all things security: OffSec, InfraSec, AppSec/ProdSec, CloudSec, etc. i’m also into reverse engineering, malware analysis/development, AI-boosted pentesting, and pretty much all kinds of tech mischief i can integrate into my professional career.
focal point between SecOps, DevOps, IT, Platform, and Data teams.
scouring and securing engineering architecture and infrastructure: cross-stack vulnerability management (discovery, triage, reporting, remediation, tracking), identity + access management, API security, Terraform guardrails, container + cluster security, incident response.
investigated attacks and vulnerabilities for key clients in telecommunications, energy, and national security.
lots of deep research and red teaming (offensive security), specifically around database security, to build up threat intelligence.
built sensors based on collected intelligence (attacker + malware behaviour, OSINT, dark net markets, shadow channels, etc) to keep clients up-to-date and protected.
entry-level software + database development.
data warehousing, ETL, automations, etc.
majored in electrical and computer engineering, with a specialization in information theory and wireless transmission. graduated in 2018.
english: native
hindi: native
urdu: native
french: intermediate
arabic: intermediate
mandarin: rudimentary
homelab
philosophy
reading
photography
dancing
basketball
frontend: React • Angular • Vue.js • JavaScript • TypeScript
backend: Java • Python • C/C++/C# • Node.js • Ruby • Go • Ruby on Rails • .NET • Express.js • Flask • Django • Spring Boot • RESTful + GraphQL APIs • Docker • Kubernetes • gRPC
databases: PostgreSQL • MySQL • MS SQL Server Oracle • MongoDB • Cassandra • Redis • Elasticsearch • Snowflake
devops + infra: AWS • Azure • Jenkins • GitLab CI • GitHub Actions • Docker • Kubernetes • OpenShift • Ansible • Terraform • Puppet • Chef
AI/ML + data: TensorFlow • PyTorch • Pandas • NumPy • Matplotlib • Tableau • Deep Learning (RNN/CNN) • ETL
insights: Prometheus • Grafana • Datadog • ELK • Splunk • Git • Jira • Confluence
penetration testing: Metasploit • Burp Suite • nmap • Nessus • ZAP
network security: ASA/Palo Alto • Snort/Suricata• VPN • NAC • SSL/TLS • TCP/IP/UDP • SSH
application security: Snyk • Semgrep • Socket • Burp Suite • OWASP Top 10 • CIS Controls • NIST SP 800-53 • Vanta • GitHub Advanced Security (CodeQL) • JupiterOne
IAM + cryptography: Okta • Auth0 • AD • AWS IAM • OAuth2.0 • OIDC • SAML • AES • RSA • ECC • SHA-256 • MD5 • OpenSSL
reverse engineering: IDA Pro • Ghidra • Immunity Debugger • Decompilation • GDB • WinDBG • x64dbg • gdbExtract