TemplateA ready-made website. Make it yours in a click.
Copy this website

Summary

Experience

Senior Security Researcher, Bug Bounty ProgramSynapse Tech
San Francisco, CAJun 2021Present
  • Discovered and reported 40+ critical and high-severity vulnerabilities (e.g., RCE, SQLi, XSS, SSRF) within 2 years, leading to a 15% reduction in exploitable attack surface.
  • Led the investigation and remediation efforts for 5 major security incidents, minimizing potential data breaches and financial losses by an estimated $2M annually.
  • Developed and implemented automated scanning scripts in Python, improving vulnerability detection efficiency by 25% and reducing manual review time by 10 hours/week.
  • Mentored junior security researchers, improving team's average bug severity and payout by 20% over one year.
Application Security EngineerInnovate Labs
San Jose, CAJul 2018May 2021
  • Identified and reported over 75 unique security flaws, including authentication bypasses and critical API vulnerabilities, leading to a 30% stronger application security posture.
  • Performed comprehensive penetration tests on 10+ web and mobile applications, utilizing tools like Burp Suite Pro and OWASP ZAP to uncover hidden attack vectors.
  • Collaborated with development teams to implement secure coding practices, reducing the average number of vulnerabilities introduced in new features by 40%.
  • Contributed to the design and review of security architecture for new product features, integrating security by design principles from conception.

Projects

Education

University of California, BerkeleyBachelor of Science in Computer Science
Berkeley, CASep 2014May 2018
  • Graduated Magna Cum Laude with a 3.8 GPA
  • Awarded Dean's List for 6 consecutive semesters
  • Completed capstone project on AI-driven vulnerability detection

Skills

Penetration Testing
Web Application PentestingMobile App PentestingAPI Security TestingNetwork PenetrationCloud Security Assessment
Vulnerability Research
Exploit DevelopmentFuzzingReverse EngineeringThreat ModelingIncident Response
Tools & Technologies
Burp SuiteOWASP ZAPMetasploitNmapWiresharkNessusGhidraDocker
Programming & Scripting
PythonGoJavaScriptBashSQLPHP
Cloud Platforms
AWS SecurityAzure SecurityGCP SecurityContainer Security