Hello! I'm Utkarsh
I'm a Security Engineer with 4 years of experience in Information Security. I have worked on several projects varying from VAPT of Web, Network & Mobile to Red Team assessments. I have worked with Banks where I worked on end to end security assessments. I'm also well versed with integrating security in Agile Software Development with Scrum Methodology.
EXPERIENCE
2019-Till Now
Security Engineer
TRAVELOKA INDIA PVT LTD
Currently, employed as a Security Engineer at Traveloka, an Indonesian unicorn company that provides airline ticketing and hotel booking services online with the focus on domestic travel. It recently expanded to provide lifestyle products and services, such as attraction tickets, activities, car rental, and restaurant vouchers.
2017-2019
Senior Cybersecurity Analyst
NETWORK INTELLIGENCE (INDIA) PVT LTD
Worked in NII as a Senior Cybersecurity Analyst which is a global cybersecurity provider founded in 2001. NII has more than 550 team members and offices across the globe. NII offer services across 5 broad spectrums i.e. Assessment, GRC, Professional Services, MSSP & Cybersecurity Trainings.
2016-2017
Associate Security Analyst
TORRID NETWORKS PVT LTD
Worked in Torrid Networks as a Associate Security Analyst which is a global leader in end-to-end information security management services. It is working with over 500 customers across various business verticals worldwide including defense and security establishments, critical government departments, large PSUs and many fortune companies.
EDUCATION
2012 - 2016
Bachelor's Degree
Dr. A.P.J. Abdul Kalam Technical University
Completed my Bachelor of Technology in Computer Science & Engineering (First Division with Honors)
2010 - 2012
Intermediate
St. Thomas School
Completed my 10+2 in Science with 76% from ISC Board
2008 - 2010
High School
St. Thomas School
Completed my High School with 75% from ICSE Board
ARTICLES
SKILLS
Web Application Security Testing
API Security Testing
Social Engineering
Mobile Application Security Testing
Network Security Testing
Source Code Review
EXPERTISE
APPLICATION SECURITY
-
In-depth knowledge of OWASP Top 10, SANS Top 25 & WASC TC
-
Business-Logic based application security testing
-
Skilled in performing manual & automated VAPT
-
Skilled in exploiting SQLi, OAuth, XXE, SAML, RFD, XSSi, SOME, mXSS, CORS, etc.
​
MOBILE SECURITY
-
Well versed with OWASP Mobile Top 10 and recent attack vectors
-
Experienced in performing Penetration Testing on iOS (Only Dynamic) and Android mobile applications related to different fields like Banking, Telecom, Finance, E-Commerce, etc.
-
Familiar with tools like Genymotion, Drozer, Appie, APKTool, MobSF, ADB, Dex2Jar, etc.
NETWORK SECURITY
-
Knowledge of networking fundamentals
-
Hands on experience with tools used in performing network assessment
-
Familiar with tools like Nmap, Nessus, Metasploit, Curl, etc.