Open to opportunities

Riyas Karakkadan

@riyaskarakkadan

Message

Experienced Senior Application Security Analyst with a focus on vulnerability management.

Qatar

Message

What I'm looking for

I seek a challenging role in application security where I can leverage my expertise to enhance security measures and drive compliance within a forward-thinking organization.

I am a seasoned IT professional with over 6 years of dedicated experience in application security and more than 8 years in application design and development. My expertise lies in security principles, protocols, and regulations, where I have successfully conducted security research, analysis, and assessments across various platforms, including web, mobile, cloud, and thick client systems. I am adept at identifying and mitigating vulnerabilities, ensuring regulatory compliance, and implementing industry-standard security frameworks.

Experience

Work history, roles, and key accomplishments

Current

Application Security Engineer

Current

Diyar Middle East

Sep 2023 - Present (1 year 9 months)

Spearheaded the integration of secure SDLC processes for 40+ applications, conducted risk assessments, and contributed to ISO 27001 certification. Designed an application security lifecycle framework and implemented runtime vulnerability mitigation using WAF.

SDLC Risk Assessment ISO 27001 WAF Security Testing Threat Modeling Documentation Risk Mitigation

Senior Application Security Engineer

Gadgeon Systems Inc.

Jul 2021 - Aug 2023 (2 years 1 month)

Conducted vulnerability management for systems, led security assessments, and facilitated third-party penetration testing. Implemented SAST tools and secured AWS environments while developing global security policies.

Vulnerability Management Security Testing Penetration Testing SAST AWS Security Policy Development Compliance Risk Management

System Analyst

UST Global

Jun 2016 - Jun 2021 (5 years)

Resolved application vulnerabilities through secure coding practices, integrated security tools into CI/CD pipelines, and conducted architecture reviews aligned with OWASP standards.

Secure Coding CI CD Pipelines Architecture Reviews OWASP Agile Methodologies Code Review Application Security Risk Assessment Security Tools

Sr. Consultant – Application Software Development

Rapposol Ventures Pvt Ltd

Jun 2014 - May 2016 (1 year 11 months)

Designed and developed a common application framework, implemented Agile practices, and led a team of developers to enhance project execution and collaboration.

Design Frameworks Agile Practices Team Leadership Identity Management Project Management Software Development Collaboration

Lead Engineer

HCL Technologies

Mar 2010 - Mar 2014 (4 years)

Developed subsystem components in RIS-T framework, led CI pipeline creation, and conducted requirement analysis for legacy system migrations, ensuring security and scalability.

C++CI Pipelines Security Systems Technical Documentation Software Development