Pooja Thimmaiah

Cyber security- VAPT

https://talent.gravityer.com/pooja-thimmaiah

Cyber security- VAPT with 6+ years in Application, Cloud, and Network Security.

Deloitte Touche Tohmatsu India LLP

Key Strengths

Extensive experience in Vulnerability Assessment & Penetration Testing (VAPT) across web, API, and network, aligning perfectly with the target role.
Proficient in a wide array of security tools including Burp Suite, OWASP ZAP, Nmap, Nessus, Metasploit, Fortify, Prowler, and ScoutSuite.
Strong background in secure code review, threat modeling (STRIDE), and integrating security into SDLC (DevSecOps).
Demonstrated ability to identify and exploit critical vulnerabilities (SQLI, IDOR, auth bypass, misconfigurations, business logic flaws).
Experience in securing cloud-native applications and AWS misconfigurations.
Managed end-to-end vulnerability lifecycle, including triage, prioritization, remediation, and re-validation.

Cultural & Operational Fit

Cultural Fit Analysis

The candidate has worked across multiple consulting firms (Deloitte, EY, CYRAACS) and has experience in BFSI environments, indicating adaptability to diverse organizational cultures and regulatory landscapes. The breadth of skills from VAPT to GRC and DevSecOps suggests a well-rounded security professional who can contribute to various aspects of a security program. The target role 'Cyber security- VAPT' aligns well with the candidate's core expertise, suggesting a strong cultural fit for a role focused on offensive security and vulnerability management.

Soft Skills & Operational Fit

The resume highlights 'Professionalism and Empathy' as a skill, which suggests a good understanding of collaborative work environments. The experience in leading threat modeling and integrating security into CI/CD indicates an operational mindset focused on efficiency and proactive security. The candidate's progression through reputable firms like Deloitte and EY suggests strong work ethic and adaptability.

AI is analyzing your overall score…

Identifying your key strengths…

Evaluating your skill match against the job requirements…

Assessing your cultural and operational fit

Experience

Deloitte Touche Tohmatsu India LLP

Senior Executive Consultant

February 1, 2024 – Present

Bengaluru, Karnataka, India

Ernst & Young LLP (EY)

Associate Consultant

January 1, 2023 – January 1, 2024

Bengaluru, Karnataka, India

CYRAACS

GRC & VAPT Consultant

October 1, 2021 – December 1, 2022

Bengaluru, Karnataka, India

Noel Construction Company Pvt. Ltd.

Consultant

June 1, 2018 – June 1, 2020

Bengaluru, Karnataka, India

Key Strengths

Extensive experience in Vulnerability Assessment & Penetration Testing (VAPT) across web, API, and network, aligning perfectly with the target role.
Proficient in a wide array of security tools including Burp Suite, OWASP ZAP, Nmap, Nessus, Metasploit, Fortify, Prowler, and ScoutSuite.
Strong background in secure code review, threat modeling (STRIDE), and integrating security into SDLC (DevSecOps).
Demonstrated ability to identify and exploit critical vulnerabilities (SQLI, IDOR, auth bypass, misconfigurations, business logic flaws).
Experience in securing cloud-native applications and AWS misconfigurations.
Managed end-to-end vulnerability lifecycle, including triage, prioritization, remediation, and re-validation.

Cultural & Operational Fit

Cultural Fit Analysis

Soft Skills & Operational Fit

Pooja Thimmaiah

Key Strengths

Cultural & Operational Fit

About

Top Skills

Skills

Education

Experience

Certifications

Key Strengths

Cultural & Operational Fit