Shyam Pareek

About Me

Hacker, Photographer, Traveler, Blogger

I am a Cyber Security Analyst & Ethical Hacker

A self-motivated, inquisitive, and gritty individual with excellent leadership, organizational and analytical skills, seeking an opportunity to earn a chance to contribute creativity and take part in meaningful work while simultaneously learning and gaining knowledge from professionals in the field of technology.

Certified Ethical Hacker with more than 4.5 years of diversified experience in Vulnerability Assessment and Penetration Testing, Web application security, Mobile application security and Risk assessment.

Recommendations

Profile Snapshot

  • Cyber Security Analyst with 4+ years of diversified experience in Vulnerability Assessment and Penetration Testing, Web application security, Network Penetration Testing, and Risk assessment.
  • Conducted manual security assessment of 250+ web applications including internet banking applications, trade-finance applications, E-commerce shopping applications for numerous national & International clients.
  • Expertise in reading and understand packet-level data Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc.)
  • Appreciated by the Council of Information Security for reporting several security threats.
  • Certified by Gurugram Cyber Police.

Professional Strengths

  • Excellent knowledge of VAPT of Web and Mobile applications with manual and tools-based methods.
  • Excellent knowledge of detection of threat by analyzing large set logs from different security & Network devices, Operating systems, Databases, Web servers/Applications, etc.
  • Hands-on experience in Kali Linux, Burp Suite Professional, Sqlmap, Nmap, Tenable Nessus, Nikto Scanner, Metasploit, Accunetix, Directory Buster, & other open-source tools.
  • Executing responsibilities as the team leader of the assigned project.

Ethical Hacking & Security Analysis

  • Manual vulnerability assessment of operating systems and databases according to the outputs of scripts and commands.
  • Use of SQL Injection, SQL map, XSS, Shell Uploading, Writing business test cases according to the functionality of the application, VA and Pen Testing Methodologies, and Reporting.
  • Web Application testing as per OWASP standards.
  • Black Box, Grey Box security assessment of Web Applications, and Native/Hybrid Android and iOS applications.
  • Rich knowledge of Ethical Hacking and its Countermeasures.

My Hobbies

  • Photography
  • Playing CTFs
  • Snooker
  • Hiking
  • Traveling

Languages I Speak

  • English
  • Hindi
  • Assamese
  • Punjabi

Resume

4 Years of Experience

Experience

June 2019 - Current

Senior Security Analyst

KPMG India

Key Result Areas:

KPMG’s Global Security Operations Center helps defend more than 120 KPMG Member Firms from cyber-attacks, through timely detection, testing, investigation, and remediation of potential threats.

  • Within this project, I am responsible for finding a loophole in client’s applications and exploiting them at extreme levels to achieve my goals. Focused on manual Penetration Testing as per OWASP Standards.
  • Perform regular Threat Hunting and monitoring activities using my Open Source Intelligence expertise.
  • Handling team of 8 to 10 people as Backup Lead and coordinating with more than 40 other Security Analysts. Working together and making sure all the assigned tasks are completed within given SLAs.
  • My expertise in testing payment gateway modules helps the company to deliver better results for Ecommerce projects.

Skills & Accomplishments:

  • Awarded as Best Threat Hunter of Global Security Operations Center at KPMG India
  • Awarded as Excellence of Quality for unwavering commitment to outstanding personal performance.
  • Appreciated by KPMG Management and Partners for outstanding Threat Hunting skills several times.
  • I was able to open the first-ever P1 level severity incident using OSINT techniques while helping Monitoring & Alerting team with one of the security alerts.

Jan 2019 - June 2019

Cyber Security Analyst

BugsBounty.com (InfoSec Ventures)

Key Result Areas:

  • Web Application Penetration Testing and Security Assessment of various banking applications and E-Commerce Portals.
  • Conducting vulnerability assessments and penetration testing for multiple Onsite projects.

Skills & Accomplishment:

  • Worked on various live projects and got Trained by highly Experienced and Professional Cyber Security Experts.
  • More focused on Manual Penetration Testing as per OWASP Standards.
  • Working with Exploits, Password Attacks, Web Application Attacks.
  • Found a very high severity bug in Banking Application which resulted in generating money out of thin air.

Nov 2017 - Jan 2019

Chief Operational Officer

Bitlevel International Data Recovery

  • Key Result Areas:
    • Setting up and securing websites for clients with different Content Management Systems like WordPress, Joomla, Drupal, Shopify, and others.
    • Securing Payment Gateways on multiple websites allowed to Bypass Payments due to faulty integration.
    • Managing team of 4 others and Achieving project goals as per plans.

July 2017 - Aug 2017

Cyber Security Intern

Gurugram Cyber Crime Police

  • I was able to secure a spot with 80 others out of 10,000+ applicants and got trained by Gurugram Cyber Police.
  • Covered a wide variety of topics, starting from basics and then leading up to compliance standards.
  • Case studies of various online cyber crimes like Mobile Crimes, Email Crimes, Social Media Crimes, Ecommerce Crimes, Website Hacking cases were discussed and explained with investigations.
  • Gave a presentation on “Email Phishing Attacks and Preventions”
  • Reported a live bug on Digital4n6Journal while the Presentor was giving a talk on the same and got highly appreciated.

Jan 2017 - July 2017

Cyber Security Intern

A&R Info. Security Solutions Pvt. Ltd.

Started my professional cybersecurity career with this startup by renowned Cyber Security Expert, Mr. Rakshit Tandon and worked under his guidelines.

  • Learned the professional ways of Ethical hacking practices and gained a comprehensive understanding of vulnerability and penetration testing using different types of tools.
  • Got a chance to investigate one of the biggest Online Scam i.e Social Trade.

Achievements

My Certifications and Rewards
eJPT – eLearnSecurity Junior Penetration Tester

eJPT – eLearnSecurity Junior Penetration Tester

Certifications
KPMG Super Team Award

KPMG Super Team Award

Certifications
NSE 2

NSE 2

Certifications
NSE 1

NSE 1

Certifications
Appreciation from Council of Information Security

Appreciation from Council of Information Security

Certifications
Certified Ethical Hacker (Master)

Certified Ethical Hacker (Master)

Certifications
Certified Ethical Hacker (Practical)

Certified Ethical Hacker (Practical)

Certifications
Gurgaon Cyber Police Internship

Gurgaon Cyber Police Internship

Certifications
Certified Ethical Hacker v10

Certified Ethical Hacker v10

Certifications

Contact

Get in Touch

+91-978654321

New Delhi, India

Freelance Available

Find Me on Map

Contact Form