Message

SADEEPA RAJAKARUNA

Information Security Engineer (OSCP) Colombo, Sri Lanka

Experienced OSCP certified penetration tester and skilled security consultant with a successful track record in identifying vulnerabilities, conducting thorough assessments, and delivering strategic solutions to enhance the security posture of organizations. Proficient in simulating real-world cyberattacks, devising effective defense strategies, and providing expert guidance to clients. Exceptional communicator with the ability to bridge technical and business-oriented stakeholders in Telco, Banking, Logistics, Health Care industries locally and international level. I am interested in joining a position in an organization where I can grow myself while contributing to the company.

Key Skills

Penetration testing

Vulnerability assessment

Offensive security

Burp Suite

MITRE ATT&CK

Active directory penetration testing

OWASP

People management

Professional Experience

Jan 2022

Present

Engineer - Information Security

Crypto-Gen PVT LTD Colombo, LK

Associate Engineer - Information Security, Colombo, LK (Jan 2022 - Aug 2022)

Red teaming operations in Financial, Health care, Logistics and Telecommunications sectors with MITRE ATT&CK framework and offensive tools.
White box, gray box and black box web application penetration testing for both internal and external applications.
Mobile application penetration testing for both Android and IOS platforms.
Penetration tests across public and private networks with Kali Linux, Burp Suite, Metasploit and other offensive tools.
API testing with Burp Suite and Postman according to the OWASP guideline .
Vulnerability assessments with Nessus and Acunetix.
Performed assessments of security awareness training using social engineering.
Consultation on security components to improve security of organizations, security implementation support and vulnerability remediation assistance.

Jan 2021

Jan 2022

Intern - Information Security Analyst

DFCC Bank PLC Colombo, LK

Web, mobile and API penetration testing Burp Suite and other offensive tools.
Internal and external banking network infrastructure, digital assets penetration testing and hardening.
Vulnerability assessments with Nessus, Micro Focus WebInspect tool.
Proactively monitor, identify, correlate, escalate and mitigate threat/ emergency/ crisis incidents from SIEM, CrowdStrike and Darktrace.
Provide baseline analytic analysis and identify trends in security threats and their potential impact on business operations.
Investigate malicious phishing emails, domains and IPs using VirusTotal, AbuseIP, and Open Source tools and recommend proper blocking based on analysis.
Phishing attack simulations and awareness trainings.

Education

Mar 2018

Mar 2022

B.Sc. (Hons) in Cyber Security in

Sri Lanka Institute of Information Technology

Aug 2014

Aug 2018

G.C.E. Advanced Level (Physical Science) in St. Thomas College

Certifications

Offensive Security Certified Professional

OffSec

Android, Unix, PCAP

PentesterLabs

Ethical Hacking Learning Path

Operationalizing MITRE ATT&CK

AttackIQ

Achievements

2021

Research paper publication

Published a research paper in 3rd International Conference on Advancements in Computing (ICAC)

Hobbies & Interests

Rugby
Swimming
Traveling
Movies and music

Languages

English

(Fluent)

Sinhalese

(Native)

Get in touch with SADEEPA

Email Address *

Your message here *