Ayesha Rahman

Penetration Tester (6+ yrs experience)

Confidentials • Fulltime

Nov 2019 - Jan 2026 • 6 yrs 2 mos

Performed full‑scope penetration testing across web apps, APIs, internal/external networks, and enterprise infrastructure. Completed 100+ engagements identifying critical vulnerabilities, including authentication bypasses, privilege escalation paths, and full Active Directory compromises. Delivered clear reports, PoC evidence, and prioritized fixes to technical teams and senior leadership. Managed continuous security assessments for 1000+ assets using Nessus/OpenVAS. Validated 50+ new vulnerabilities monthly and prepared executive‑level security reports. Contributed to security policy development and provided cross‑team training in basic penetration testing and hardening. Key highlights: 70+ web app pentests following OWASP/NIST standards 50+ network pentests across 900+ node environments Identified high‑risk API flaws preventing major PII exposure Built Python automation to reduce testing time by 60% Led a 3‑member pentest team, ensuring 100% on‑time delivery Supported incident response, malware analysis, & threat monitoring