Open to AI Security Opportunities

Ramesh Kanna M.

Senior Cybersecurity Engineer (L2) · 3.6 Years Experience

Specializing in securing Web, Mobile, API, Infrastructure and Cloud systems through comprehensive security assessments, strategic remediation, and adherence to Security Compliance & Governance frameworks.

Ramesh Kanna
3.6 Yrs
3.6+
Years Experience
35+
Bug Bounties Filed
16
Interns Mentored
4
Certifications
Expertise

Professional Skills

Full-stack security capabilities across offensive and defensive domains

⚔️ Penetration Testing
WebAPIMobileInfrastructureAWSAzure
🛡️ Security Testing
SASTDASTSCACode ReviewAD Pentesting
🔧 Tools
Burp SuiteNessusMetasploitCheckmarxNmapSQLMap
📱 Mobile & API
MobSFDrozerFridaPostmanjwt_toolArjun
🔍 SIEM & VM
AlienVaultTenableQualys VMDRCrowdStrikeZscaler
⚙️ DevSecOps & Compliance
SnykVeracodeSOC 2ISO 27701Vanta
💻 Languages
PythonBashJavaScriptHTMLCSS
🤖 AI / LLM Security
Prompt InjectionLLM TestingAI PolicyOWASP LLM
Career

Work Experience

3.6 years of hands-on offensive and defensive security work

March 2025 – Present
Senior Cybersecurity Engineer (L2)
Integrate Marketing Technologies
  • Web & API pentesting to identify and mitigate security risks
  • Source code review for .NET applications
  • CI/CD security — Snyk integration for early vulnerability detection
  • Vulnerability management using Tenable on AWS infrastructure
  • SIEM operations via AlienVault for SOC monitoring & incident response
  • AI/LLM security testing and security policy development
  • Endpoint protection (CrowdStrike & Kandji) and network security (Zscaler)
August 2022 – March 2025
Application Security Engineer
Cognizant
  • Delivered web, API, mobile, and infra pentests (OWASP & SANS) with zero escalations
  • Identified vulnerabilities via internal VDPs; supported SAST, DAST & SCA triage
  • Collaborated with clients and dev teams for remediation within SLAs
  • Trained and mentored 16 interns on web application and infra penetration testing
February 2022 – August 2022
Cybersecurity Intern
Cognizant
  • Supported primary testers and VM teams on client projects
  • Conducted vulnerability scans using Qualys VMDR
  • Created detailed reports and retests to validate remediation
Credentials

Certifications

Industry-recognized qualifications in cybersecurity

🏅
Certified Ethical Hacker v12 (CEH)
ID: ECC7342608195
🔐
Certified Appsec Practitioner (CAP)
ID: 9072043
🔎
Qualys Vulnerability Management
Qualys Certified
🌐
API Penetration Testing
APIsec University
Recognition

Achievements

Real-world impact through responsible disclosure and bug bounty programs

35+
Bug Bounty Programs — Reported vulnerabilities in Google, Telekom, Epic Games, Synology & 35+ companies
Top 5
Security Researcher — Ranked Top 5 in the Fresenius VDP Program
16
Interns Mentored — Delivered training on web application and infrastructure pentesting at Cognizant
0
Zero Escalations — Delivered all pentest engagements at Cognizant with zero client escalations
Get In Touch

Contact

Available for security consulting, AI security roles, and bug bounty collaborations

Let's work together

Senior Cybersecurity Engineer with growing expertise in AI/LLM security. Open to roles in AI security engineering, red teaming, application security, and freelance consulting.

