He Called Himself Average, Changed Schools 5 Times, Started CTFs in His 5th Semester Because the Syllabus Was Not Enough, and Got Selected as 1 of 15 From 5,000 for Synchrony at 12 LPA

Not every placement story starts with a rank or a score. This one starts with a question. How does a website switch from one tab to another? What happens behind the screen? What are the limits of a tool?

Priyanshu Raikwar is from Madhya Pradesh. His schooling was scattered across five institutions: nursery through KG at one, Grades 1 to 5 at another, a different city entirely for 6 through 10 after a parent’s transfer, then a hostel for his remaining secondary years. Stability was never the constant. Curiosity was.

“In the field of technology, I am always curious about how things work in the background. If a website is scrolling, if we switch from one tab to another, how is it happening? If we have any tool, what are its limitations?”

He was, by his own description, an average student. Not a topper. Not a prodigy. The kind of student whose curiosity did not have a channel until he chose cybersecurity at Parul University. He describes cybersecurity as the ultimate cat-and-mouse game. You must stay ahead of possible attacks, constantly think about what could happen next, and never accept that you have figured everything out. For someone who had always been drawn to the edge of what could be seen, this was a natural fit.

Semesters one through four were what they are for most engineering students: lectures, exams, clearing subjects. The foundation was there, but the pace of cybersecurity moves faster than any syllabus can follow. Priyanshu found himself confronting a question that many students in technical fields eventually reach: when does the practical knowledge start?

In his fifth semester, he stopped asking and started doing.

“This fifth semester, I did not know much about cybersecurity yet, but I started exploring. I started learning CTFs, Capture the Flag. There is a lab: suppose you have a web page, an admin panel. Now you have to bypass that page. If you insert the correct payload on the input field, you will get the flag.”

He started on TryHackMe, working through guided cybersecurity labs. From basic CTF challenges he moved into web exploitation (which became his strongest domain), then network security, forensics, cryptography, and reverse engineering. What set him apart was not that he started. Plenty of students start. What set him apart was how he iterated. He would read write-ups from top performers on Medium after every competition. When a challenge took him an hour but someone else solved it in five minutes, he did not feel deflated. He felt a pull toward understanding the gap. That gap became his curriculum.

The university was not a passive backdrop. It was an active enabler at every stage.

Internal CTF competitions became Priyanshu’s earliest competitive testing grounds. These were not casual participation exercises. They simulated the pressure, speed, and problem-solving demands of national competitions. PU Code Hackathon 2.0 in January 2025 was a 36-hour marathon where his team (Priyanshu alongside Abheesht Singh, Anish S., and Vishal Dubey) was selected as one of 160 from 715 applicants.

But the most significant institutional contribution came in his seventh semester, when Parul University’s partnership with TechDefence produced something rare for undergraduate students: a live SOC (Security Operations Center) internship. Not as observers sitting behind glass. As active analysts monitoring real network traffic.

“First day was like: they gave us theoretical knowledge, and we were like, yes, what is this, we want practical knowledge. After one or two weeks, they started teaching us practically as well. After one month, they gave us live access to their tool, SCON, which is a SIEM tool used to monitor logs.”

His formal role at TechDefense ran from September 2025 to February 2026 as SOC L1 Intern. The deliverables were not academic: threat monitoring and triaging, tuning Seceon SIEM rules and correlating logs (he reduced false positive alerts by 20%), investigating incidents on network endpoints, and generating daily SOC reports. These are professional outputs. The kind that appear on a resume because they happened in a real security environment, not a lab simulation.

During the SOC internship, something happened that shifted Priyanshu from student-learning-security to professional-doing-security.

A data transfer event triggered his attention. More than 10 GB of data had moved between two IP addresses. He began analysing the logs. The data appeared to include sensitive financial information: credit card data, account details. And the transfer was from a private IP to a public IP.

“I saw two IPs, one public, one private. If data is transferred from private to private, there is no issue. But if data is going from private to public, there is an issue. It is not an internal flow. So from there, I got an eye. I went to my mentor and asked what the issue was. He analyzed it and told me: it is suspicious. You just have to inform the client.”

