Akshay Pande

Experience

• 

  Bugcrowd

  Mar 2020 - Apr 2021

  Security Researcher and Web Application Penetration Tester

  • Conducted comprehensive security testing of web applications effectively identifying and documenting vulnerabilities such as XSS (Cross-Site Scripting), SQL injection• Actively pursued continuous learning and self-improvement initiatives to expand expertise in the field.• Applied strong analytical and critical-thinking skills to approach complex security challenges with a methodical mindset, successfully uncovering hidden weaknesses.• Contributed to a more secure digital landscape by actively participating in Bug Bounty Programs on platforms like Bugcrowd, HackerOne and Responsible Disclosure Programs reporting vulnerabilities and assisting organizations in enhancing their security posture.• Successfully reported and resolved over 40 web application vulnerabilitiesHall of Fame from ISSUU https://issuu.com/responsible-disclosure#hall-of-fame Show less

• 

  Maharashtra Cyber

  Jun 2020 - May 2021

  Jr Cyber Security Analyst

  • Performed Computer Forensics using tools like Autospy and FTK Manager and provided Anti Piracy Solutions• Conducted Vulnerability Assessment and Penetration Testing• Member of Social Media Strategy and Monitoring Team• Supported Maharashtra Police Cyber Cell as a Cyber Security Analyst, gaining valuable experience in fighting cybercrime and safeguarding individual clients and organizations from online threats.• Key responsibilities included assisting in the investigation of cybercrime incidents, contributing to the development of strategies for prevention of Piracy• Collaborated with senior cyber security professionals and law enforcement officials to analyze and respond to cyber incidents effectively.• Conducted research on emerging cyber threats and vulnerabilities to inform the department's cyber security strategy.• Installed and Monitored new threats, vulnerabilities and attacks, applied countermeasures to prevent intrusion using tools like ELK Stack and Microsoft Defender. Show less

• 

  CyberWings Security LLP

  May 2021 - Sept 2022

  Security Analyst

  • Customised rules to detect anomalous logins & suspicious traffic using Wazuh, reducing false positives by 35%.• Configured EDR, enhancing threat detection and automated response capabilities across 10 endpoints.• Integrated Snort with SIEM systems, centralizing monitoring and correlation of security events.• Implemented FortiGate firewall with strict access control polices, reducing security incidents by 30%.• Conducted PCI DSS assessments and audits, maintaining continuous security standards compliance.• Led VAPT for clients, delivering reports and guidance that enhanced their security posture.• Conducted comprehensive risk assessments using ISO 27001, prioritizing and mitigating security risks• Provided prompt technical support to end-users, resolving over 80% of incidents within agreed SLA timeframes.• Deployed 10 devices and managed mobile device management (MDM) policies using Intune.• Offered Level 1 and 2 support for Exchange Online with user base of 20, resolving issues related to email delivery, mailbox access, and client connectivity.• Supported end-users on SharePoint Online sites, document libraries, permissions, and co-authoring capabilities and enhancing collaboration rate by 50%. Show less

• 

  Virtually Testing Foundation

  Oct 2021 - Dec 2021

  Penetration Testing Intern

  • Learned OWASP Top 10 and its Fundamentals• Conducted Web Application Penetration Testing• Produced Professional Pentesting Reports• Executed Vulnerability Exploitations

• 

  TryHackMe

  Jan 2022 - Feb 2025

  CTF Player
• 

  Newto Training

  Jan 2024 - Jan 2025

  Cyber Security Analyst
• 

  Cyberbridge Services Ltd

  Jan 2025 - now

  Technical Engineer