Nisarga Adhikary, the teen who identified vulnerabilities in the OSM system deployed by CBSE this year, has been hired as an OSINT and Threat Intelligence Engineer at C3iHub, IIT Kanpur. Director Agarwal approached the teen impressed by his blog on tender loopholes and portal discrepancies.
“Nisarga Adhikary has been appointed as an engineer in our cybersecurity team. A few years ago, we had similarly recruited a couple of young engineers for the same team. I am not sure whether he is the youngest recruit at IIT Kanpur, but he is certainly among the youngest engineers to have been hired by the institute,” Agrawal added.
Adhikari is tasked to analyze actionable information from publicly available sources and identify vulnerabilities in websites and applications, helping organizations address and patch potential security flaws, as revealed by officials.
The achievement marks a significant milestone in Adhikary’s journey from a student researcher to a cybersecurity professional, highlighting the growing recognition of ethical hacking and responsible vulnerability disclosure in India.
Beaming with joy, Adhikari said, “I am excited about this opportunity because it is the first time I will be working in a security-focused role. In my earlier jobs, I primarily worked as a software engineer, while cybersecurity was more of a hobby.”
Both Adhikary and IIT Kanpur officials declined to disclose his remuneration, although Adhikary indicated that it was lower than he had expected.
Adhikari began coding at the age of 6 and was seriously involved in cybersecurity. He also participated in Capture the Flag (CTF) and other cybersecurity competitions during his school days. He is the first in his family to choose cybersecurity as his career. Both his parents are into finance.
The OSM portal is a critical digital platform used by CBSE-affiliated schools across the country to upload and manage students’ examination marks. The loopholes in the portal operation surfaced after Adhikari, wrote a blog disclosing discrepancies in the tender. The irregularities included flaws related to access controls and data security, raising concerns about the protection of information handled through the platform.
The disclosure drew widespread attention from cybersecurity experts and the education sector, with many praising the teenager for choosing an ethical approach.