ROHAN VARASDA

Conducted penetration tests on web applications and performed vulnerability assessments for network infrastructure. Contributed to over projects involving web, API, and mobile app development. Identified and resolved 30+ critical and 190+ high-severity bugs. Utilized Qualys for vulnerability assessments and collaborated with diverse teams to address identified vulnerabilities. Conducted infrastructure scanning using the Rapid-Fire tool, collaborating closely with developers and server teams for bug resolution. Established stringent controls for G Suite applications, emphasizing email security. Utilized Crowdstrike Falcon EDR for operational tasks. NOV 2022 - Present Remarkable experience in manual web application penetration testing, Api penetration testing and mobile application penetration testing. Profound knowledge of network architectures, operating systems, application software and cyber security tools. Ability to exploit recognized vulnerabilities. Have hands-on experience in application security, vulnerability assessments and OWASP along with different security testing tools. Experience as an Security Anaylyst, involved in OWASP Top 10 based vulnerability assessment of various internet - facing point of sale web applications and web services. C E R T I F I C A T I O N S R O H A N V A R A S D A S E C U R I T Y A N A L Y S T Practical Ethical Hacking: TCM Security External Pentest Playbook: TCM Security Windows Privilege Escalation for Beginners: TCM Security Practical Bug Bounty: TCM Security Mobile Application Penetration Testing: TCM Security Practical API Hacking: TCM Security Linux Privilege Escalation: TCM Security Cisco - Introduction to Cyber-Security Cisco - Cyber-Security Essentials 1. Conducted audits of Prevention Policies, including USB Block Policy. 2. Managed the migration of hosts and adjusted USB Block and Allowed Policies according to user requests. 3. Investigated alerts and incidents originating from user systems for timely resolution.