Security Engineer & Researcher

Hi, I'm Sourav Kumar

|

Security Engineer specializing in Application Security and Vulnerability Management across Web, APIs, and Mobile platforms. Passionate about finding and fixing security vulnerabilities.

0+ Years Experience
0% Vulnerabilities Reduced
0+ Total Vulnerabilities Discovered
Achievements View Projects
VAPT
AWS
DevSecOps
DAST
ISMS / PIMS
Cloud Sec
Introduction

About Me

I am a passionate Security Engineer with hands-on experience in protecting digital assets and identifying vulnerabilities. My expertise spans Web Application Security, API Security, and Mobile Application Security.

I've led security teams, performed comprehensive VA&PT assessments, and collaborated with development teams to integrate security into the SDLC.

Active contributor to the security community with authored CVE and recognition from global organizations.

Offensive Security

Penetration Testing, Vulnerability Assessment

Cloud Security

AWS Infrastructure, Security Protocols

DevSecOps

CI/CD Security, SAST/DAST Integration

Career Journey

Work Experience

Security Engineer L2

EdTech Company
2024 - Present
  • Led a team of security analysts, overseeing VA&PT for Web, APIs and Mobile
  • Collaborated with dev teams to integrate security best practices, reducing incidents by 30%
  • Managed AWS infrastructure with outsourced team, ensuring robust security protocols
  • Configured AWS WAF with custom rules, reducing attacks by 40%
  • Reduced vulnerabilities by 40% through regular VA&PT and automated code reviews
Team Lead AWS WAF GuardDuty ISO 27001 PIMS 27701 DPDP

Security Analyst

Multiple Product Distributor Company
2022 - 2024
  • Performed static and dynamic analysis of web applications, identifying critical vulnerabilities
  • Managed tools: Burp Suite, MobSF, APKtool, Jadx-gui, Frida, Nmap, Nessus, SonarQube, OWASP ZAP
  • Designed comprehensive security policies, procedures, and training programs
  • Conducted OWASP Top 10 vulnerability training for development teams
Web Security Mobile Security OWASP

Junior Security Analyst

Cybersecurity Company, Lucknow
2021 (7 months)
  • Assisted in vulnerability assessments and penetration testing
  • Security scans using Nmap, Nikto, OWASP ZAP
VA&PT Scanning
Expertise

Skills & Tools

Web Security

Burp Suite
OWASP ZAP
Nikto
OWASP Web

API Security

Postman
Burp Suite
OWASP API

Mobile Security

MobSF
APKtool
Frida

Cloud & DevOps

AWS WAF
GuardDuty
Wazuh
CI/CD
AWS Inspector
AWS IAM

Thick Client

Process Monitor
Echo Mirage
Process Hacker

Certifications

EC-Council CEH
AWS CCP
ITIL Foundation
Certified ScrumMaster (CSM)
Open-source LLMs & RAG
Open Source

GitHub Projects

VAPT

ReconX

AI-Powered VAPT Reconnaissance Platform with dark UI

View Code
Malware

Malware Analyzer

AI-powered static malware analysis with YARA

View Code
AI

AI Audio-to-Text

Speech transcription using ML models

View Code
Automation

cPanel Rotator

Automated password rotation for cPanel/WHM

View Code
AWS

AWS ALB Analyzer

Detailed analysis of Application Load Balancer logs

View Code
OSINT

Email Finder

OSINT email discovery tool

View Code
View All Repositories
Recognition

Achievements

CVE-2022-3585

Authored critical vulnerability

U.S. Dept of Energy

Hall of Fame Recognition

TrendMicro

Hall of Fame Recognition

Bug Bounty

HackerOne, Bugcrowd & Private

Urban.io

Hall of Fame Recognition

CircleCI

Hall of Fame Recognition