~Vigneshwar Sundararajan

// available for new opportunities

Security Engineer · AppSec · Offensive Security · AI Security

Breaking systems to build better ones. 4+ years securing 2M+ users at Zoho. MS in Cybersecurity from UCF. Now engineering security tooling at the intersection of AI and Cybersecurity.

LinkedIn GitHub Medium TryHackMe Blog RSS

// what i do

⚔

Offensive Security

Breaking things to build them stronger. I hunt for hidden flaws through penetration testing, exploit research, and competitive CTFs.

🤖

Agentic AI

Building autonomous systems that think and act. I design multi-agent frameworks and LLM tools to automate complex workflows and boost security.

🛡

Application Security

Securing code from the inside out. I focus on threat modeling, fixing vulnerabilities, and baking automated security directly into the pipeline.

// experience

Street Care 09/2025 – Present

Security Automation Engineer – Orlando, FL · Remote

Improved internal email security operations by leveraging AI tools to automate the initial analysis of reported phishing attempts. This enhanced daily productivity by quickly filtering false positives and highlighting genuine threats for immediate action.
Developed an LLM-powered agentic workflow that processes meeting transcripts to automatically generate, prioritize, and assign tasks. Integrated sentiment analysis to intelligently set deadlines based on conversation tone, streamlining team workflows.

Zoho Corporation 06/2020 – 07/2023

Member Technical Staff – Security Software Engineer · Chennai, India

Led a weekly bug bounty initiative identifying 100+ web vulnerabilities annually, while educating 20+ developers on secure coding practices. Leveraged ethical hacking techniques to reduce system risks, increasing application resilience by 40%.
Revamped SSO, 2FA, SAML, OAuth, and RBAC mechanisms for Endpoint Central Web, Android, and iOS. Secured 500k accounts, reducing unauthorized access by 60% and enhancing user verification.
Introduced automated testing in GitLab’s CI/CD pipeline, reducing manual code reviews by 50% and enhancing deployment speed across seven high-impact products, improving efficiency and code quality at scale.
Implemented 50+ security features across Manage Engine products, improving key functions like User Management and Role Management, resulting in a 45% reduction in access-related incidents.
Conducted in-depth code reviews for Manage Engine products with over 100k lines of code (LOC), identifying critical vulnerabilities and improving code quality by 25%.
Boosted product stability by resolving live security incidents for 2M+ global users, achieving a 30% increase in customer satisfaction scores and reinforcing product trust worldwide.

// projects

Multi-Agent · Google ADK · LLM

Cross-Check

Engineered a multi-agent phishing detection framework using Google ADK and Mesop, orchestrating a debate consensus mechanism among specialized agents to minimize hallucinations, backed by a Dockerized full-stack architecture with automated testing.

→ GitHub

LangGraph · MCP · Recon

AdaptiveFuzz

A reconnaissance framework powered by a multi-agent system, leveraging context-aware LLMs and a custom MCP for agent communication, resulting in drastically reduced manual effort and accelerated vulnerability discovery.

→ GitHub

RAG · LangChain · ChromaDB

Kestrel

RAG system with LangChain, ChromaDB, with Metasploit datasets. Supports CoT, ReAct, and Self-Ask reasoning for context-grounded vulnerability research with reduced hallucination.

→ GitHub

AI · Privacy · Cryptography

Middleman

Architected a privacy-preserving local proxy for AI data using contextual substitution. Built an instruction-separation pipeline and ephemeral relay to batch LLM requests, preventing sensitive data leaks while significantly cutting API costs.

→ GitHub

Cryptography · Cloud

Cloud Sec Encryptor

Developed an end-to-end Python security tool integrating the Google Drive API via GCP. Implemented Fernet byte-level encryption, secure OAuth authentication, and automated malware scanning to ensure complete data protection for cloud storage.

→ GitHub

Portfolio · Web

vgnshwar.github.io

The source code for my personal portfolio and blogging website, built with Hugo. It serves as a central hub for showcasing my projects, certifications, and technical write-ups.

→ GitHub

// certifications

CRTP

Certified Red Team Professional Altered Security

eJPT

Junior Penetration Tester INE Security

AAIDC

Agentic AI Expert + RAG Expert Ready Tensor

OCA

Oracle Certified Associate Oracle

// training courses

BSCP

Burp Web Security Academy PortSwigger / Udemy

DFPC

Docker Foundations Professional Certificate LinkedIn Learning

THM

CompTIA PenTest+ TryHackMe

THM

Jr Penetration Tester TryHackMe

// skills

Core Competencies

Penetration Testing Threat Modeling Incident Response Cryptography Active Directory Malware Analysis Log Analysis Security Code Review Security Automation Web Development AI Security Agentic AI Generative AI (LLMs)

Security Tools and OS

Burp Suite Pro Metasploit Nessus Splunk Wireshark OWASP ZAP PowerShell BloodHound CE PowerView ActiveDirectory Module Mimikatz SafetyKatz Ghidra Docker Kali Linux Windows Unix macOS

Languages & Frameworks

Python Java C++ Ansible Bash/Shell Scripting JavaScript Bash LangChain LangGraph MCP Google ADK Mesop MCP (Model Context Protocol) Node.js Ember.js Handlebars PHP MySQL PostgreSQL MongoDB

// recent logs

→ all posts

14 Jun, 2026 Take Cryptography Away From Developers
08 Jun, 2026 The Middleman Pipeline
17 Dec, 2025 Catching Phishing Sites with AI Teamwork
19 Sep, 2025 Stop Googling Exploits: Try Mini RAGs
19 May, 2025 TryHackMe Writeup — Brains

// whoami

Name’s ~Vigneshwar. Just an ordinary guy who enjoys exploring how things work under the hood — especially when it comes to breaking and securing systems. Software development background, leaned into security over time. MS in Cybersecurity from UCF. Now building at the edge of cybersecurity and AI.