Himalayas logo
TP
Open to opportunities

Tanvi Pandya

@tanvipandya

Application security analyst specializing in VAPT, Android security, and automation.

India
Message

What I'm looking for

I'm seeking a product- or application-security role where I can lead VAPT and SAST automation, advance mobile/Android security research, practice threat modeling, and contribute to secure-by-design teams in a collaborative, growth-oriented environment.

I am an application security professional focused on web, mobile, and application security, with hands-on expertise in VAPT and Android reversing.

I have executed VAPT on 20+ government web apps and integrated SAST tools like Checkmarx, Veracode, and SonarQube into CI/CD pipelines to enable secure code analysis across microservices. I build automation and security tooling—Playwright-based scan automation, CLI log analyzers, and SAST report parsers—and publish select tools on GitHub. My work blends offensive research and defensive engineering, including threat modeling (STRIDE, PASTA) and GDPR/ISO 27001-aligned control assessments.

I'm seeking roles where I can advance product and mobile security through automation, secure-by-design reviews, and collaborative DevSecOps practices.

Experience

Work history, roles, and key accomplishments

IN
Current

Security Automation Projects

Independent

Jan 2023 - Present (2 years 8 months)

Developed modular Python automation for XSS, SQLi and IDOR scanning using Playwright and Selenium, built a CLI log-analysis tool with real-time alerting, and published tools on GitHub to streamline SAST report parsing. Automated SAST analysis via SonarQube and Checkmarx APIs to accelerate code-security assessments.

BI

Security Software Developer

BISAG-N

Nov 2024 - Mar 2025 (4 months)

Performed manual and automated VAPT on 20+ government web applications using Burp Suite, SQLmap and Ghauri, and automated repetitive security scans with Playwright. Contributed to security automation and improved testing coverage across government web assets.

Education

Degrees, certifications, and relevant coursework

Amrita Vishwa Vidyapeetham logoAV

Amrita Vishwa Vidyapeetham

Master of Technology, Cyber Security

2022 - 2024

Completed M.Tech in Cyber Security at Amrita Vishwa Vidyapeetham from 2022 to 2024.

DT

Darshan Institute of Engineering and Technology

Bachelor of Engineering, Computer Engineering

2018 - 2022

Completed Bachelor of Engineering in Computer Engineering at Darshan Institute of Engineering and Technology from 2018 to 2022.

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Tanvi Pandya - Product Security Engineer - CredO | Himalayas