Shubham Nema

Company Overview: formerly known as Synopsys

• Conducted comprehensive penetration testing for 20+ clients, including leading financial institutions, health insurers, and e-commerce platforms, to identify and remediate security risks.
• Led web and API penetration testing projects for clients, identifying critical vulnerabilities and delivering comprehensive remediation guidance to strengthen their security posture.
• Network Penetration Testing – Internal & external testing, including CDE (Cardholder Data Environment) and non-CDE networks for PCI DSS compliance.
• Performed segmentation testing and Attack Surface Mapping (ASM) to strengthen clients' security infrastructures and minimize attack exposure.
• Delivered high-quality security assessments, technical reports, and client presentations, ensuring timely completion and alignment with project requirements
• Conducted in-depth Web Application Security Assessments (DAST, PT) following OWASP guidelines, analyzing business logic flows using both manual and automated testing with proxy tools like Burp Suite.
• Conducted penetration testing on APIs and web services, including RESTful APIs, SOAP, and GraphQL, to identify and remediate security vulnerabilities
• Prioritized projects and project tasks depending upon key milestones and deadline dates.
• Troubleshot issues by understanding issue, diagnosing root cause and coming up with effective solutions.
• Built strong relationships with clients through consistent communication and proactive problem-solving efforts.