Burp Suite Professional
Pritam Das
Application Security Consultant
Summary
With over 6+ years of experience as an Application Security Consultant at IBM India, I specialize in conducting Vulnerability Assessments and Penetration Testing for diverse domains including Web Applications, APIs, Mobile Applications, and Networks. I am skilled in basic DevSecOps tasks and have knowledge of integrating CI/CD pipelines for SAST and DAST. Throughout my career, I have successfully led teams, managed project requirements independently, and ensured seamless project execution, as demonstrated by my proven track record. I am excited to join a progressive organization that encourages innovative thinking and provides a platform for me to showcase my skills.
Overview
6
6
years of professional experience
7
7
Certificates
3
3
Languages
Work History
Application Security Consultant - IBM Security
IBM
09.2023 - Current
- Skilled in conducting comprehensive assessments and safeguarding valuable assets across diverse industries. Proficient in penetration testing methodologies for Web Applications, Networks, and Infrastructure, and adept at executing Red Teaming exercises. Experienced in both SAST and DAST for applications security testing and commercial tools like Burp, Nessus, Acunetix, and IBM AppScan, Synk, SonarQube.
- Demonstrates strong managerial and consulting expertise, leading project kickoffs, overseeing project delivery, and effectively managing cross-functional teams. Adept at handling team dynamics, mentoring junior consultants, and fostering professional growth within the organization. Collaborates closely with clients to deliver tailored solutions aligned with strategic goals, ensuring the seamless integration of technical insights with business objectives.
- Proven ability to optimize processes, identify areas for improvement, and implement targeted solutions to enhance project outcomes. Excels in facilitating workshops, managing stakeholder expectations, and maintaining clear communication throughout the project lifecycle.
Senior Consultant - Cyber Security
Ernst & Young, India
11.2022 - 08.2023
- Performed comprehensive assessments for clients across Technology, Media & Telecommunications (TMT), GCCs, and Financial Services sectors. Specialized in diverse penetration testing techniques for Web Application, Network, and Infrastructure assessments, including Red Teaming exercises. Extensive experience in securing Web Services and Mobile Applications to bolster digital defenses against potential threats.
- Engaged in project management beyond technical expertise, collaborating closely with clients from Requests for Proposals (RFPs) to project plans and proposals. Demonstrated core consulting expertise by collaborating with clients to identify cybersecurity challenges, develop tailored strategies, and align solutions with business objectives. Successfully managed project lifecycles from kickoff to delivery, ensuring timely execution, quality outcomes, and stakeholder satisfaction.
- Led cross-functional teams in delivering high-impact cybersecurity projects, balancing technical rigor with business priorities to mitigate risks and optimize efficiency. Acted as a trusted advisor, providing actionable insights, fostering client relationships, and driving engagement success across diverse client environments.
Cyber Security Consultant
PwC India LLP
09.2021 - 11.2022
- Performed Web application penetration testing, Web Services, Mobile Application penetration, and Network/ Infra penetration testing for clients in various sectors like E-commerce, Bank, Health, and Government sectors using open source and commercial tools like Burp, Nessus, Acunetix, etc. located in EMEIA and MENA and APAC regions.
- Carried out 200+ Web, API, and Android application security audits for Central/state organizations, Police departments, Health Sector, and E-commerce Sector.
- Collaborated with cross-functional teams to develop comprehensive cybersecurity policies and procedures.
Security Analyst
Ernst & Young, EY GDS
12.2020 - 09.2021
- Performed Network/ Infra penetration testing and Web application penetration testing, Mobile Application penetration for clients in various sectors like E-commerce, Bank, Health, and Government sectors using open source and commercial tools like Burp, Nessus, Acunetix, etc located in EMEIA and MENA and APAC regions.
- Collaborated with development teams to integrate security best practices into the software development lifecycle.
Information Security Consultant
AKS IT Services Pvt Ltd
08.2018 - 12.2020
- Performed Web application penetration testing, Web Services, Mobile Application penetration, and Network/ Infra penetration testing for Government Organizations. Performed Internal and External Network Security Penetration testing for a Government Organization. Perform POCs to highlight the vulnerability and present the same to stakeholders.
- Carried out Web, API, and Android application security audits for Central/state organizations, Police departments.
- Identified critical vulnerabilities in systems through regular penetration testing, mitigating risks before exploitation could occur.
Education
Bachelor of Technology - B.Tech - Information Technology
Techno India College of Technology(MAKAUT)
kolkata, West Bengal 06.2014 - 07.2018
Higher Secondary Education -
Sudarsanpur.D.P.U.Vidyachakra ( WBCHSE)
Raiganj 03.2012 - 03.2014
Secondary Education -
Sudarsanpur.D.P.U.Vidyachakra ( WBBSE)
Raiganj 03.2011 - 03.2012
Skills
Vast experience in Penetration testing of Web applications and Web Services
Deep knowledge in Mobile Vulnerability assessment for Android applications
Good understanding of Network Vulnerability Assessment
Well-versed in usage of vulnerability assessment tools such as Nmap, Nikto, Sqlmap, Acunetix, Netsparker, Tenable Nessus, Burp Suite, Nexpose, Metasploit and etc
Excellent abilities to identify security risks and suggesting to fix the issues
Expertise in Manual & Automated testing and comfortable in BlackBox/WhiteBox testing with the capability of finding vulnerabilities
Good success rate of finding Critical/High Vulnerabilities in various engagements
Experience with various application security tools including SAST, SCA, DAST, Penetration testing, API Security, and fuzzing techniques
Ability to effectively adapt to rapidly changing technology and apply it to business needs
Software
Acunetix
Netsparker
SQLMap
Metaspoit
NMAP
Nessus
MobSF
Drozer
APKTool
IBM AppScan
Synk
Sonarqube
Certification
Web application Penetration Tester eXtreme (eWPTX)
Timeline
Application Security Consultant - IBM Security
IBM
09.2023 - Current
Senior Consultant - Cyber Security
Ernst & Young, India
11.2022 - 08.2023
Cyber Security Consultant
PwC India LLP
09.2021 - 11.2022
Security Analyst
Ernst & Young, EY GDS
12.2020 - 09.2021
Information Security Consultant
AKS IT Services Pvt Ltd
08.2018 - 12.2020
Bachelor of Technology - B.Tech - Information Technology
Techno India College of Technology(MAKAUT)
06.2014 - 07.2018
Higher Secondary Education -
Sudarsanpur.D.P.U.Vidyachakra ( WBCHSE)
03.2012 - 03.2014
Secondary Education -
Sudarsanpur.D.P.U.Vidyachakra ( WBBSE)
03.2011 - 03.2012
Languages
English
Advanced
Hindi
Advanced
Bengali
Advanced