Himalayas logo
MH
Open to opportunities

mohd Haji

@mohdhaji

Offensive and application security engineer with 10+ years experience securing cloud, web, and AI systems.

India
Message

What I'm looking for

I want to join a collaborative security team where I can lead offensive testing, secure cloud and AI systems, automate defenses, and mentor engineers.

I am an offensive and application security engineer with over 10 years of InfoSec experience, including 8+ years in corporate services and product environments. I focus on pentesting, secure development, and cloud security across AWS and Azure.

At Fanatics I lead offensive security activities for the commerce division, run the Synack bug bounty triage, and performed pentests on internal AI chatbots and cloud assets. I’ve driven SEV incidents with SRE/SRO teams and implemented MCP servers for cybersecurity use cases.

At VMware I contributed to baseline security testing across multiple products, performed attack surface analysis, and acted as the product security "guru" responding to SDLC security issues. At Copart and COEIA I reduced application risk by finding high-severity issues, automating security tasks with Python, and delivering pentesting and training engagements.

I hold OSCP+, OSWA, and CAPen certifications, published tooling and MCP servers on GitHub, and have a long history of bug bounty and CTF achievements. I seek roles where I can continue to harden modern applications, cloud environments, and AI systems while mentoring teams and automating security.

Experience

Work history, roles, and key accomplishments

Fanatics logoFA
Current

Offensive Security Engineer

Fanatics

Apr 2024 - Present (1 year 5 months)

Conducts manual and automated penetration tests of Fanatics cloud environments (Azure, AWS) and AI chatbots, triages the Synack bug bounty program, and leads security incident response and remediation efforts across commerce assets.

Penetration TestingAWSAzureBurp suiteQualysCrowdstrike
CO

Application Security Engineer

Copart

Jan 2020 - Jan 2022 (2 years)

Performed web and mobile application penetration tests across multiple countries, reported and drove remediation of high-risk findings, and implemented automation scripts to integrate security scans into CI/CD pipelines.

ScriptingAppSecCI CD PipelinesAppSpiderCloudflare WAF
CA

Information Security Specialist

Center Of Excellence In Information Assurance

Sep 2017 - Apr 2019 (1 year 7 months)

Conducted internal and external penetration tests for clients (including government entities) for ISO 27001 compliance, developed pentesting training materials, and delivered awareness talks on application security.

PentestingISO 27001)Application SecurityKaliNmapMetasploit

Education

Degrees, certifications, and relevant coursework

Chaitanya Bharathi Institute of Technology logoCT

Chaitanya Bharathi Institute of Technology

Bachelor of Engineering, Computer Science Engineering

2013 - 2017

Grade: 7.8 GPA

Completed Bachelor of Engineering in Computer Science Engineering with First Division and a 7.8 GPA.

Tech stack

Software and tools used professionally

Postman logo

Postman

Bugcrowd logo

Bugcrowd

GitHub logo

GitHub

Cloudflare logo

Cloudflare

Akamai logo

Akamai

Jenkins logo

Jenkins

Microsoft SharePoint logo

Microsoft SharePoint

Nextcloud logo

Nextcloud

iCloud logo

iCloud

Zendesk logo

Zendesk

Terraform logo

Terraform

Jira logo

Jira

Bugzilla logo

Bugzilla

JavaScript logo

JavaScript

Java logo

Java

PHP logo

PHP

Wireshark logo

Wireshark

Amazon Comprehend logo

Amazon Comprehend

PayPal logo

PayPal

GraphQL logo

GraphQL

Checkmarx logo

Checkmarx

Qualys logo

Qualys

CrowdStrike logo

CrowdStrike

OAuth2 logo

OAuth2

GuardRails logo

GuardRails

npm logo

npm

ADP logo

ADP

Nmap logo

Nmap

Metasploit logo

Metasploit

Ollama logo

Ollama

Cursor logo

Cursor

Semgrep logo

Semgrep

Availability

Open to opportunities

Location

India

Authorized to work in

India

Portfolio

github.com/mohdhaji87/Shodan-MCP

Job categories

Senior Offensive Security SpecialistApplication Security EngineerProduct Security EngineerCloud Security EngineerRed Team SpecialistDevSecOps EngineerSenior Security Automation EngineerSecurity ResearcherSecurity Consultant

Skills

Penetration TestingVulnerability AssessmentApplication SecurityMobile SecurityREST API TestingPythonC++JavaJavaScriptPHPAWSAzureBurp suiteNmapMetasploitWiresharkAppSpiderCheckmarxSemgrepCrowdstrikeQualysCloudflareSASTDASTJenkins CIJiraConfluenceMCP ServersThreat ModelingOWASP Top 10OWASP ASVSRed TeamIncident ResponsePostman)BugcrowdAkamaiJenkinsMicrosoft SharePointICloudNextCloudBugzillaGuardRailsGitHubAmazon ComprehendNPMADPZendeskTerraformGraphQLPayPalOAUTH2OllamaCursor

Interested in hiring mohd?

You can contact mohd and 90k+ other talented remote workers on Himalayas.

Message mohd

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
mohd Haji - Offensive Security Engineer - Fanatics | Himalayas