Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Thank you. Your report has been submitted and will be reviewed shortly.
Nambikkai Maharajan Sundaram, Senior Security Consultant – VAPT & DevSecOps

Nambikkai Maharajan Sundaram

Senior Security Consultant – VAPT & DevSecOps·Quadruple Automation Services Pvt Ltd,

India

Bachelor's degree, Computer application

Work experience

Total years of experience: 11 years, 4 months

Senior Security Consultant – VAPT & DevSecOps

January 2023 - April 2026

Quadruple Automation Services Pvt Ltd,

Chennai, India

January 2023 - April 2026

VAPT & Application Security
• Conducted grey-box and black-box penetration testing on web applications and REST APIs, identifying OWASP Top 10
vulnerabilities including IDOR, Broken Access Control, Broken Authentication, and Sensitive Data Exposure.
• Produced formal pentest reports with CVSS-scored findings, exploit evidence, risk ratings, and actionable remediation
recommendations for development and infrastructure teams.
• Executed Proof-of-Concept (POC) validations alongside manual retesting and automated re-scans to ensure complete
remediation and secure closure.
• Used Burp Suite, OWASP ZAP, Nmap, and Wireshark for active security assessments across application and network
layers.
• Performed security assessment of web and mobile application APIs, validating authentication, authorization, session
management, and sensitive data exposure issues aligned with OWASP Mobile and API Security risks.
• Improved vulnerability remediation efficiency through risk-based prioritisation (CVSS, EPSS, asset criticality), ensuring
timely resolution of critical issues

Vulnerability Management
• Owned end-to-end vulnerability lifecycle across 2, 000 on-site assets (application and infrastructure) using Qualys
VMDR — from identification through risk-based prioritisation to validated closure.
• Executed risk-stratified scanning: weekly for critical and internet-facing assets, monthly for internal infrastructure, ad
hoc post-patch and change cycles.
• Applied multi-factor prioritisation (CVSS, EPSS, asset criticality, internet exposure) ensuring critical exploitable
vulnerabilities were resolved within SLA windows.
• Coordinated remediation with development and infrastructure teams across CI/CD and production environments,
performed root cause analysis on recurring vulnerabilities and posture gaps presented findings with business impact
context to governance and executive stakeholders.
DevSecOps Integration
• Integrated SAST (SonarQube) and embedding security into CI/CD pipelines by designing and enforcing security gates
using SAST and SCA tools to prevent vulnerable code from reaching production.
• Triaged scan results after each build to eliminate false positives delivered developer-ready findings with severity
ratings and fix guidance focused on exploitable issues.
• Collaborated with development teams across the Secure SDLC to validate critical and high vulnerability fixes via re
scans before release approval, ensuring security sign-off at each stage of the pipeline.

Company industry:
IT Services

IT Service Desk Analyst – Security Operations (L3)

January 2022 - December 2022

Arrow Electronics,

Bengaluru, India

January 2022 - December 2022

• Recipient of the Best Find of the Year Award, recognised for outstanding contribution to security operations within the
team.
• Investigated security incidents using Sumo Logic SIEM supported vulnerability validation and incident response
coordination.
• Developed detection queries and dashboards to enhance monitoring visibility and reduce alert noise.

Company industry:
IT Services

Team Lead – Enterprise Vulnerability Management

January 2021 - January 2022

Prodapt Solutions Pvt Ltd

Chennai, India

January 2021 - January 2022

• Led end-to-end vulnerability management program for 3, 000+ assets across EU and LATAM regions, applying NIST and
ISO 27001 control frameworks to prioritise and govern remediation.
• Served as escalation owner for critical and high-severity vulnerabilities, driving cross-team response within defined SLA
windows.
• Built Power BI dashboards to track vulnerability backlog, SLA compliance, and risk posture trends presented monthly
reports to governance and CAB stakeholders.
• Guided risk acceptance decisions based on exploitability assessment and business impact analysis.

Company industry:
IT Services

Team Lead – Application Security & Cyber Security Operations

January 2019 - January 2021

Geosafe Fire Safety Pvt Ltd,

Chennai, India

January 2019 - January 2021

• Led vulnerability management across 1, 000+ systems in APAC environments covering network and server
infrastructure.
• Performed web application security testing on internal platforms, identifying access control and API security
vulnerabilities coordinated remediation with development teams.
• Supported security testing activities for mobile-enabled applications and backend APIs, identifying access control and
authentication-related vulnerabilities during application assessments.
• Assessed AWS cloud security posture using Pacu and ScoutSuite, identifying misconfigurations across IAM, S3, VPC,
and Security Groups used IAM Access Analyser to detect overly permissive policies and implemented least-privilege
hardening.
• Enabled AWS GuardDuty for continuous threat detection and configured API Gateway rate limiting to protect backend
services from abuse and DoS exposure.

Company industry:
Manufacturing

Information Security Administrator – Network Security

January 2015 - December 2018

Lexus Computers

Vellore, India

January 2015 - December 2018

• Conducted vulnerability assessments across network and server environments supported remediation validation and
system hardening for Windows and Linux systems.
• Assisted in security monitoring and incident response activities.

Company industry:
Computer Hardware & High-Tech Manufacture

Education

University of Madras

June 2003

June 2003

Bachelor's degree, Computer application

India

Skills

Penetration Testing

Expert

Cloud Security

Expert

Digital Forensics

Expert

Vulnerability Management

Expert

Incident Management

Expert

COMMON VULNERABILITY SCORING SYSTEM CVSS

Intermediate

CI CD

Intermediate

CYBER SECURITY

Intermediate

LIFECYCLE MANAGEMENT

Intermediate

RISK BASED TESTING

Intermediate

STATIC APPLICATION SECURITY TESTING SAST

Intermediate

WEB DEVELOPMENT

Intermediate

AMAZON WEB SERVICES

Intermediate

APPLICATION SECURITY

Intermediate

AUTHENTICATIONS

Intermediate

DEVSECOPS

Intermediate

OPEN WEB APPLICATION SECURITY PROJECT OWASP

Expert

PENETRATION TESTING

Expert

VULNERABILITY ASSESSMENTS

Expert

API

Intermediate

Risk Modelling

Intermediate

Social profiles

Languages

English

Expert

Tamil

Native Speaker

Training and Certifications

Certifications
CISSP – In Progress
Cisco Certified Network Associate
AWS Solutions Architect – Associate
Certified Ethical Hacker (EC-Council)
CCNA – Cisco Certified Network Associate
ECIH – Certified Incident Handler
AWS Solutions Architect – Associate
CEH – Certified Ethical Hacker

Hobbies and interests

Playing chess and participating in Capture The Flag (CTF) challenges, focusing on problem-solving an