Nilesh

Working as Android Reverse engineer and Security Engineer. Conducting malware analysis and reverse engineering on suspicious code, and producing a detailed report of the findings. Continuously update threat models and scenarios to reflect the evolving threat landscape. Adept in conducting malware analysis on the Android platform and developing detection methods leveraging Yara rules and the VirusTotal API. Identified malware behaviors within applications through static and dynamic analysis of Android APK files using reverse engineering tools, Android emulators, and static code analysis tools. Conducted Reverse engineering on Different Malware files to identify the threats and activities. Crafting generic detection methods for malicious samples to proactively safeguard against emerging threats. Producing detailed write-ups on various malware families, adhering to established formats and security protocols.

Working on and Managing Cyber Security Services for Reserve Bank of India as per their requirements. Experience in Vulnerability Assessments & Penetration Testing, also handling the change management as per the clients request. Experience in Web Application, Mobile Application and Network VAPT and having work experience on Network Configuration Audit/Review. Experience and knowledge of Web Application Security standards such as OWASP , SANS 25 etc. Provide Technical Understanding of remedial action to be taken for the vulnerabilities identified. Actively participated in Cyber Drill Activity - IDRBT , CERT in Empanelment Test. Maintaining track and confirm the closure of the vulnerabilities. Managing Team, Handling Client Communication & Escalation. Performed automated and manual security assessments on Web based applications, mobile applications, API security testing, Network vulnerability assesment and penetration testing. Create reports and proofs of concepts for manual application security assessments. Follow up on closure of vulnerabilities.

Hands-on experience on conducting vulnerability assessment and penetration testing. Responsible for identifying and classifying cyber security vulnerabilities and work on mitigation plans with system owners, ensure plans are documented understood and track the results of the plan execution. Experience in manual methods and automated tools to identify and remediate vulnerabilities. Detailed knowledge of Penetration Testing Tools, Techniques and Methodologies. Track and validate remediation of findings. Verify/validate defect fixes. Hands on experience in secure configuration review and hardening of systems , servers and network devices. Good understanding of CIS-Benchmark and NIST framework. Complete Familiarity with the Open Web Application Security Project (OWASP). Planning and managing the delivery of Application Security tests (both automatic and manual). Hands on experience in creating payloads.