I became a Times Internet Security Researcher by hacking into one of its entertainment content products

“How difficult was it for you?”

“The developers had built it obstacles to interrupt reverse engineering. But I managed to pull it off after 5 days of non-stop trial-and-error’ with only bathroom breaks.”

“We’ll reward you as a Bug Bounty Hunter, Prakhar. How else may I help you?”

“I read in the news you had offered a job to a hacker. I want to work with you.”

That’s how a young ethical hacker like me landed a job as a Security Researcher in the country’s largest digital products company. I was sitting across the Times Internet's CEO Gautam Sinha in his cabin in the Gurugram office. I was a certified Bug Bounty Hunter by then and was recognised by 10+ major conglomerates like Microsoft, HDFC Bank, LinkedIn, etc.

Unlike traditional companies who often requested their tech vulnerabilities be kept under wraps, Mr. Sinha was more curious than jilted that a 23-year-old had made his way past the defences set up by his firm’s tech leads. It was liberating not to be tagged as a ‘fresher’ and ‘kid’ for a change and be recognised purely for your potential.

It was the winter of 2015, and my final semester of Computer Science Engineering was about to end. I had dreams of working in big product-oriented companies, one that was dismissed by most seniors who maintained reputed tech majors like Google, Amazon and Times Internet only hired from ivy league colleges. I had stumbled across an article that mentioned Times Internet had offered a young ethical hacker who had been able to expose a vulnerability. An idea crossed my mind, and I got to work.

After multiple days of back-breaking work, I created an app that would allow free users to download premium entertainment content onto a device. Once I confirmed the vulnerability, I reported it on the Times Internet Facebook Page and received a prompt revert. A meeting was scheduled over a subsequent call.

It’s been three years since that day. I still love to create & hack into things. The only thing that’s changed is that I get paid to do what I love, as a Security Researcher at Times Internet. Right after I joined, I was in a five-member crack team headed by Vice President - Technology Ram Awasthi and Tusnin Das, leading Internal Security initiatives for major TIL properties.

Since October 2017, I keep switching roles between a hacker and a developer. We create internal tools to automate tedious security processes, reverse engineer world-class products to better ours, conduct penetration tests on internal products, organise internal security training workshops, help launch new products and move on to the next challenge as soon as one takes off.

The stakes are higher, the people are incredible and the fun never ends.