Skip to main content
NC
Open to opportunities

Naveen Chippe

@naveenchippe

I’m a senior penetration tester and offensive security specialist, delivering 200+ enterprise VAPT and red-team findings.

India
Message

What I'm looking for

I’m looking for a security team where I can run offensive VAPT and Red Team engagements, integrate SAST/DAST and shift-left security into SDLC/CI-CD, deliver executive reporting with clear remediation, and continuously improve security outcomes through collaboration.

I’m a Senior Penetration Tester and Offensive Security Specialist with 6+ years in IT and 4+ years in VAPT across web, API, mobile, network, and infrastructure security. I’ve conducted 200+ penetration tests on business-critical applications at enterprise scale, including Amazon.

I go deep on OWASP Top 10 and MITRE ATT&CK, combining SAST/DAST integration and secure code review to reduce false positives and improve coverage. I develop reproducible proof-of-concepts, prioritize using CVSS v3.1 plus business impact, and validate fixes through verification retesting.

I also bring real-world offensive simulation experience—performing Red Team offensive engagements, zero-day simulation (Cymulate BAS), and mobile testing with MobSF, Frida, and Objection—while collaborating closely with DevOps and DevSecOps teams to embed security across the SDLC and CI/CD pipelines. Previously, I contributed to SOC operations at Amazon by monitoring and triaging security events in Splunk SIEM and improving incident response processes through playbooks and knowledge transfer.

Experience

Work history, roles, and key accomplishments

LT

Cybersecurity Specialist

LTM

Feb 2026 - May 2026 (3 months)

Penetration Tester responsible for performing security assessments across Web, API, Mobile, Network and Cloud environments. Conduct vulnerability assessments, manual testing, exploit validation and risk analysis. Identify OWASP Top 10 vulnerabilities, authentication flaws, misconfigurations. Collaborate with development teams, provide remediation guidance and support secure SDLC practices.

Web Application TestingWeb Application SecurityAPI SecuritySASTDASTCloud Security
Amazon logoAM

Senior Associate - PenTest

Amazon

Jun 2022 - Dec 2025 (3 years 6 months)

Performed manual and automated penetration testing across 200+ web and API applications, uncovering high-severity issues including XSS, SQLi, IDOR, SSRF, CSRF, and authentication bypass. Led SAST/DAST assessments, conducted mobile testing (Android/iOS), built PoCs with CVSS v3.1-based prioritization, and delivered executive reporting with remediation and retesting verification.

Penetration TestingOWASP Top 10DASTCVSSCI CD Security Integration
Amazon logoAM

Cybersecurity Analyst

Amazon

Nov 2019 - May 2022 (2 years 6 months)

Penetration Tester responsible for conducting VAPT across Web, API, Mobile, Network and Infrastructure environments. Perform manual and automated security testing, vulnerability identification, exploitation, PoC creation and risk assessment. Expertise in OWASP Top 10 API security, SAST/DAST, secure code review, vulnerability management and providing remediation guidance to improve security posture

Education

Degrees, certifications, and relevant coursework

PRIST University logoPU

PRIST University

Bachelor of Engineering, Electronics & Communication Engineering

Grade: 7.56 / 10.0

Bachelor of Engineering in Electronics & Communication Engineering, completed in 2016 with a CGPA of 7.56/10.0.

Tech stack

Software and tools used professionally

Postman logo

Postman

SonarQube logo

SonarQube

Gmail logo

Gmail

Java logo

Java

PHP logo

PHP

Wireshark logo

Wireshark

Ubuntu logo

Ubuntu

Linux logo

Linux

iOS logo

iOS

Windows logo

Windows

Kali Linux logo

Kali Linux

Windows Server logo

Windows Server

ZAP logo

ZAP

GraphQL logo

GraphQL

Zap logo

Zap

Root Cause logo

Root Cause

SQL logo

SQL

Burp Suite logo

Burp Suite

sqlmap logo

sqlmap

Nmap logo

Nmap

Metasploit logo

Metasploit

OWASP ZAP logo

OWASP ZAP

Bash

Movement logo

Movement

Android logo

Android

Availability

Open to opportunities

Location

India

Authorized to work in

India

Job categories

Senior Penetration TesterPenetration TesterRed TeamerSOC AnalystIncident ResponseAPPLICATION SECURITY | TECHLead Penetration TesterSenior Penetration Testing Solutions ArchitectSenior Security Testing EngineerSenior OT ICS Penetration TesterStaff Penetration TesterPenetration Testing Team Lead

Skills

Penetration TestingVAPT RemediationOffensive Security CertificationsWeb ApplicationsREST APIsGraphQL APIsMobile SecurityAndroid Security PracticesIOS Security APIsInfrastructure SecurityOWASP Top 10SASTDASTCode ReviewSonarQubeManual Secure Code Review (PHP)CVSSCVSS V3.1 ScoringOWASP ZAPBurp suiteMetasploitNmapNessusWiresharkTcpdumpSqlmapShodanPostmanFridaObjectionADBGenymotionPythonBASHSplunkMicrosoft Defender For EndpointMicrosoft 365 DefenderUrlscanCymulate BASZero Day SimulationAndroidGmailGraphQLJavaKali LinuxLinuxMovementPHPRoot CauseSQLUbuntuWindowsWindows ServerZAPiOS

Interested in hiring Naveen?

You can contact Naveen and 90k+ other talented remote workers on Himalayas.

Message Naveen

People also viewed

View all talent

Find your dream job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan