HPharish p
@harishp
Dedicated Security Engineer with expertise in vulnerability management.
IndiaWhat I'm looking for
I am a highly skilled Security Engineer with nearly five years of experience in vulnerability management and implementing automated security solutions. My expertise spans across Multi-Cloud Security Posture Management, Secure Software Development Life Cycle, and mitigating vulnerabilities with a shift-left mindset. I have successfully reported vulnerabilities to major platforms, including Microsoft and TikTok, earning recognition as a Most Valuable Researcher by Microsoft.
In my current role as a Security Engineer III at NetApp, I conduct thorough security reviews for applications and infrastructure, ensuring compliance with best practices. I have a proven track record of performing web application penetration testing and secure code reviews, identifying and validating vulnerabilities for remediation. My commitment to security extends to providing guidance to development teams, assisting in risk mitigation, and implementing solutions that have saved organizations significant costs in bounty payouts.
Throughout my career, I have collaborated closely with DevOps and development teams to ensure the implementation of secure coding practices and security best practices. My experience includes managing bug bounty programs, performing SAST and DAST security testing, and developing security tools that enhance organizational security posture. I am passionate about continuous learning and am currently pursuing AWS security certification to further enhance my skill set.
Experience
Work history, roles, and key accomplishments
Security Engineer III
NetApp
Jan 2024 - Present (1 year 6 months)
Conducted security reviews for applications and infrastructure, ensuring adherence to best practices. Analyzed and triaged SSDLC/DevSecOps security tooling reports, collaborating with development teams to address findings before release.
Product Security Engineer
Deriv
Apr 2022 - Present (3 years 3 months)
Wrote GitHub action workflows for security checks in the CI/CD pipeline and conducted application security reviews, secure architecture design reviews, and threat modeling. Implemented solutions for detecting and mitigating security vulnerabilities, including over 110+ dangling IP subdomain takeover vulnerabilities.
Security Analyst
Cognizant Technology Solutions
Oct 2020 - Present (4 years 9 months)
Performed Dynamic Web Application Security Testing (DAST) and Static Application Security Testing (SAST) based on OWASP standards for Fortune 500 companies. Conducted Secure Code Reviews on internal project codebases using CheckMarx.
Red Team Member
Synack Red Team
Performed web and infrastructure security testing for high-profile clients, identifying and reporting over 75 high-impact vulnerabilities. Passed rigorous web and host onboarding tests involving chaining OWASP Top 10 bugs and hack-the-box style machine penetration tests.
Education
Degrees, certifications, and relevant coursework
SUSathyabama University
Bachelor in Engineering, Computer Science
2016 - 2020
Studied Computer Science at Sathyabama University. The curriculum covered core engineering principles and specialized topics in computer science.
Sathyabama University
Bachelor of Engineering, Computer Science Engineering
Studied Computer Science Engineering, gaining foundational knowledge in various computing principles. Focused on understanding and applying engineering concepts within the field of computer science.
Tech stack
Software and tools used professionally
Availability
Location
IndiaAuthorized to work in
Portfolio
github.com/DevSecOps-sample-projectSalary expectations
Social media
Job categories
Skills
Interested in hiring harish?
You can contact harish and 90k+ other talented remote workers on Himalayas.
Message harishFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
