• Product security audits across web (PHP, React, etc.), Android, and iOS platforms, including vulnerability identification,triage, and coordination with engineering for fixes.

• Cloud security assessments covering IAM policies, storage configuration, access control (IAM), and OS and infrastructure hardening.

• Automation of VAPT processes, including custom template development and integration for faster, deeper and more frequent security audits.

• Human, network, and internal security controls — including monitoring, detection, and internal threat modeling — implemented across an environment supporting 350+ employees and 600+ devices.

• Risk assessment, structured asset inventory and threat modelling to support prioritization, mitigation planning, and security readiness.

• Compliance research and alignment with regulatory frameworks such as DPDPA, including policy documentation,audit preparation, and gap analysis.