Himalayas logo
YC
Open to opportunities

Yash Chavhan

@yashchavhan

Security analyst and Web3 enthusiast with 5+ years securing platforms and earning substantial bug-bounty rewards.

India
Message

What I'm looking for

I’m seeking hands-on security roles where I can perform penetration testing and smart contract audits, build automation, and work with engineering teams to fix critical vulnerabilities.

I am a cybersecurity professional with over five years of hands-on experience in application, infrastructure, API, and Web3/smart contract security, focused on penetration testing, VAPT, and responsible disclosure.

I have reported 250+ valid security findings for companies including Samsung, Google, H&M, and Zebpay, earning over $120,000 in bug-bounty rewards, and have delivered workshops and built automation tools to streamline security testing.

My practical expertise spans Web2 and blockchain security—identifying issues such as SQL injection, XSS, CSRF, Log4j RCE, IDOR, reentrancy and business logic flaws—while collaborating with engineering teams to validate fixes and harden systems.

Experience

Work history, roles, and key accomplishments

CK

Security Analyst

CKmate

Apr 2022 - Feb 2025 (2 years 10 months)

Performed end-to-end security assessments for web, API and mobile applications and conducted smart contract testing, uncovering critical vulnerabilities such as Log4j RCE, IDOR, SQL injection and business-logic flaws. Streamlined testing via automation and coordinated with developers to validate fixes, contributing to over 250 valid reports and >$120,000 in responsible-disclosure rewards.

Penetration TestingVAPTWeb SecurityAPI SecurityPythonBASHSolidityReconnaissance Automation

Education

Degrees, certifications, and relevant coursework

BM

Bharti Vidyapeeth College of Engineering, Navi Mumbai

Bachelor of Technology, Engineering

2019 - 2022

Grade: 8.2%

Completed a BTech program with a CGPA of 8.2% focused on engineering fundamentals from 2019 to 2022.

JC

Jijamata Secondary College

Secondary School Certificate, Secondary Education

Grade: 86.0%

Completed secondary school education with an aggregate of 86.0%.

Tech stack

Software and tools used professionally

Blockchain logo

Blockchain

Gmail logo

Gmail

Log4j logo

Log4j

navi logo

navi

SQL logo

SQL

Availability

Open to opportunities

Location

India

Authorized to work in

India

Job categories

Security AnalystBlockchain Security EngineerPenetration TesterVulnerability ResearcherSmart Contract AuditingBug Bounty HunterApplication Security EngineerInfrastructure Security EngineerSenior Security Automation EngineerSenior Security AnalystSenior Cybersecurity Analyst

Skills

Penetration TestingVAPTApplication SecurityAPI SecurityMobile SecuritySoliditySQL InjectionXSSCSRFIDORReentrancyAccess ControlBug BountyBlockchainLog4jNaviSQLAutomationGmail

Interested in hiring Yash?

You can contact Yash and 90k+ other talented remote workers on Himalayas.

Message Yash

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Yash Chavhan - Security Analyst - CKmate | Himalayas