That response is worth pausing on. He did not try to fix it himself. He did not pretend he knew more than he did. He identified, he escalated, and he communicated. He went to his mentor first. That instinct, the maturity to recognise the boundary between what you can handle and what you should hand up, is something educators find genuinely difficult to teach because students constantly try to pretend they already have it. Priyanshu actually had it.

The Infosec University Hackathon 2025 was held with the Cybersecurity Centre of Excellence (CCoE) in Hyderabad. It was one of India’s top virtual infosec events. More than 5,000 students registered across Web Exploitation, Cryptography, Forensics, Reverse Engineering, and Secure Coding. Synchrony was the hiring partner.

The competition was designed to filter at every stage. Not just for skill. For strategy, stamina, documentation ability, and honesty.

The six-hour qualifier took 5,000 participants down to 1,500. Most students would scatter their energy across every challenge category trying to maximise points. Priyanshu did the opposite. He went straight to web exploitation, his strongest domain, and earned approximately 500 points from web challenges alone before touching anything else.

“I love web challenges. So I always firstly moved to web CTF challenges. I do not prefer points-chasing. Even if a web challenge is worth 15 points, I go for that first. From web challenges alone, I earned around 500 points.”

The 24-hour CTF took 1,500 down to approximately 55. Non-stop. No breaks. Priyanshu solved 18 out of 20 challenges spanning every major cybersecurity domain. The competition used dual-artifact validation: each challenge required both an Access Key and a Flag, which meant you could not guess your way through. You had to exploit properly.

Then came the round that most technical people underestimate: the write-up. The transition from solving a challenge to explaining how you solved it is one of the most undervalued skills in competitive cybersecurity. Priyanshu’s write-up grew to 97 pages. Step-by-step methodology. Specific payloads with explanations. Findings across every challenge he had solved.

He had a doubt about the length. 97 pages felt excessive. He went to his faculty at Parul University, Ajay Sir, who reviewed the document and provided structured feedback before submission.

“After the write-up, I had a doubt: sir, my write-up is too long, 97 pages. Ajay sir told me: your write-up is too good. So I did the corrections and submitted.”

Sometimes all a student needs is a teacher who says: this is good enough. Submit it.

The final round was a rigorous technical interview. One question stood out: had he used AI tools to solve challenges? His answer was honest. In competitive cybersecurity, AI assistance is part of the toolkit. Many candidates, he suspects, denied it. He did not. In a field where honesty about your methods is a professional requirement, that candour mattered.

The result arrived in stages. First, a non-selection notification. Then, a re-evaluation mail: his write-up had impressed the panel enough for them to reconsider. An interview slot was offered. The interview went well. The offer followed. One of 15 selected from more than 5,000. Twelve lakhs per annum. Synchrony.

In January 2026, Priyanshu attended Security BSides Vadodara at ITM SLS Baroda University. BSides events are globally recognised community-driven cybersecurity conferences with presentations, workshops, and live challenges. The Vadodara edition featured deep-dive sessions on web security, networking, and real-world attack vectors.

He competed in the on-site 15-minute CTF. Live. Real-time. Speed and precision under pressure, with no retries and no second chances.

He won. His username on the leaderboard, bugkult, was officially recognised as a top winner alongside seasoned professionals, not just students.

“Competing live, under real-time pressure, in a completely fair setting where quick thinking and precision mattered most, that kind of win hits different. Seeing my name officially recognised as a top winner alongside talented participants was truly humbling and motivating.”

The win was an introduction. He connected with industry speakers, security professionals, and peers who share the same obsession with finding vulnerabilities before someone else exploits them. In his view, those networks will be the real win in the long run.

His other competitive record: Hacker Gambit 2025 (national CTF organised by Wild WiFi, ranked 32nd-36th, team advanced to Round 2, finished top 30). PU Code Hackathon 2.0 (160 from 715, January 2025). Each competition was a training ground, not just an event.

March 2026. A Dell laptop. Branded stationery. Headphones. And a shift in identity that no amount of preparation fully prepares you for.

