Available for new engagements·Hyderabad, India

Security work,
done by hand.

I'm a security engineer with 3+ years building and breaking systems across 25+ multi-tenant client environments. I run penetration tests, stand up SOCs, harden cloud, and automate the boring parts of detection and response — then hand you a report your engineers will actually read.

Offensive testing and open-source-first defense — for teams that actually ship.

3+
Years in security
50+
Pentests delivered
25+
SOC client environments
7
Industry certifications

Services I
actually deliver.

Offensive and defensive — scoped to your risk, priced up front, and reported so your engineers can act.

01

Penetration Testing & VAPT

Manual-first assessments across web, mobile, API, network, and cloud — finding the XSS, XXE, SQLi, CORS, and business-logic flaws that scanners miss.

Burp SuiteNmapNessusSQLmapWiresharkNikto
  • Black / grey-box web & mobile app testing
  • API and network penetration testing
  • Business-logic and auth-bypass abuse cases
  • Severity-rated findings with reproducible PoCs
  • Remediation guidance + free retest of criticals
A clear, prioritized report leadership and engineers can both act on.
02

Cloud Security & Cloud Pentesting

Configuration, IAM, and attack-path review across AWS, GCP, and Azure — enforcing least-privilege and shrinking blast radius.

AWSGCPAzureCloudflareGuardDutyCloudTrail
  • Cloud penetration testing (AWS / GCP / Azure)
  • IAM, trust-boundary & privilege-escalation review
  • Misconfiguration remediation to enforce compliance
  • S3 / EC2 / CloudTrail / GuardDuty hardening
  • Cloudflare WAF, DNS & DDoS protection
A cloud estate where one leaked credential can't touch everything.
03

SOC Build-out & Detection Engineering

Open-source-first SIEM, EDR, and threat hunting — the monitoring stack I run for 25+ clients, tuned to your environment.

WazuhElasticSplunkCriblOSqueryAzure Sentinel
  • Wazuh + Elastic SIEM / EDR deployment
  • Custom correlation rules, decoders & data pipelines (Cribl)
  • Threat hunting and root-cause forensic analysis
  • Detection content across Splunk & Elastic
  • Tier-1 analyst enablement via SOPs and runbooks
Detection you own — not a black box you rent by the gigabyte.
04

Security Automation (SOAR)

Detection-and-response workflows that automate triage, enrichment, and containment — so analysts spend time on judgment, not toil.

n8nShufflePythonREST APIs
  • Playbook / runbook design and orchestration
  • Automated triage, enrichment & containment
  • n8n and Shuffle workflow engineering
  • Integration across your existing security stack
  • Faster mean-time-to-respond, measured
The repetitive 80% handled automatically; humans on the hard 20%.
05

Email Security & Anti-Phishing

The front door most attackers still use. Custom detection rules from real-world attacks, plus disciplined email authentication.

Sublime SecurityDMARCSPFDKIM
  • Sublime Security rules from observed attacks
  • DMARC / SPF / DKIM posture management
  • Phishing-simulation campaigns
  • Spoofing and impersonation defenses
  • User-awareness reporting
Fewer successful phish, with evidence to prove it.
06

Threat Intel, Compliance & Advisory

Fractional security partner — threat intelligence, secrets management, and compliance support, on call when it counts.

HashiCorp VaultZabbixGrafanaPrometheusHoppscotch
  • Multi-source threat-intel aggregation & enrichment
  • Secrets management with HashiCorp Vault
  • Compliance implementation & security setup
  • Network observability (Zabbix, Prometheus, Grafana)
  • Quarterly posture reviews & roadmap
Senior security judgment without the full-time headcount.

Four steps, no theatre.

01

Scope

A short call to agree targets, rules of engagement, and what 'done' looks like. Fixed quote — no surprises.

02

Execute

Hands-on, manual-first work. Criticals get flagged on a live channel; you don't wait for the final report to start fixing.

03

Report

Findings with reproducible PoCs and remediation mapped to your stack, plus an executive summary for leadership.

04

Retest

Once you've remediated, I verify the fixes. Critical findings retested free.

Certified Ethical Hacker (CEH)Cribl Certified Admin — StreamCribl Certified UserJNCIA-Junos (Juniper)Network Essentials (Juniper)MECPA — ADAudit PlusPython — Google (91%)

Engagement models.

Every engagement starts with a short scoping call and a fixed quote. Pick the shape that fits — they can flex as you grow.

Project

A scoped, fixed-price engagement

  • One-off pentest or cloud review
  • Defined start and end
  • Full report + retest
  • Best for audits & compliance
Start here →
Popular

Retainer

Ongoing monitoring & detection

  • SOC / detection engineering
  • Monthly hours, predictable cost
  • Continuous tuning & hunting
  • Best for growing teams
Start here →

Advisory

Fractional security partner

  • Design & PR security reviews
  • Async access for questions
  • Incident-response support
  • Best for startups pre-hire
Start here →

Before you
reach out.

Do you work with small teams and startups?

Yes — most of my engagements are with teams that don't have a full security function yet. I scope to your risk and budget, not a one-size template.

How do you price engagements?

Project work is a fixed quote after a short scoping call. Ongoing SOC, detection, and advisory work runs on a monthly retainer. You'll always know the number before we start.

Will I get a report my engineers can use?

That's the whole point. Every finding comes with a reproducible PoC and remediation mapped to your stack — plus an executive summary for leadership. Criticals are retested free.

Can you both test and defend?

Yes. I run offensive engagements and build the defensive side — SIEM, EDR, detection content, and automation. Knowing how attacks land makes the detections sharper.

Where are you based and do you work remotely?

Hyderabad, India — and I work remotely with clients across regions. Engagements are coordinated async with live channels for anything time-sensitive.

Found a gap?
Let's close it.

Tell me what you're working on. I reply to everything within 48 hours — usually with a couple of sharp questions and a sense of scope.

View resume (PDF) ↗

Request a scope