SR
Message

SADEEPA RAJAKARUNA

Experienced OSCP certified penetration tester and skilled security consultant with a successful track record in identifying vulnerabilities, conducting thorough assessments, and delivering strategic solutions to enhance the security posture of organizations. Proficient in simulating real-world cyberattacks, devising effective defense strategies, and providing expert guidance to clients. Exceptional communicator with the ability to bridge technical and business-oriented stakeholders in Telco, Banking, Logistics, Health Care industries locally and international level. I am interested in joining a position in an organization where I can grow myself while contributing to the company.

Key Skills

Penetration testing
Vulnerability assessment
Offensive security
Burp Suite
MITRE ATT&CK
Active directory penetration testing
OWASP
People management

Professional Experience

Dec 2021
Present
Engineer - Information Security
Crypto-Gen PVT LTD Colombo, LK
Associate Engineer - Information Security, Colombo, LK (Jan 2022 - Aug 2022)
  • Red teaming operations in Financial, Health care, Logistics and Telecommunications sectors with MITRE ATT&CK framework and offensive tools.
  • White box, gray box and black box web application penetration testing for both internal and external applications. 
  • Mobile application penetration testing for both Android and IOS platforms.
  • Penetration tests across public and private networks with Kali Linux, Burp Suite, Metasploit and other offensive tools.
  • API testing with Burp Suite and Postman according to the OWASP guideline .
  • Vulnerability assessments with Nessus and Acunetix. 
  • Performed assessments of security awareness training using social engineering. 
  • Consultation on security components to improve security of organizations, security implementation support and vulnerability remediation assistance.
Dec 2020
Jan 2022
Intern - Information Security Analyst
DFCC Bank PLC Colombo, LK
  • Web, mobile and API penetration testing Burp Suite and other offensive tools.
  • Internal and external banking network infrastructure, digital assets penetration testing and hardening.
  • Vulnerability assessments with Nessus, Micro Focus WebInspect tool.
  • Proactively monitor, identify, correlate, escalate and mitigate threat/ emergency/ crisis incidents from SIEM, CrowdStrike and Darktrace.
  • Provide baseline analytic analysis and identify trends in security threats and their potential impact on business operations.
  • Investigate malicious phishing emails, domains and IPs using VirusTotal, AbuseIP, and Open Source tools and recommend proper blocking based on analysis.
  • Phishing attack simulations and awareness trainings.

Education

Feb 2018
Mar 2022
B.Sc. (Hons) in Cyber Security in
Sri Lanka Institute of Information Technology
Jul 2014
Aug 2018
G.C.E. Advanced Level (Physical Science) in St. Thomas College

Certifications

Offensive Security Certified Professional
OffSec
Android, Unix, PCAP
PentesterLabs
Ethical Hacking Learning Path
LinkedIn
Operationalizing MITRE ATT&CK
AttackIQ

Achievements

2021
Research paper publication
Published a research paper in 3rd International Conference on Advancements in Computing (ICAC)

Hobbies & Interests

  • Rugby
  • Swimming
  • Traveling
  • Movies and music

Languages

English
(Fluent)
Sinhalese
(Native)

Get in touch with SADEEPA