Himalayas logo
US
Open to opportunities

ujjwal sharma

@ujjwalsharma2

I am a results-driven application security engineer securing SDLC, reducing vulnerabilities and mentoring development teams.

India
Message

What I'm looking for

I'm seeking an Application Security or DevSecOps role where I can integrate security into the SDLC, architect WAF/CSPM solutions, mentor developers, and reduce vulnerabilities through automation and threat hunting.

I am a results-driven application security engineer with over 6 years of experience securing the full software development lifecycle, integrating SAST, SCA and DAST into CI/CD pipelines, and performing web application penetration testing.

I built and tuned a Web Application Firewall from the ground up, creating over 700 custom exclusions and reducing false positives by 30%. I led remediation efforts that shortened average time-to-fix by 15%, discovered a WAF bypass, and remediated 50+ exposed secrets using CSPM.

I collaborate closely with engineering teams to mentor on secure coding, validate third-party penetration tests, and implement threat hunting and incident response processes—applying a pragmatic, automation-first approach to reduce security debt and improve detection.

Experience

Work history, roles, and key accomplishments

EP
Current

Application Security Engineer

Ensemble Health Partners

Jul 2022 - Present (3 years 3 months)

Built and tuned a Web Application Firewall and integrated AppSec toolchains (SAST/SCA/DAST) into CI/CD, reducing false positives by 30% and driving a 15% average time-to-fix improvement for critical applications.

SASTSCADASTWAFSnykProbelyBurp suiteThreat Modeling
EL

Security Operations Center Analyst

Ethicalhat CyberSecurity Pvt Ltd.

Sep 2019 - Apr 2021 (1 year 7 months)

Conducted real-time SIEM monitoring and incident handling, led security awareness training for 200+ employees which reduced phishing-related support tickets by 35% within a quarter.

SplunkLogRhythmProofPointPhishingSecurity Awareness

Education

Degrees, certifications, and relevant coursework

Chandigarh University logoCU

Chandigarh University

Bachelor of Engineering, Computer Science and Engineering (Information Security)

Completed Bachelor of Engineering in Computer Science and Engineering (Information Security) at Chandigarh University, graduating July 2019.

Tech stack

Software and tools used professionally

Splunk logo

Splunk

Bugcrowd logo

Bugcrowd

HackerOne logo

HackerOne

Gmail logo

Gmail

Mimecast logo

Mimecast

CrowdStrike logo

CrowdStrike

Probely logo

Probely

Snyk logo

Snyk

Burp Suite logo

Burp Suite

Metasploit logo

Metasploit

Wiz logo

Wiz

Availability

Open to opportunities

Location

India

Authorized to work in

India

Job categories

Application Security EngineerDevSecOps EngineerSecurity Operations AnalystPenetration TesterCloud Security EngineerIncident ResponderVulnerability AnalystWAF EngineerLead Application Security EngineerSecurity Software EngineerSenior Security Engineer

Skills

Application SecurityDevSecOpsPenetration TestingThreat ModelingSecure Development Lifecycle (SDLC)SASTSCADASTBurp suiteWeb Application Firewall ManagementAzure FirewallVulnerability ManagementRapid7 InsightVMNetsparkerMetasploitSplunkCrowdstrikeIncident ResponseThreat HuntingBugcrowdHackerOneMimecastSnykGmailProbelyWiz

Interested in hiring ujjwal?

You can contact ujjwal and 90k+ other talented remote workers on Himalayas.

Message ujjwal

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
ujjwal sharma - Application Security Engineer - Ensemble Health Partners | Himalayas