skip to content
$sarthak.giri
/resume · v3
$downloadback home

Sarthak Giri

Cybersecurity Engineer · Ethical Hacker · Full-Stack Developer

Sydney, Australia programmersarthakg12@gmail.com github.com/sarthakgiri linkedin.com/in/sarthak-giri

Summary

01

Builder who thinks like an attacker. I ship full-stack products with TypeScript and Next.js, harden the cloud infrastructure they run on, and pull AI into the loop when it earns its place. Three years of hands-on web application security work — OWASP Top 10 grounded, lab tested, responsibly disclosed.

Experience

02

  1. Cybersecurity Engineer · Builder

    Independent · Stockxie + tools
    2024 — Present
    • Designed and shipped Stockxie, an AI-powered stock-battle and market discovery app on Next.js / Supabase / AI SDK.
    • Integrated LLMs end-to-end with strict latency budgets, deterministic prompting, and zero-trust handling of user data.
    • Wrote a hardened deploy story on Vercel + Cloudflare for production AI workloads.

  2. Web Application Security · Lab Work

    Self-directed · Responsible Disclosure
    2023 — Present
    • Owned an OWASP Top 10 personal lab series — controlled targets, written-up findings + remediations.
    • Reported and helped patch authentication, IDOR, and SSRF issues across third-party products via coordinated disclosure.
    • Daily-driver tooling: Burp Suite, OWASP ZAP, Wireshark, Docker, Linux.

  3. IT & Technical Operations

    Operations role
    2022 — 2023
    • Linux administration, network triage, and infrastructure automation across production systems.
    • Bridged dev + ops workflows; built scripts that moved manual processes into version control.

  4. Frontend / Full-Stack Apprenticeship

    Freelance · Client projects
    2021 — 2022
    • Shipped marketing sites and small product apps with React, MongoDB, Express.
    • Owned client communication, deploys, and post-launch reliability for ~8 production projects.

Selected Projects

03

  • Stockxie

    AI stock battle & market discovery

    A head-to-head AI battle interface that ranks any two tickers on fundamentals, momentum, and sentiment, then explains the verdict in plain English.

    Next.jsTypeScriptSupabaseAI SDKTailwindVercel

  • Net Zero Waste

    Sustainability platform & guidance engine

    A mobile-first PWA that identifies the right bin for any item, tracks impact over time, and nudges sustainable habits with real-time guidance.

    ReactPWATypeScriptVercel

  • 24-7Jobs

    MERN job platform with role-aware matching

    A MERN job platform with role-aware matching, faster apply flows, and recruiter tooling that prioritises signal over volume.

    MongoDBExpressReactNode.js

  • Security Labs

    Web AppSec research & responsible disclosure

    A personal lab series — controlled targets covering OWASP Top 10 categories, written up as walkthroughs with the fix alongside the finding.

    Burp SuiteOWASP ZAPDockerLinux

Skills

04

Cybersecurity

  • ·Web Application Security
  • ·OWASP Top 10
  • ·Vulnerability Assessment
  • ·Burp Suite · ZAP
  • ·Threat Modeling
  • ·Network Security
  • ·Responsible Disclosure

Development

  • ·TypeScript
  • ·React · Next.js (App Router)
  • ·Node.js
  • ·Supabase · SQL
  • ·Tailwind CSS
  • ·REST / GraphQL APIs

Cloud & Tools

  • ·Vercel · Edge
  • ·Cloudflare
  • ·GitHub Actions
  • ·Linux Administration
  • ·Docker
  • ·Observability basics

AI & Product

  • ·AI-Assisted Development
  • ·AI SDK
  • ·Prompt Engineering
  • ·Automation & Scripting
  • ·Rapid Prototyping
  • ·Product Thinking

Education

05

  • Bachelor of Information Technology

    Computer Science focus
    2020 — 2024

    Self-directed cybersecurity track alongside coursework.

Certifications

06
  • +CompTIA Security+ (in progress)
  • +AWS Cloud Practitioner
  • +Web AppSec — OWASP-aligned self-study

References available on request.