Karthik Sunkenepalli

I graduated from the University of Hertfordshire with a Master's in Cyber Security (2021-2022). I've spent the last eight years working as a penetration tester for various MNCs and being active with the security side of a company's IT, including web application security testing, source code analysis, dynamic application security testing, and company policies.

Associate Security Architect | Tech Mahindra, India                        Dec 2018 to Feb 2021

Tech Mahindra is an Indian multinational technology company, providing information technology and business process outsourcing services.

•   Performed application security testing both manually and with the Burp Suite tool.

•   Managing false positives discovered by the Qualys tool for DAST (Dynamic Application Security Testing).

•   Used the Coverity tool to perform SAST Scans (Source Code Analysis) and identify false positives.

•   Worked with various network and web application testing tools to find vulnerabilities

•   Provided technical training to developers on vulnerabilities and mitigation strategies.

•   Assisting team members with their development and technological advancement.

Senior Penetration Tester | Launchship Technologies Pvt Ltd, India       Sep 2017 to Dec 2018

Launchship provides technology solutions to improve existing client business processes for greater performance and higher returns using cutting-edge IOT.

•  Experience of undertaking both automated and manual application Penetration Testing assessments

•  Extensive, demonstrable knowledge of security vulnerabilities and remediation techniques

•  Hands-on-keyboard experience conducting vulnerability scans

•  Conducted peer reviews of security assessment reports.

Penetration Tester | ICICI Bank, India                                               Feb 2015 to Sep 2017

ICICI Bank, a leading private sector bank in India, offers Net banking services & Personal banking services like Accounts & Deposits, Cards, Loans, and Insurance.

•   Perform security reviews of application designs and source code review

•   Work with application developers to validate, assess, understand the root cause and mitigate vulnerabilities

•   Preparing presentations and keeping clients informed about the development process

•   Responsible for performing manual penetration testing and communicating findings to both Business and Developers

•   Create and update client security assessment reports.

Security Analyst | Genpact, India                                                     Dec 2011 to Feb 2015

Genpact is a global professional services firm delivering digital transformation by putting digital and data to work to create a competitive advantage.

•   Involved in risk and vulnerability assessments while evaluating the applications.

•   Develop and maintain security threat assessment reports, as well as attack plans.

•   Provide developers with mitigation techniques and safe coding.

•   Perform a manual analysis of the test results to find significant flaws.

•   Assisting with the Knowledge Transition (KT) process for new resources. 

University of Hertfordshire - Master`s degree (Penetration Testing, Digital Forensics, Distributed System Security)                                                                                        -2022

Masters in Cybersecurity 

JNTU Hyderabad, India - Bachelor`s degree                                                                                             -2011

Bachelor’s Degree in (Electronics & Communication Engineering)