Open to opportunities

Om Lakshmi Shanthi Venugopal

@omlakshmishanthivenu

Message

Security engineer securing web, API, and cloud platforms at enterprise scale.

India

Message

What I'm looking for

I want a hands-on security role improving AppSec and cloud security at scale, mentoring teams, deploying AppSec tooling, and driving measurable reductions in vulnerabilities.

I am a Security Engineer with 3+ years of experience securing modern web applications, APIs, and cloud infrastructure at enterprise scale, with a strong track record at IBM. I focus on reducing release-stage defects and eliminating recurring vulnerability classes through hands-on remediation.

I have deployed and tuned AppSec tooling (SAST, DAST, SCA, WAF, secret detection) across GitHub CI/CD pipelines on AWS, Azure, and GCP, cutting false positives and expanding coverage into new vulnerability categories. I also lead security architecture reviews, threat modeling, and IaC security reviews for cloud deployments.

I mentor junior engineers and run Security Champion programs and security awareness training, delivering measurable reductions in repeat vulnerability patterns and phishing click rates. I have also managed vulnerability management programs, driven ISO 27001 and GDPR efforts, and supported audits with zero non-conformities.

Technically, I am proficient in Python, JavaScript, Docker, Kubernetes, CI/CD, and cloud platforms, and I combine hands-on technical skill with project management to improve organizational security posture.

Experience

Work history, roles, and key accomplishments

Current

Senior Security Engineer

Current

IBM

Dec 2023 - Present (2 years 3 months)

Identified and remediated 50+ critical vulnerabilities across web apps, APIs, and IT/OT systems, eliminating recurring classes and reducing release-stage defect rates by ~40%. Deployed and tuned SAST/DAST/SCA/WAF across 6+ CI/CD pipelines and led threat modeling and security champion training for 50+ engineers.

Web Security API Security SAST DAST SCA WAF Threat Modeling AWS CI CD

Graduate Teaching Assistant

University of Maryland

Aug 2022 - May 2023 (9 months)

Designed and delivered 12 network security labs for 140+ M.Eng students covering cryptography, web security, OAuth/SAML, and OWASP Top 10, contributing to a 4.7/5 course satisfaction rating.

Teaching Curriculum Design Cryptography Web Security OAuth SAML OWASP Top 10 Lab

Cybersecurity Intern

The New York Public Library

Jun 2022 - Aug 2022 (2 months)

Assessed and hardened 140+ endpoints using XDR/EDR tooling, remediating 20+ dormant vulnerabilities and reducing manual monitoring effort by ~40 hrs/week. Built security awareness training adopted by 300+ staff and supported phishing simulations that cut click-through rates by 60% across tests.

Endpoint Security XDR EDR Security Awareness Monitoring

Education

Degrees, certifications, and relevant coursework

University of Maryland, College Park

Master of Engineering, Cybersecurity

2021 - 2023

Activities and societies: Graduate Teaching Assistant for Network Security; designed and delivered security labs for M.Eng students.

Completed a Master of Engineering in Cybersecurity with coursework and lab instruction in cryptography, web security mechanisms, OAuth/SAML, and OWASP Top 10.