Send Email
✉️
Email
rameshkanna2k@gmail.com
📞
Phone
+91 8428280144
📍
Location
Chennai, Tamil Nadu, India
🎓
Education
B.Tech CSE — VelTech University (CGPA 8.13)
Expertise

Professional Skills

Full-stack security capabilities across offensive and defensive domains

⚔️ Penetration Testing
WebAPIMobileInfrastructureAWSAzure
🛡️ Security Testing
SASTDASTSCACode ReviewAD Pentesting
🔧 Tools
Burp SuiteNessusMetasploitCheckmarxNmapSQLMap
📱 Mobile & API
MobSFDrozerFridaPostmanjwt_toolArjun
🔍 SIEM & VM
AlienVaultTenableQualys VMDRCrowdStrikeZscaler
⚙️ DevSecOps & Compliance
SnykVeracodeSOC 2ISO 27701Vanta
💻 Languages
PythonBashJavaScriptHTMLCSS
🤖 AI / LLM Security
Prompt InjectionLLM TestingAI PolicyOWASP LLM
Career

Work Experience

3.6 years of hands-on offensive and defensive security work

March 2025 – Present
Senior Cybersecurity Engineer (L2)
Integrate Marketing Technologies
  • Web & API pentesting to identify and mitigate security risks
  • Source code review for .NET applications
  • CI/CD security — Snyk integration for early vulnerability detection
  • Vulnerability management using Tenable on AWS infrastructure
  • SIEM operations via AlienVault for SOC monitoring & incident response
  • AI/LLM security testing and security policy development
  • Endpoint protection (CrowdStrike & Kandji) and network security (Zscaler)
August 2022 – March 2025
Application Security Engineer
Cognizant
  • Delivered web, API, mobile, and infra pentests (OWASP & SANS) with zero escalations
  • Identified vulnerabilities via internal VDPs; supported SAST, DAST & SCA triage
  • Collaborated with clients and dev teams for remediation within SLAs
  • Trained and mentored 16 interns on web application and infra penetration testing
February 2022 – August 2022
Cybersecurity Intern
Cognizant
  • Supported primary testers and VM teams on client projects
  • Conducted vulnerability scans using Qualys VMDR
  • Created detailed reports and retests to validate remediation
Credentials

Certifications

Industry-recognized qualifications in cybersecurity

🏅
Certified Ethical Hacker v12 (CEH)
ID: ECC7342608195
🔐
Certified Appsec Practitioner (CAP)
ID: 9072043
🔎
Qualys Vulnerability Management
Qualys Certified
🌐
API Penetration Testing
APIsec University
Recognition

Achievements

Real-world impact through responsible disclosure and bug bounty programs

35+
Bug Bounty Programs — Reported vulnerabilities in Google, Telekom, Epic Games, Synology & 35+ companies
Top 5
Security Researcher — Ranked Top 5 in the Fresenius VDP Program
16
Interns Mentored — Delivered training on web application and infrastructure pentesting at Cognizant
0
Zero Escalations — Delivered all pentest engagements at Cognizant with zero client escalations
Get In Touch

Contact

Available for security consulting, AI security roles, and bug bounty collaborations

Let's work together

Senior Cybersecurity Engineer with growing expertise in AI/LLM security. Open to roles in AI security engineering, red teaming, application security, and freelance consulting.

Send Email
✉️
Email
rameshkanna2k@gmail.com
📞
Phone
+91 8428280144
📍
Location
Chennai, Tamil Nadu, India
🎓
Education
B.Tech CSE — VelTech University (CGPA 8.13)
What I Offer

