Kerala, India· Available for opportunities

Securing enterprise systems by combining offensive security with risk-led compliance across cloud, AI, and on-prem environments.

Blending VAPT, cloud security, and compliance to turn real vulnerabilities into measurable risk reduction.

Get in touchExplore expertise
About

A hybrid approach to modern security.

I approach security from both sides — breaking systems to uncover real risk, then translating those findings into structured, standards-aligned defenses across enterprise and SMB environments.

With 6+ years across VAPT, GRC, and security engineering, I focus on turning vulnerabilities into actionable security improvements by mapping them to frameworks like ISO 27001 and SOC 2, and embedding controls into real-world architectures and DevSecOps workflows.

My work spans cloud, on-prem, and evolving AI-driven systems, ensuring security is not just compliant, but resilient under real attack conditions.

My approach is simple

Break it

Adversarial testing to uncover real-world risk before attackers do.

Map it

Translate findings into compliance and business impact.

Build it

Security architectures that hold up beyond the audit window.

6+
Years experience
4+
Domains mastered
13+
Security tools
Global
Engagements
Expertise

Four disciplines. One mission.

From adversarial testing to AI governance — each domain interlocked, applied across cloud, code, and compliance.

01

Offensive Security

Adversarial testing across web, network, mobile, and APIs — finding what attackers find first.

Red TeamingWeb App PentestingNetwork PentestingAPI SecurityMobile SecurityThick Client Testing
02

GRC & Compliance

Translating frameworks like ISO, SOC 2, and DPDPA into practical, audit-ready security programs.

ISO 27001ISO 42001SOC 2PCI DSSNISTDPDPAPrivacy Governance
03

Security Architecture

Embedding security into cloud, CI/CD, and DevSecOps — secure by design, not by retrofit.

DevSecOpsCI/CD SecuritySecure SDLCThreat ModelingSAST/DASTAWSAzureGCP
04

AI Security

Red teaming, governance, and threat modeling for LLMs and autonomous AI agents.

AI Red TeamingAI/LLM SecurityAI Agent SecurityAI Threat ModelingAI Governancen8n Automation
05

Tools

Hands-on across the modern security stack — from offensive tooling to enterprise XDR.

Burp Suite
T
Tenable
Qualys
S
SonarQube
B
Backslash
O
Orca
U
UpGuard
C
CloudSEK
Cortex XDR
SentinelOne
MS Sentinel
GitHub Adv. Security
Kali Linux
Burp Suite
T
Tenable
Qualys
S
SonarQube
B
Backslash
O
Orca
U
UpGuard
C
CloudSEK
Cortex XDR
SentinelOne
MS Sentinel
GitHub Adv. Security
Kali Linux
Auto-scrollingTap arrows to navigate
Credentials

Certified. Always learning.

Certifications
  • ISO/IEC 27001 Lead ImplementerActive
  • AZ-500In Progress
  • ISO 42001In Progress
Continuous Learning
  • AI Foundations for Everyone – IBM
  • AI Security & Governance – Securiti
  • AI Hacking 101 – TCM Security
  • AI Security Foundations – AttackIQ
  • DPDPA Certification Training
Contact

Open to global
opportunities.

Whether it's a security challenge, a collaboration, or a conversation about the future of cybersecurity — I'm always open to connecting.

mvivek060@gmail.comLinkedIn
Kerala, India
© 2026 · Vivek MDesigned & built with care