Karan Kumar Singh

Cyber Security Professional | Red Teamer | Offensive & Defensive Security Expert (DevSec + Red Team + Cloud + OT + AI + GRC + Product Security)

🔹 Certifications: OSCE³ | OSCP | CISSP | CCSP | OSEP | OSED | OSWE | CEH | MCRTA | CRTP | 
🔹 Expertise: Red Teaming | Product Security | Cloud-Sec | ZTA | IT & OT Security | Web, Mobile, API Security,Thick Client Application | VAPT | Vulnerability Assessment | Penetration Testing | SAST | DAST | IAST | SSDLC | Network Security | Infra Security | Physical Security | Cloud Security | MLSecOps | DevSecOps | Threat Modeling | AI Security ,Web LLM | Container security | Kubernetes Security | Middleware Security | Firmware Security | Terraform | Ansible | IOT Security | Forenscis | GRC | Privacy | PKI | Cryptography | Zero Trust Architecture | AppSec | Reverse Engineering | Malware Analysis | Python |
🔹 Achievements:
✅ TryHackMe (Top 1%) | Proving Grounds (Top 100) | HackTheBox (Top 1000)
✅ Bug Bounty Recognized by NASA, Bugcrowd, HackerOne
✅ Cracked 300+ CTF Machines (Mr. Robot, 7-Day Pentesting, Red Team)
✅ PortSwigger Lab (Apprentice) | GitHub Security Contributor
✅ Synack Red Team (SRT) Security Researcher – Discovered and reported high-severity vulnerabilities in real-world targets

💡 Passionate about penetration testing, exploit development, live CTFs, and security research.
Having worked with esteemed organizations like EY Gds, TATA, SIRION, and other major product based 
and consulting firms companies, I excel in conducting security assessments and implementing robust security measures. My proactive role in project management ensures timely delivery and adherence to industry-best security standards., securing IT/OT infrastructure, conducting advanced adversary simulations, and driving Cloud & AI security initiatives.
 

Cyber Security Professional | Red Teamer | Offensive & Defensive Security Expert (DevSec + Red Team + Cloud + OT + AI + GRC + Product Security)

🔹 Certifications: OSCE³ | OSCP | CISSP | CCSP | OSEP | OSED | OSWE | CEH | MCRTA | CRTP | 
I am a cybersecurity professional with over 6 years of diverse experience across various domains, including Red Teaming IT & OT, Application Security, Cloud Security, DevSecOps, Product Security, Threat Modeling, GRC and Privacy .My expertise spans Web, API, Mobile, and Thick Client Application Security, along with MLSecOps, AI Security, Web LLM Security,VAPT, Container & Kubernetes Security. Additionally, I specialize in Middleware Security, Firmware Security, IT & OT Security and Python Exploit Development. Currently, I lead and manage Various Phases of Security, ensuring the highest security standards. Having worked with esteemed organizations like Ey Gds, Tata, Sirion and other major product based and consulting firms companies, I excel in conducting security assessments and implementing robust security measures. My proactive role in project management ensures timely delivery and adherence to industry-best security standards.

🔹 Expertise: Red Teaming | Product Security | Cloud-Sec | ZTA | IT & OT Security | Web, Mobile, API Security,Thick Client Application | VAPT | Vulnerability Assessment | Penetration Testing | SAST | DAST | IAST | SSDLC | Network Security | Infra Security | Physical Security | Cloud Security | MLSecOps | DevSecOps | Threat Modeling | AI Security ,Web LLM | Container security | Kubernetes Security | Middleware Security | Firmware Security | Terraform | Ansible | IOT Security | Forenscis | GRC | Privacy | PKI | Cryptography | Zero Trust Architecture | AppSec | Reverse Engineering | Malware Analysis | Python |
🔹 Achievements:
✅ TryHackMe (Top 1%) | Proving Grounds (Top 100) | HackTheBox (Top 1000)
✅ Bug Bounty Recognized by NASA, Bugcrowd, HackerOne
✅ Cracked 300+ CTF Machines (Mr. Robot, 7-Day Pentesting, Red Team)
✅ PortSwigger Lab (Apprentice) | GitHub Security Contributor
✅ Synack Red Team (SRT) Security Researcher – Discovered and reported high-severity vulnerabilities in real-world targets

💡 Passionate about penetration testing, exploit development, live CTFs, and security research.
Having worked with esteemed organizations like EY Gds, TATA, SIRION, and other major product based 
and consulting firms companies, I excel in conducting security assessments and implementing robust security measures. My proactive role in project management ensures timely delivery and adherence to industry-best security standards., securing IT/OT infrastructure, conducting advanced adversary simulations, and driving Cloud & AI security initiatives.




 

B.Tech Computer Science 

Cyber Security Professional (OSCE³ +OSCP +CISSP +CCSP +OSWE +OSED +OSEP +CEH +MCRTA +CRTP Certified)