About Me
I’m a passionate Security Engineer with experience in securing applications, networks, and cloud environments. My expertise spans manual and automated penetration testing, application security assessments (web, mobile, API), Active Directory and network penetration testing, and proactive threat hunting. Build and maintain security automation scripts to streamline and enhance security operations.
Worked to enhance DLP, SOC, MDR, and cloud security configurations, ensuring a strong security posture across the organisation. Experience in vulnerability management and playing a role in achieving compliance with industry standards such as SOC 2, HITRUST, and ISO 27001 by supporting audit readiness and driving operational security improvements.
CVE (Common Vulnerability Exposure)
Found security issues in popular technologies and software, helped fix them, and got CVEs assigned for these vulnerabilities.
- CVE-2020-10596 - Opencart
- CVE-2020-18723 - Mdaemon Webmail Service
- CVE-2020-18724 - Mdaemon Webmail Service
- CVE-2021-46065 - Zoho ManageEngine ServiceDesk Plus
- CVE-2024-2301 - HP Printers
Core Skills
Helped to Secure
Identified and reported security vulnerabilities and zero-day flaws in various products and companies through responsible disclosure processes and bug bounty platforms.
Certifications
CC
ISC²
2023
CEH
EC-Council
2022
APISEC Certified Practitioner
APISEC
2024
Proofpoint Certified Email Authentication Specialist
Proofpoint
2025
Senior Cybersecurity Engineer
Cedar Gate Technologies
Enhanced DLP, SOC, MDR, and cloud security; supported compliance (SOC 2, HITRUST, ISO 27001); managed vulnerabilities and verified external reports.
Senior Penetration Tester
Eminence Ways Pvt. Ltd.
Conducted VAPT, social engineering assessments, secure coding training and security audits for various organisations.
Chapter Leader
OWASP Kathmandu
Organise cybersecurity meetups, CTF competitions and live hacking competitions.
Speaking Topics
Technical Topics
- Advanced Penetration Testing Techniques
- Web Application Security
- Cloud Security Architecture
- Mobile Security Testing
Strategic Topics
- Building Security Culture
- Incident Response Planning
- Risk Management Strategies
- Security Awareness Training