk and damage
- Working on different kind of alerts and escalates events as appropriate and as needed identifies potential threats and respond to internally and externally
- Proficiency in handling, supporting and troubleshooting for Symantec Endpoint Protection Manager
- Takes active part in resolution of incidents, even after escalated
- Handling endpoint malware incidents through Symantec endpoint protection and act upon to protect client network against malware attacks
- Coordinating with end-user to provide whitelisting/exclusions from SEPM console
- Coordinate with end-user to perform vulnerability tests and create security authorization agreements and standards
- Created and documented reports, rules, trends and Dashboard
Education
Master of Computer Applications - Computer And Information Sciences
Galgotias University
08.2012 - 06.2015
Bachelor of Computer Applications - Computer And Information Sciences
IIMT - Aligarh
08.2009 - 06.2012
Skills
VAPT
Firewall Review
INPT
ENPT
INVA
Nmap
CDD
ASV
Web Application Penetration Testing
SIEM Console: Rapid7
SIEM Console: NextGen
SIEM Console: Alien Vault
End Security SEPM
Certification
CEH V11, ECC1695487032, 09/18/25
Timeline
CISA - Certified Information Systems Auditor
10-2025
Web Application Pentest
09-2024
CEH V11, ECC1695487032, 09/18/25
09-2022
Cybersecurity Consultant
ControlCase International PVT. LTD
05.2022 - Current
Associate Consultant (Security Analyst)
ControlCase International PVT. LTD
01.2019 - 05.2022
IT Support Engineer
KAPL PVT. Ltd
05.2017 - 01.2019
Master of Computer Applications - Computer And Information Sciences
Galgotias University
08.2012 - 06.2015
Bachelor of Computer Applications - Computer And Information Sciences
IIMT - Aligarh
08.2009 - 06.2012