Security Services

Expert-led security testing and consulting across all major attack surfaces

🎯
Manual + Automated
Perfect blend of automated scanning and deep manual testing for maximum coverage
📋
Standards-Based
All assessments follow OWASP, NIST, SANS and industry-standard methodologies
📄
Actionable Reports
Detailed reports with severity ratings, PoC evidence, and remediation guidance
🔒
Zero Escalations
Confidential, professional, and deadline-driven service with proven track record
🌐
Web Application Pentesting
OWASP Top 10 focused testing with business logic flaw identification and manual exploitation.
  • Broken Access Control & Auth Bypass
  • SQL Injection, XSS, CSRF, SSRF
  • Business Logic Vulnerability Testing
  • Source Code Review (.NET, JS)
  • CVE Analysis & PoC Documentation
🔌
API Security Testing
REST & GraphQL API coverage including broken object-level authorization and token validation.
  • OWASP API Top 10 Coverage
  • Broken Object Level Authorization
  • JWT & OAuth Token Testing
  • API Fuzzing & Recon
  • Tools: Postman, Burp, Arjun, jwt_tool
🖧
Network & Infrastructure VAPT
Internal & external scanning, firewall bypass, service enumeration, and credential testing.
  • Nmap, Nessus, OpenVAS Scanning
  • Metasploit Exploit Automation
  • Password Spraying & Brute Force
  • Reverse Shell & Post-Exploitation
  • Active Directory Attack Simulation
☁️
Cloud Security Assessment
AWS & Azure security posture reviews using industry benchmarks and misconfiguration detection.
  • AWS & Azure Security Reviews
  • IAM & Privilege Escalation Testing
  • Tenable Cloud Scanning
  • S3 / Blob Storage Exposure Testing
  • CIS Benchmark Assessment
📱
Mobile Application Testing
Android & iOS security testing following OWASP Mobile Top 10 with runtime manipulation.
  • OWASP Mobile Top 10
  • MobSF Static Analysis
  • Frida Runtime Instrumentation
  • Drozer Dynamic Analysis
  • Certificate Pinning Bypass
🤖
AI / LLM Security Testing
AI system testing including prompt injection, jailbreaking, and AI security policy development.
  • Prompt Injection Testing
  • LLM Jailbreak Assessment
  • AI Security Policy Development
  • OWASP LLM Top 10 Coverage
  • RAG & Agent Security Review
⚙️
DevSecOps & CI/CD Security
Integrate security into your SDLC with SAST, DAST, SCA tools and pipeline hardening.
  • Snyk & Veracode CI/CD Integration
  • SAST / DAST / SCA Triage
  • Secure Code Review
  • Vulnerability SLA Management
🛡️
SOC & Defensive Security
Blue team operations including SIEM monitoring, EDR management, and incident response.
  • AlienVault SIEM Operations
  • CrowdStrike EDR Management
  • Incident Response & Recovery
  • Threat Hunting & Detection
  • Compliance Support (SOC 2, ISO 27701)
Request a Consultation
Education

I Also Provide Training

Professional cybersecurity training — comprehensive, hands-on, and industry-ready

🎓 Professional Course
Professional Cyber Security Course
A comprehensive, hands-on cybersecurity program covering everything from ethical hacking fundamentals to advanced penetration testing, defensive security, and career preparation. Syllabus updated every 3 months to keep pace with emerging threats.
📍 Location: Triplicane, Chennai
📞 Phone: +91 96499 64912
📧 Email: info@smatal.in
01
Intro to Ethical Hacking
  • Info Security Overview
  • Cyber Kill Chain Concepts
  • Ethical Hacking Concepts
  • Security Controls & Law
02
Networking Concepts
  • IP, MAC, DNS, Firewall, VPN
  • OSI Model
  • TCP, UDP, Three-way Handshake
  • ARP, DHCP, NAT
03
Linux & Lab Setup
  • VirtualBox & Kali Linux
  • File System & Permissions
  • Users, Privileges & Services
04
Python & Bash Basics
  • Python Concepts
  • Writing Security Tools
  • Shell Commands & Functions
05
Malware Threats
  • Malware Analysis
  • Trojans, Virus & Worms
  • Countermeasures & Anti-Malware
06
Sniffing & Spoofing
  • Sniffers & Sniffing Types
  • Spoofing Concepts & Types
  • Defense Techniques
07
Cryptography
  • Encryption Algorithms & Ciphers
  • Cryptography Analysis Tools
  • Defence Against Crypto Attacks
08
Footprinting & Recon
  • Subdomain Enumeration
  • Google & GitHub Dorks
  • Port Scanning, Nuclei Recon
09
Network Security
  • Nmap, Nessus, OpenVAS
  • Metasploit Exploitation
  • Reverse Shells, Password Spraying
10
Web App Security
  • OWASP Top 10 With Examples
  • Burp Suite Hands-on
  • SQLMap, Report Writing
11
API & Mobile Testing
  • OWASP API Top 10
  • OWASP Mobile Top 10
  • MobSF, Frida, jwt_tool
12
Active Directory
  • AD Terminology & Controllers
  • Initial Attack Vectors
  • Post-Compromise Attacks
13
Defensive Security & SOC
  • Blue Team Tools
  • Splunk SIEM Introduction
  • EDR & Defender Usage
14
Threat & Incident Response
  • Threat Hunting Process
  • Incident Detection & Investigation
  • Incident Resolution & Recovery
15
Wireless & Cloud Security
  • Wireless Hacking Techniques
  • Cloud Computing Fundamentals
  • Cloud Security Best Practices
16
Career & Jobs
  • Interview Preparation
  • Mock Interview & Resume
  • Career Roadmap
Knowledge Sharing

