Saraansh Taneja

E-mail: saraanshtaneja1@protonmail.com Contact No: +91 8851253674

+91 9560293983
OVERVIEW

Cyber Security Professional with thorough understanding of Cyber security disciplines to include Red
Teaming, Threat hunting, Vulnerability assessments, Penetration testing, Application security, Social
engineering assessments and Secure configuration of network devices. I have nearly 4.5 years of hands on
experience in IT Security specializing in penetration testing. I have carried security assessments for Banking
& Insurance clients, Healthcare industry, Government sector and private companies.

PROFESSIONAL EXPERIENCE

Organization: Deloitte Touche Tohmatsu India LLP: Working as Assistant Manager in Risk Advisory
and focuses on Cybersecurity and technology risk services.

Position: Assistant Manager ( February 2018- Present )

Roles and ● Red Team Assessments

responsibilities ● Network penetration testing
● Gray box and black box application security testing
● Devsecops- Assist the development team in implementing best practices for
software build and deployment
● Source code review
● Network architecture review
● Defining minimum baseline security standards for network devices and servers.
● IT Risk Audits

Organization: Ernst & Young LLP: Worked as Consultant with the EY India Cyber Security team
focussing on Financial services that includes banks and insurance companies.

Position: Consultant ( June 2016- Jan 2018 )

Roles and ● Internal and external attack simulation leading to domain compromise for
responsibilities banking clients.
● Application security testing.
● Red Team Assessments
● System and network configurations review to ensure compliance with
information security policies and leading industry standards.
 ● Define standards for Information Security controls.
● Network Architecture Review
● Secure configuration review

Organization: AKS IT Services: A provider of wide range of IT Security Services, the Company has
been empanelled with CERT-In as an Information Security Auditing Organization. It is
an ISO 9001:2008 & ISO 27001:2013 Certified Company.

Position: InfoSec Consultant (June 2014- May 2016)

Roles and ● Conduct Web Application Security Audits on various platforms and Content
responsibilities management systems.
● Perform internal and external network penetration tests.
● Perform application testing using OWASP and Secure SDLC standards
● Mobile Application Security Audits
● Worked on various confidential projects with Law Enforcement Agencies

SKILLS

●Red Team assessments.

●Well-equipped with techniques of domain compromise, persistence and lateral movement in active
directory environment.
●Penetration testing actives will include application, network and database testing both internally and
externally.
●Perform threat hunting activities to proactively seek out weaknesses in the environment and working
with partners to remediate.
●Social engineering assessments.
●Hands-on experience in penetration testing of Web applications and Web Services technologies such
as XML, JSON, SOAP, REST, and AJAX.
●Endpoint review of user workstations and terminal devices.
●Mobile application security.
●Assistance in vulnerability remediation & patch management as per leading industry practices.
●Secure configuration review of network devices like switches, routers, firewalls and others.

TOOLS

● Network Security/ Penetration Testing tools like Empire, Bloodhound, PS attack, Crack map exec
Metasploit, Nessus and many microsoft sys-internal tools.
● Web Application security tools such as Acunetix, Burp Suite, App Spider, Sqlmap, Havij, Dirbuster.
● Networking/Analysis tools like Netcat, Wireshark etc.
● Thick client/Web Services tools such as Echo Mirage, SoapUI.

CERTIFICATIONS
 ● Offensive Security Certified Professional (OSCP)
● Certified Ethical Hacker (CEH)

ACADEMIC QUALIFICATIONS

B.Tech Manav Rachna International University 2013(67%)

Senior Secondary C.B.S.E 2009(80%)
Secondary C.B.S.E 2007(86%)

INTERESTS

● Cricket
● Music