Priyanshu was moving from the mindset of a competitor, someone whose job is to break things, to the mindset of a defender, someone whose job is to prevent and secure. He joined Synchrony’s Endpoint Security team, working on Security Engineering, Automation, EDR (Endpoint Detection and Response), and WAF (Web Application Firewall). The internship is hybrid, and he describes his team and manager as the kind of people who reply when you reach out, even on short notice.

Synchrony is a Fortune 500 company. Ranked second in India and first in the United States on the Great Place to Work list. Priyanshu mentions this not as a branding exercise but as something he has experienced through the quality of onboarding and the responsiveness of his colleagues.

“So many students have the dream of working remotely. I never expected that I would get the opportunity to work from home. Synchrony is a very good company. My manager also, if I have any doubt, I just directly reach out and they reply.”

When asked where he sees himself in five years, his answer is both grounded and specific: still at Synchrony, in a room with two to three monitors, leading a security team. Not because the image is dramatic. Because it reflects the work he actually wants to do and the environment he wants to do it in.

Alongside his degree, Priyanshu stacked three certifications that served distinct purposes:

C3SA Premium Edition from CyberWarfare Labs (June 2025): a Certified Cyber Security Analyst credential covering advanced real-world challenges. By his account, this was the certification that most significantly increased his practical capability.

Google Foundations of Cybersecurity via Coursera (January 2025): he obtained the certificate with foundational coverage of network security, SIEM, cyber risk, and security controls. The Google brand on a resume matters when HR is scanning before the technical team ever sees it.

Career Essentials in Cybersecurity from Microsoft and LinkedIn Learning (December 2024): threat and vulnerability management, information security awareness, cybersecurity fundamentals. A second recognisable name in the certification section.

The certifications built knowledge. The CTFs and SOC internship built proof. Both were necessary. Neither was sufficient alone.

When Priyanshu distributes credit for his achievement, he does it with a specificity that tells you something about the person. Seventy percent goes to his father: the person who sent him to Parul, supported him without condition, and whose choices made the entire journey possible. Twenty percent goes to the university and its ecosystem. Ten percent goes to himself. It is a modest figure that understates his own work, but it reflects a character that looks outward before looking inward.

He is candid about where he comes from: a family where formal higher education was not always the norm. What his father gave him was not a plan. It was permission.

“Give your child freedom. Let them know what they want. What interests them, which field they are in. Do not force them. Because if you do what you love, that will obviously be a track.”

To cybersecurity students, his advice is more pointed:

“My message to students in the cybersecurity field: start solving CTF challenges. Start participating in CTFs. Because nowadays, big MNCs are hiring based on your CTF performance and technical rounds. If you only rely on the interview, you will get a minimum package.”

And the line that captures everything about why this particular student, from this particular background, ended up at this particular company:

“I love what I do. I love bug hunting, I love CTFs, I love web challenges. For me, the work does not feel like work. And I think that is the main thing.”

Parul University did not hand Priyanshu his placement. But it gave him the terrain to discover what he was capable of. Internal CTF competitions from his fifth semester. PU Code Hackathon 2.0 as a 36-hour proving ground. A TechDefence SOC partnership that put undergraduate students on live SIEM tools with real network traffic and real incidents. Faculty like Ajay Sir who reviewed a 97-page write-up before national submission and told the student it was good enough to submit. IMPACT training programs that taught him how to articulate technical work to non-technical evaluators.

The same university that placed Tanish Patel and Suraj Jagtap at Microsoft (60 LPA), Shailendra Soni at TCS Prime (9 LPA, few selected from 252), and Parth Bangoria at Deloitte (8 LPA, biology background to GATE AIR 9,000) also produces cybersecurity specialists who win national hackathons, detect real data breaches during internships, and get selected as 1 of 15 from 5,000 for Fortune 500 security teams at 12 LPA.

Parul University’s mission goes beyond just securing placements. It aims to build a business-ready mindset that empowers students to carve their own path. PIERC (Parul Innovation and Entrepreneurship Research Centre) has incubated 254 startups with Rs 20 crore+ in funding and Rs 40 crore+ in revenue. The placement system is not one pathway. It is an ecosystem: campus drives, GATE, PIERC startups, competitive hackathons, and international programs, all operating simultaneously. NAAC A++ (CGPA 3.55). 2,200+ recruiters. 3,500+ placements in one season.