Security Talks

Topics I speak on at colleges, corporate events, and industry conferences

Past Talks

Previous Speaking Engagements

A look back at sessions I've delivered — click each image area to upload your event photo

📸
Click to add event photo
🎤 Chief Guest · Guest Lecture
Vels University

Honored to be the Chief Guest at my first event! A big thank you to Vels University Computer Science Department for the invitation. It was a pleasure delivering a session on Cybersecurity Career Tips and interacting with such enthusiastic students.

Cybersecurity Career TipsChief GuestCS Dept
📸
Click to add event photo
🚀 Keynote Speaker · Induction Session
Vel Tech University

Honored to be invited by the Vel Tech Alumni Association to speak on the topic "Future of Cybersecurity" during the Induction cum Acquaintance session for new students.

Future of CybersecurityAlumni SpeakerInduction
📸
Click to add event photo
💡 Guest Lecture · 100+ Students
Crescent College

Amazing session with 100+ Computer Science students! Delivered a guest lecture on IoT Development & Security and had some great discussions on the future of tech.

IoT DevelopmentIoT Security100+ Attendees
Talk Topics

Topics I Speak On

Available for college seminars, corporate sessions, and industry conferences

🔐
Cybersecurity Career Tips
A practical guide for students on how to break into cybersecurity.
  • Roadmap for beginners
  • Key certifications (CEH, OSCP, Bug Bounty)
  • Real-world day-to-day insights
  • How to build a security portfolio
🚀
Future of Cybersecurity
How AI, cloud, and IoT are reshaping the threat landscape.
  • AI & ML in cyber attacks and defense
  • Cloud-native security challenges
  • Zero trust architecture
  • Emerging threats in 2025+
🌐
IoT Development & Security
How IoT devices fail and how to secure them against real attacks.
  • IoT attack surfaces & vulnerabilities
  • Firmware analysis basics
  • Network-level IoT attacks
  • Secure IoT development practices
🤖
AI & LLM Security
Securing AI systems — prompt injection, jailbreaks, OWASP LLM Top 10.
  • What is prompt injection?
  • OWASP LLM Top 10 walkthrough
  • Real-world AI attack demos
  • How to red-team AI products
🔍
Web & API Penetration Testing
How attackers exploit web apps and APIs with live tool demos.
  • OWASP Top 10 live walkthrough
  • Burp Suite demonstration
  • API security testing basics
  • Bug bounty hunting tips
🎓
Ethical Hacking for Beginners
An accessible intro to ethical hacking for students with no prior background.
  • What is ethical hacking?
  • Types of hackers and their roles
  • Basic tools: Kali, Nmap, Metasploit
  • Lab setup and first steps
Invite me to speak at your event

Available for college seminars, tech events, corporate awareness sessions, and industry conferences. I bring practical, real-world content tailored to your audience.

Get In Touch