Praison .

663 followers

Bengaluru, Karnataka, India

Connect with Praison . to Send Message

Connect

Connect with Praison . to Send Message

Connect

Timeline
About me
Information Security Analyst/Web app Pentester | Cyber Threat Hunting, Burp Suite, Splunk, AWS Security | Security Research | PNPT
Education
- St. Xavier's Catholic College of Engineering
  2013 - 2017
  Bachelor's degree Mechanical Engineering
- האקריו - HackerU | ה'חממה' להכשרת דור העתיד של תעשיית ההייטק
  2021 - 2021
  Masters Cybersecurity
  Masters course in Cybersecurity(Red Team) with focused learning on various methodologies of hacking, web penetration testing, mobile penetration testing. Hands on hacking practices and challenges with the use of professional industry standard tools like BurpSuite, Metasploit, Nmap, sqlmap, nuclei, subfinder and much more.
Experience
- PowerSchool
  Nov 2019 - now
  - Finetuning usecases to reduce the number of false positive alerts and creating new use cases for the SOC team with Splunk.- Working with EDR and XDR tools such as CrowdStrike when handling security incidents for investigation and doing threat research to analyze new malwares and their behaviors. - Creating dashboards for effective threat hunting and soc monitoring- Pentesting web applications through BurpSuite, SQLmap and other tools and reporting them to the respective product teams. Led the pentesting engagements. Improved the number of critical findings thereby reducing the attack surface and also mentoring the team.- Triaging web application vulnerabilities submitted by security researchers through Bugcrowd and assessing their severeties- Automating certain vulnerability scanners and exploits through writing scripts in Bash and Python- Incident response by collaborating with different teams in the organization to investigate security incidents- Digital Forensics with the IOCs obtained through Cyber Threat Intelligence.- Worked with NGFW tool - Palo Alto and also worked with AWS GuardDuty Show less - Working with EDR and XDR tools such as CrowdStrike when handling security incidents for investigation and doing threat research to analyze new malwares. - Pentesting web applications through BurpSuite, SQLmap and other tools and reporting them to the respective product teams. Also formed an internal pentest team and led the pentesting engagements. Improved the number of critical findings thereby reducing the attack surface and also mentoring the team.- Triaging web application vulnerabilities submitted by security researchers through Bugcrowd- Automating certain vulnerability scanners and exploits through writing scripts in Bash and Python- Digital Forensics with the IOCs obtained through Cyber Threat Intelligence.- Worked with NGFW tool - Palo Alto and also worked with AWS GuardDuty Show less
  - Information Security Analyst
    Apr 2024 - now
  - Associate Information Security Analyst
    Jul 2022 - Mar 2024
  - Technical Engineer
    May 2022 - Jun 2022
  - Associate Technical Engineer
    Nov 2019 - Apr 2022
- ThriveDX
  Jan 2022 - Mar 2022
  Cyber Security Trainer
  Training people from Singapore who are new to the cybersecurity domain with the focus on red team concepts.
Licenses & Certifications
- Fortinet Network Security Expert Level 2: Certified Associate
  Fortinet
  Sept 2021
- External Pentest
  TCM Security
  Jan 2023
- Practical Ethical Hacking
  TCM Security
  Sept 2021
- Practical Network Penetration Tester
  TCM Security
  Sept 2023
  View certificate
- Multi-Cloud Networking Associate
  Aviatrix
  Feb 2022
- API Security Architect
  API Academy
  Jan 2022
- Fortinet Network Security Expert Level 1: Certified Associate
  Fortinet
  Sept 2021
- Introduction- Cyberark Privilege Access Management Course
  CyberArk
  Jan 2022
- Open-Source Intelligence (OSINT) Fundamentals
  TCM Security
  Jan 2023
- API Designer
  API Academy
  Jan 2022
- API Product Manager
  API Academy
  Jan 2022
- Cyberark Certified Trustee
  CyberArk
  Jan 2022