Samitha Madhusanka
Colombo
Summary
Senior Penetration Tester with 07+ years of experience in cybersecurity, specializing in conducting comprehensive security assessments and penetration testing to identify and mitigate vulnerabilities in complex IT environments. Seeking to leverage expertise in Red Teaming, advanced penetration testing techniques, and risk assessment to enhance the security posture of organizations.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Red Team Lead
DeltaSpike (Pvt)Ltd
06.2022 - Current
- Lead and conduct penetration testing engagements for a diverse range of clients, including government agencies, and financial institutions.
- Develop and execute penetration testing methodologies tailored to clients' specific requirements and compliance standards, such as ISO 270001/2, PCI DSS and CBSL Cyber Resilience Framework
- Perform network penetration testing, web application assessments, wireless security testing, and social engineering engagements to identify and exploit vulnerabilities.
- Collaborate with cross-functional teams to analyze findings, prioritize remediation efforts, and provide actionable recommendations to improve security posture.
- Create detailed reports documenting findings, risk assessments, and remediation recommendations for stakeholders, including executive leadership and technical teams.
- Provide subject matter expertise and mentorship to junior penetration testers, contributing to their professional development and growth within the organization.
Senior Analyst - Cyber Security
CICRA Consultancies (Pvt)Ltd
05.2020 - 06.2022
- Conducted penetration testing engagements for clients across various industries, including healthcare, e-commerce, and technology.
- Utilized a variety of tools and techniques to identify vulnerabilities in networks, applications, and systems, including Metasploit, Nmap, Burp Suite, and Kali Linux.
- Assisted in the development and enhancement of penetration testing methodologies, tools, and frameworks to improve efficiency and effectiveness.
- Presented findings and recommendations to clients in clear, non-technical language, facilitating understanding and collaboration between technical and non-technical stakeholders.
- Contributed to the continuous improvement of internal processes and procedures related to penetration testing and security assessment services.
Senior Security Engineer
Cryptogen (Pvt)Ltd
01.2019
- Conducting Vulnerability Assessments and Penetration Testing (VAPT) for Web, Mobile, Network, API
- Conducting Red Team Exercises
- Reviewing Application Source Code & firewall configuration
- Performing social engineering assessments
Security Engineer
Cryptogen (Pvt)Ltd
06.2018 - 01.2019
- Conducting Vulnerability Assessments and Penetration Testing (VAPT) for Web, Mobile, Network, API
- Conducting Red Team Exercises
- Reviewing Application Source Code & firewall configuration
- Performing social engineering assessments
Analyst in IT Advisory Division
KPMG
08.2017 - 06.2018
- VAPT (web/Mobile/Network/API), source code review, Phishing Simulation, Firewall Rulebase Audit
Education
BSc (Hons) IT Specialized in Cyber Security -
Sri Lanka Institute of Information Technology
Skills
- Penetration testing (Web/Mobile/Network/API)
- Red Team assessment
- Pupal Teaming activities
- Digital Forensics
- Reverse Engineering and Code Reviewing
- Malware Analysis
- Network and Architecture Review
Accomplishments
- Outstanding Performance Award 2019
- Winners at Sri Lanka-CERT Hacking Challenge 2019
- Winners at Sri Lanka-CERT Hacking Challenge 2017
- 2nd runner up at Sri Lanka-CERT Hacking Challenge 2018
- 1st place in the Hackathon CTF - Garnes Labs
- Silver Award in “Hack Me if You Can” CTF - SLIIT code fest 2015.
Personal Information
- Date of Birth: October 23, 1991
- Gender: Male
- Nationality: Sri Lankan
- Marital Status: Married
Affiliations
- Acknowledged by WSO2 for finding and responsibly reporting security Vulnerability
- Acknowledged by Avira for finding and responsibly reporting security Vulnerability
- Acknowledged by Intel for finding and responsibly reporting security Vulnerability
Certification
• Offensive Security Experienced Penetration Tester (OSEP)
• Offensive Security Certified Professional (OSCP)
• Cisco Certified Network Associate (CCNA)
• Hac-King-Do Black Belt Training Certification (Computer Security Student PLC)
• Certified red team professional - Pentester academy (CRTP)
• Certified red team Expert - Pentester academy (CRTE)
Languages
English
Upper Intermediate (B2)
B2
References
References available upon request.
Timeline
Red Team Lead
DeltaSpike (Pvt)Ltd
06.2022 - Current
Senior Analyst - Cyber Security
CICRA Consultancies (Pvt)Ltd
05.2020 - 06.2022
Senior Security Engineer
Cryptogen (Pvt)Ltd
01.2019
Security Engineer
Cryptogen (Pvt)Ltd
06.2018 - 01.2019
Analyst in IT Advisory Division
KPMG
08.2017 - 06.2018
BSc (Hons) IT Specialized in Cyber Security -
Sri Lanka Institute of Information Technology
Similar Profiles
Umar RizwanUmar Rizwan
NA at DeltaspikeNA at Deltaspike
Jaden HamiltonJaden Hamilton
Account Executive at LTDAccount Executive at LTD
Aubrey BogdanAubrey Bogdan
Lead Bartender at LTDLead Bartender at LTD