Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Shiva Kumar Jella

Hyderabad

Summary

Security Engineer with 2 years of experience in various domains such as

• Web Application security testing, Vulnerability Assessment, penetration Testing, API Testing, Mobile Pen testing, and generating reports using tools

• Currently working as Associate Security Analyst in Varutra Attack & Pentest team.

• Proficient in Linux & Windows Operating System Configuration, utilities, and Programming

• Background/understanding of software development lifecycle

• Excellent communication skills with proven abilities in resolving complex networking, hardware & software related issues

• Managed the cycle of project continuity, reviewed the technical work of team, and ensured the quality of service deliverable.

• Skilled in Customer relation, business requirement gathering and Threat modeling. Organize meetings and reviews

Overview

2
2
years of professional experience
1
1
Certification

Work History

Associate Security Consultant

Varutra
01.2022 - Current
  • Internal and External Penetration Testing (Plan, Discover, Attack, Report)
  • Performed penetration testing on TataCliq infrastructure for vulnerability assessment of Internal & External servers and Web Applications
  • Scanned Internal Servers & External Server for Aditya Birla Group Infrastructure for vulnerabilities & conducted white/gray box penetration testing on the financial systems using Kali Linux, and Nessus.
  • Web application testing (manually and with tools such as Burpsuite, Dirbuster, Nikto, SqlMap, Nuclei, Hydra, Hashcat, and John-the-Ripper)
  • Conduct vulnerability assessment and review results. Collaborate with the client's IT staff to rank vulnerabilities. Validate high-risk vulnerabilities on specific targets. Develop a remediation action plan
  • Establish and/or encourage ongoing vulnerability management process (scan, assess, patch, report).
  • Performed dynamic and static analysis of web applications using Acuentix AppScan. Analyze systems for potential vulnerabilities that may result from improper system configuration, hardware or software flaws, or operational
  • Port scan servers using NMAP and close all unnecessary ports to reduce the attack surface
  • Reviewed policies and act like a Subject Matter Expert on best practice. Verified SSL authentication for secure applications development on Web Servers
  • Performed live packet data capture with Wireshark to examine security flaws.
  • Reviewed security documentation and made recommendations. Assisted in conference call meeting with Developer to mitigate vulnerability findings
  • Ran vulnerability and compliance scanning on test machines and reviewed security standards and Minimum Security Baseline for the client. Assisted on Monthly conference call to discuss implementation and upgrade of critical infrastructure

Education

Bachelor of Science -

Arni University
05.2020

Skills

  • Kali Linux
  • Active Directory & Red Teaming
  • AV Evasion Techniques Persistence & Pivoting
  • Analyze & Modify Exploit Code in Python, Bash, Ruby, PHP
  • Privilege Escalation Linux & Windows
  • Experience with tools: Burpsuite, Nmap, John-Ripper, Hashcat, Metasploit, Veil-Framework, Nikto, Dirbuster, OWASP-ZAP, Wireshark, Sqlmap, Aircrack-ng, Hydra, Nessus, LinPeas, WinPeas
  • Network vulnerability scan and penetration testing
  • Wireless Penetration Testing - WPA, WPA2, WEP
  • Familiar with password hash cracking MD5, SHA1, SHA2, etc
  • Knowledge of operating systems, application software and cyber security tools Remote access support
  • Antivirus solutions including spyware, malware, etc
  • Hardware and software troubleshooting
  • Steganography

Certification

Certified Red Team Professional (CRTP)

OffSec Certified Professional (OSCP) - Pending

Timeline

Associate Security Consultant

Varutra
01.2022 - Current

Bachelor of Science -

Arni University

Similar Profiles

CREATE PROFILE
Shiva Kumar Jella