Suneet Singh

Senior Analyst

• Job Details:Performing application security testing for a US based healthcare client and closely collaborating with the app devs and POCs for timely remediation/mitigation of vulnerabilities. Working within secure SDLC & providing approval for app deployment based on the test/retest results and implemented recommendations. Performing SAST and DAST for web and mobile applications, focusing on real-world impact and exploitation of vulnerabilities. Conducted API & GraphQL penetration testing using Postman and Burp Suite, identifying critical flaws relating to authentication and data exposure. Led manual penetration testing efforts for a major European telecom provider, delivering detailed risk reports and collaborating with the application and infrastructure teams on remediation strategies. Delivered high-quality VAPT services to a global construction and mining equipment leader, aligning with their internal security standards. Generated actionable security assessment reports using OWASP Top 10 and CVSS methodologies to prioritize and communicate risk effectively.

Senior Analyst - Cyber Detect & Respond

• Job Details:Executed comprehensive manual VAPT and source code reviews for web and Android applications across multiple Indian government entities. Developed custom Python scripts to demonstrate proof-of-concept (POC) exploits and automate repetitive security testing tasks. Performed both static (SAST) and dynamic (DAST) application security testing to uncover vulnerabilities at different stages of the application lifecycle. Identified and reported critical security flaws, including: PII leakage and sensitive data exposure, persistent XSS via input fields and file uploads, privilege escalation from standard to admin users, lack of rate limiting leading to brute-force potential, HTML injection, broken access control, and logic bypass issues, authentication & session management weaknesses. Conducted on-site internal network audits of government data centers using tools like Nessus to identify infrastructure vulnerabilities.

Cyber Security Junior Analyst

• Job Details:Specialized in defensive security with hands-on experience in IAM, PAM, and IGA frameworks. Successfully led end-to-end implementation of Delinea Secret Server for multiple clients, acting as a trusted PAM advisor and technical consultant. Applied just-in-time access, zero trust, and segregation of duties to design secure, scalable access control architectures. Supported a major German pharmaceutical enterprise in establishing their security operations centre (SOC). Actively set up Windows servers, databases, Active Directory, IIS server, SAML, password-less key based UNIX server access. Authored technical blogs and client-facing documentation covering PAM tools, implementation strategies, and business use case resolutions.