New Delhi, Delhi, India
Cybersecurity isn’t just what I do, it’s how I think. I lead global offensive security programs focused on simulating real-world adversaries, not checklist-based testing. With 18+ years of experience, my work spans vulnerability research, reverse engineering, and enterprise-scale breach simulation, combining deep technical expertise with strategic execution. I specialize in: • Patch diffing & vulnerability intelligence (Windows, enterprise systems) • Reverse engineering & exploitability analysis • Fuzzing, crash triage, and 0-day discovery • Red teaming, adversary emulation & ransomware simulation • AI/LLM security covering prompt injection, unsafe tool use, Agentic AI risks, and AI Runtime Security Beyond leading global offensive security capabilities, I actively build next-generation platforms: • Platform for Patch intelligence & vulnerability reasoning • Platform for Autonomous adversary simulation • AI-driven offensive automation frameworks My focus is simple: Understand how systems actually break, and simulate it before attackers do. Over the years: • 20+ vulnerability acknowledgments (Apple, Microsoft, Facebook, Offensive Security) • Author of 12 books on penetration testing & network forensics • Trainer for global law enforcement on vulnerability research • Represented India at the BRICS Summit & Future Skills I operate at the intersection of: Offensive Security × Vulnerability Research × AI The future of cybersecurity isn’t just skill-based, it’s leverage-based. And AI is the biggest lever we’ve ever had.
Leading global offensive security strategy, innovation, and delivery across red teaming, adversary emulation, ransomware simulation, and AI/LLM security. Driving the evolution of offensive security from manual testing to AI-assisted and autonomous adversary simulation. Key Impact: • Built and scaled global red team and breach simulation capabilities • Designed next-gen AI/LLM security offerings (prompt injection, agentic risk, runtime abuse) • Advanced vulnerability research in patch diffing, reverse engineering, and exploitability • Developed proprietary offensive tooling and automation platforms • Translated deep technical research into client-facing, revenue-generating offerings • Advised CXOs on emerging threats, AI risks, and offensive strategy Currently building platforms focused on patch intelligence and autonomous offensive systems.
💼Key Responsibilities: • Led offensive security and cyber forensic practices across enterprise clients • Built and scaled high-performing teams across red teaming, VAPT, and research • Expanded service lines into blockchain, ICS, telecom, and advanced threat simulation • Drove revenue growth through high-impact security offerings and strategic advisory services • Delivered complex assessments and investigations across critical environments
💼Major Responsibilities: •Managed the End-to-End delivery of comprehensive Cyber Security Technical Assessments, encompassing Vulnerability Assessments, Penetration Testing, Mobile and API Security Assessments, Cloud and Infrastructure Assessments, Source Code Reviews, and Configuration Audits, as well as Wireless and Hardware Security Assessments, while cultivating strong client relationships that resulted in repeat business and referrals. •Led the Offensive Security Division, overseeing Red Team exercises, Adversary Emulation, Purple Teaming, and War Gaming Exercises, guiding a high-performing team of professionals, and boosting team morale and performance to exceed client expectations consistently. •Headed the Cyber Security Research Division, spearheading Vulnerability Research to proactively identify and mitigate emerging security risks, collaborating with clients to develop tailored solutions that addressed their specific cybersecurity challenges, ultimately contributing to significant revenue growth. •Successfully implemented and managed BDO India's Cyber Security Operations Center (CSOC) as a central hub for real-time threat detection, response, and mitigation. Meanwhile, maintaining strong client relationships and continuously increasing CSOC revenue streams through upselling and cross-selling services. •Led the Cyber Forensic Investigations Practice, conducting in-depth investigations to uncover and address cybersecurity incidents and breaches, and mentored team members to develop their skills and capabilities, resulting in improved team performance and client satisfaction. •Took responsibility for developing and maintaining a comprehensive Vulnerability Management Dashboard, enhancing the organization's ability to track, prioritize, and remediate security vulnerabilities effectively, and leveraged this tool to demonstrate ROI to clients, leading to further engagement and revenue generation.
💼Key Responsibilities: •Spearheaded the Vulnerability Discovery Program (VDP), resulting in the identification and responsible disclosure of 13 CVEs and reservation of 53 CVEs in Consumer and Enterprise Software, enhancing overall product security. •Led the Services Division with a focus on Red Teaming, Thick Client Assessment, Software Security Assessment, and Cloud Security Assessments (OpenStack), ensuring comprehensive security evaluations for diverse clients. •Successfully planned, led, and developed the cutting-edge Deep Learning-Based Zero-Day Prevention System (ZDPS), bolstering our defense against emerging threats and zero-day vulnerabilities. •Managed and secured the Windows Agent for the Enterprise Risk Quantification Solution (SAFE), safeguarding sensitive enterprise data and ensuring the reliability of the solution.
As a seasoned cybersecurity leader, I've been privileged to serve in pivotal roles that shape and enhance an organization's security posture. Throughout my tenure, I've been dedicated to delivering exceptional results in the realm of information security and cyber threat intelligence: 💼Key Responsibilities: •Leading the Technical Assessments and Threat Intelligence Wing: I led a highly skilled team responsible for conducting in-depth technical assessments, including vulnerability assessments and penetration testing. Additionally, my team gathered and analyzed threat intelligence to proactively defend against emerging cyber threats. We consistently met and exceeded customer objectives, ensuring the security and resilience of our organization's critical assets. •Responsible for the Overall Growth, Direction, and Conditioning of the Special Services Group: In this role, I oversaw a specialized group within our cybersecurity department. I set the strategic direction, fostered growth, and maintained a high level of readiness to address unique security challenges. My focus on conditioning the team's skills and expertise ensured we were always prepared to tackle specialized security projects. •Serving as the Delivery Head for the Entire Infosec Services: As the Delivery Head for Infosec Services, I had the privilege of managing a comprehensive portfolio of information security offerings. This included overseeing security assessments, incident response, security consulting, and other critical services. By meticulously managing service delivery, I ensured our clients received top-tier cybersecurity solutions that met their needs.