Shyam Pandey
Cyber Security Consultant
Summary
Results-driven IT professional with 5+ years of experience in creating business value through strategic IT interventions. Proven track record of delivering projects on time and within budget, specializing in cost-effective solutions. Expertise in compliance, IT processes improvement, and architecture design. Skilled in technical support for enterprise IT networks, cyber security standards, and risk assessment. Strong communicator with a focus on security strategies, access control, and vendor management. Committed to delivering efficient and reliable IT solutions.
Overview
5
5
years of professional experience
3
3
Certifications
2
2
Languages
Work History
Consultant
KPMG India
03.2023 - 12.2023
- Conducted security audits and vulnerability assessments to identify risks and propose solutions for improvement in IT and OT Network.
- Coordinated with other departments to ensure compliance with security policies and procedures.
- Translated technical insights into actionable recommendations, ensuring informed decision-making by stakeholders.
- Developed, maintained, and promoted baseline security testing framework into part of QA testing.
- Participated in security incident response and resolution activities.
- Implement and oversee real-time monitoring systems to detect anomalies or potential security threats in Operational Technology (OT) environments.
- Performed Technical Evaluation and penetration testing for more than 50+ Web applications and 10+ Mobile systems
- Designed and built an end-to-end enterprise application security program which includes both a centralized and decentralized model for application testing, code scanning, issue tracking, issue remediation, key metrics, application logging.
- Design, implement, and maintain robust security architectures for OT networks and control systems.
Associate Consultant
KPMG India
04.2021 - 03.2023
- Performed Technical Evaluation and penetration testing for more than 150+ Web applications and 20+ Mobile systems
- Conducted both SAST(Static AppSec Testing) and DAST(Dynamic AppSec Testing), IAST.
- Performed code review, security feature & design review throughout the design and integration testing phase of the project
- Performed application penetration tests across public and private networks.
- Communicated technical vulnerabilities and remediation steps to developers and management.
- Managed and designed the issue management around web application vulnerabilities, their tracking, reporting, metrics, resolution, and validation
- Trained staff on security best practices and procedures
- Took ownership of assessment from start to finish
- Ensured that assessments are executed on-time, within defined scope and budget.
- Provided assistance to system users relative to information systems security matters.
- Worked with application developers to validate, assess, understand root cause and mitigate vulnerabilities.
IT Engineer
Aequor Information Technologies Private Limited
03.2019 - 03.2021
- Scanned and monitored system vulnerabilities on servers and infrastructure devices using a Threat and Vulnerability security solution
- Performed penetration tests on network devices, operating systems, databases, and applications as necessary
- Port scanned servers using Nmap and closed all unnecessary ports to reduce the attack surface
- Performed administration (Provisioning, Deprovisioning, Account monitoring, access reviews, and authentication support) of the identity and access management life cycle across all enterprise systems.
Education
Bachelor of Technology - Electronics and Communication Engineering(ECE)
Maharana Institute of Professional Studies
05.2011 - 06.2015
Skills
Cloud Security
Network Security
Application Security
Configuration Review
Active Directory (AD)
DevSecOps
Vulnerability Management
Vulnerability Assessment and Penetration Testing (VAPT)
OWASP
ISO 27001:2022
Powershell
Python
Red Teaming
Threat modeling
Operational Technology (OT) Network security
Network & Application Architecture Review
Certification
CRTP
Hobbies
Volunteer Work, Sports and Fitness Activities, Reading
Timeline
Consultant
KPMG India
03.2023 - 12.2023
Associate Consultant
KPMG India
04.2021 - 03.2023
IT Engineer
Aequor Information Technologies Private Limited
03.2019 - 03.2021
Bachelor of Technology - Electronics and Communication Engineering(ECE)
Maharana Institute of Professional Studies
05.2011 - 06.2015