.

Vrushali Khodade
7720994871
KhodadeVD@[Link]

Seeking leadership assignments in IT Cybersecurity/Security & Compliance / IT Project Management with an organization of repute.

An Overview
Information Security Professional over 5 years of experience in vulnerability assessment for Web and Mobile application, IT
Operation & Service Delivery , GRC , Project management expertise in managing, innovating and implementing ISMS, ITGC
control, Security operating methodology.

Work Experience
Vulnerability Assessment:-
 Conducted OWASP Top Ten and OWASP testing guide-based vulnerability assessments and
SENIOR SECURITY penetration tests on web applications and APIs, identifying vulnerabilities such as XSS, Privilege
CONSULTANT | Escalation, IDOR, and Business Logic Flaws.
07/2024 - Current  Performed Static and Dynamic Testing of Android applications on emulators or rooted devices
Tata Technologies following OWASP Mobile Top 10 guidelines.
Ltd. - Pune  Conducted application retests, followed up on suggestions, and ensured the closure of identified
vulnerabilities.
 Preparing the comprehensive security assessment report detailing the identified vulnerabilities and
SECURITY CONSULTANT| their remediation techniques.
01/2022 – 07/2024  Basic knowledge of Python scripting, programming fundamentals, and database fundamentals.
Tata Technologies  Familiar with SAST (code review) and application security checklists.
Ltd. - Pune  Proficient with testing frameworks and tools (e.g., BurpSuite, ZAP, OWASP tools, Kali Linux tools,
MobSF).
 Understanding of OWASP and the software development lifecycle (SDLC).
 Experienced in auditing various facets of IT and project/program management.
PMO:-
SECURITY CONSULTANT|  Managed PMO activities, including vulnerability reporting and tracking. Managed and maintained all
08/2020 - 01/2022 security and compliance trackers and reports.
Tata Technologies  Reviewed policies and procedures periodically or as needed, submitting them for approval as per the
Ltd(Primus Global quarterly cycle.
Technologies)- Pune  Provided status updates to leadership on vulnerabilities, audit findings, and implementation of
controls, ensuring closure of all audit observations. Developed and delivered presentations for
governance meetings (internal/customer) on a weekly and monthly basis.
 Responsible for Customer Satisfaction Score (CSAT) and Employee Satisfaction Score (ESAT).
GRADUATE TRAINEE |  Managed program/project/severity priorities, coaching the team to make informed decisions based on
02/2019 - 08/2020 priorities.
Tata Technologies  Hands-on experience with JIRA, BurpSuite, ITSM tools, and Kali Linux tools.
Ltd. - Pune  Chaired security committee meetings to discuss security posture, risks, and mitigation strategies.
 Created risk documents, root cause analyses (RCA), problem reports, and history reports.
 Coordinating with the respective application team to fix the potential vulnerabilities found.
 Conducting application security trainings for the developers as per OWASP and SANS framework.
 Implementing management approved security solutions to ensure a secure organizational IT
environment.
 Handled ODC/Site audit, ISO 270001Audit, CERT-In Audit. also done VPN related activities
(assign/revoke 2FA token, troubleshooting, etc), VIP Internet access, PIM user access, VPN Access
Reconciliation Activity(UAM).
Compliance:-
 Ensured compliance with security standards and best practices, reducing vulnerabilities and
enhancing application security.
 Developed and maintained IT and information security policies, procedures, and guidelines based on
best practices such as ISO 27001, ICOFR/ICFR, and regulatory requirements.
 Led and performed compliance and audit testing activities to measure and monitor compliance with
customer contractual security requirements, company policies, and procedures.
 Acted as the Single Point of Contact (SPOC) for regulatory, statutory, and concurrent audits, liaising
with internal and external stakeholders to ensure timely completion.
.

Education
Degree College University Year Percentage Class
B.E JSCOE , Hadapsar Pune 2016-17 70.13% Distinction
Diploma Govt. Polytechnic, Pen MSBTE 2013-14 77.68% Distinction
S.S.C. MG Vidyalaya, Uruli-Kanchan Pune 2010-11 82% Distinction

Technical Proficienies
Application Security Test Tools :- OWASP Top 10(Web and Mobile), Burp Suite Proxy, Acunetix,
Genymotion, MOBSF, APK reverse engineering.

Programming Languages :- Basic C, C++, Java, Core Java, Python, HTML.

Database :- Oracle 10g, MySQL, NoSQL, MongoDB.

Operating System :- Linux (Fedora, Kali), Windows, Android.

Project Summary
B.E.:
Title: Performance Improvement of Hadoop for Handling Various Types of Small Files with Improved approach.
Role: Team member (design, testing)
Tools: Hadoop, Map reduce, HDFS, Java.

Diploma:
Title: Courier Management System.
Role: Team leader (design, programming, testing)
Tools: Java, MySQL, RDBMS.

Paper Publications
1) Allusive study of performance progression technique for Hadoop (International Engineering Research Journal)
2) A File sharing system with performance progression techniques using Hadoop (International Journal of
Combined Research & Development)

Achievements
 Successfully completed in Information Security Awareness Course (ISO-27001) conducted at Tata Technologies.
 Successfully completed Udemy’s Ultimate Bug Bounty course.
 Successfully completed EC-Council’s Ethical Hacking Essentials course.
 Ladies Representative of Road Safety Police in 10th standard (2010).
 Proactive participation in Global Talent Track (GTT) sponsored by Barclays.
 Certificate in Personality Development by Barclays.
 Participated in Wheebox Employability skill Test.
 Involved in various cultural activities held at School and College level.

Personal Information
 Birth Date : 10-Apr-1996
 Nationality : Indian
 Language : English, Hindi, Marathi
 Permanent Address : Dehu, Pune-412109
 Marital Status : Married