GAÀ propos de Gaurav
Pentester & Security Engineer with over 5 years of hands-on experience in vulnerability assessment, penetration testing, and cloud security across web, mobile, network, and thick client environments. Proficient in secure code review, identifying logic flaws, and detecting insecure coding patterns. Experienced in securing cloud infrastructures (AWS, Azure, GCP) and assessing them against real-world attack scenarios. Known for delivering actionable security findings, supporting remediation efforts, and contributing to the development of secure systems.
Certifications:
- CREST CRT – CREST Registered Penetration Tester (09/)
- CREST CPSA – CREST Practitioner Security Analyst (09/)
- AWS Certified Security – Specialty (09/)
- OSCP+ – OffSec Certified Professional+ (06/2025)
- SecOps Group AI/ML Pentester (C-AI/MLPEN) – Credential ID: 10492478 (09/2025)
- eMAPT eLearnSecurity : Mobile Application Penetration Tester (06/2023)
- eLearnSecurity eCPPT : Certified Professional Penetration Tester (01/2023)
- eLearn Security eWPTXv2 : Web Application Penetration Tester Xtream (08/2022)
Anglais
Bilingue ou natif
En télétravail uniquement
Travaille majoritairement à distance
Expériences
- BMCSoftware India Pvt LtdProduct Security Engineernovembre 2022 - Aujourd'hui (3 ans et 7 mois)Pune, Maharashtra, IndiaResponsibilitiesConducting securityassessments on web, mobile, thick-client applications, network infrastructure, and cloud environments to identify vulnerabilities, perform risk assessments, and ensure compliance with security standards. Experienced in secure code review to detect and mitigate application-level risks. Performing static code reviews (SAST) to detect vulnerabilities, ensure secure coding practices, and collaboratewith development teams on remediation. Validate, reproduce, and triage security issues reported by researchers and customers, coordinating remediation with relevant teams. Performimg threat modeling and risk assessments to prioritize security vulnerabilities and recommend mitigation strategies. Executing SASTand DAST to identifyvulnerabilities in source code and runtime, providing comprehensive security insights. Maintaining and organizing securityassessmentartifacts, including vulnerability reports, riskanalysis, and remediation tracking.
- SecurityboatCybersecuritySolutionsApplication Security Engineerjanvier 2021 - octobre 2022 (1 an et 9 mois)Pune, Maharashtra, IndiaConducted penetration testing on web, mobile,API, and networkapplicationsacrossvarious clientenvironments, identifying vulnerabilitiesand providing detailed remediation guidance. Successfullydelivered 40+ securityassessment projects for diverse clients, covering OWASPTop 10, SANS 25, and business logic flaws. Collaborated with clientdevelopmentand security teams to reproduce, explain, and remediatevulnerabilities, ensuring secure design and coding practices. Maintained and organized assessmentdocumentation, including detailed security reports, riskanalysis, and remediation tracking forcompliance and audit purposes.
Recommandations
Soyez le premier à recommander Gaurav
Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.
Ces profils de freelance correspondent également à vos critères
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Formations
- CREST CRT : CREST Registered Penetration Tester2028CREST CRT : CREST Registered Penetration Tester
- CREST CPSA : CREST Practitioner Security Analyst2028CREST CPSA : CREST Practitioner Security Analyst