Yash Chavhan
@yashchavhan
Security analyst and Web3 enthusiast with 5+ years securing platforms and earning substantial bug-bounty rewards.
What I'm looking for
I am a cybersecurity professional with over five years of hands-on experience in application, infrastructure, API, and Web3/smart contract security, focused on penetration testing, VAPT, and responsible disclosure.
I have reported 250+ valid security findings for companies including Samsung, Google, H&M, and Zebpay, earning over $120,000 in bug-bounty rewards, and have delivered workshops and built automation tools to streamline security testing.
My practical expertise spans Web2 and blockchain security—identifying issues such as SQL injection, XSS, CSRF, Log4j RCE, IDOR, reentrancy and business logic flaws—while collaborating with engineering teams to validate fixes and harden systems.
Experience
Work history, roles, and key accomplishments
Security Analyst
CKmate
Apr 2022 - Feb 2025 (2 years 10 months)
Performed end-to-end security assessments for web, API and mobile applications and conducted smart contract testing, uncovering critical vulnerabilities such as Log4j RCE, IDOR, SQL injection and business-logic flaws. Streamlined testing via automation and coordinated with developers to validate fixes, contributing to over 250 valid reports and >$120,000 in responsible-disclosure rewards.
Education
Degrees, certifications, and relevant coursework
Bharti Vidyapeeth College of Engineering, Navi Mumbai
Bachelor of Technology, Engineering
2019 - 2022
Grade: 8.2%
Completed a BTech program with a CGPA of 8.2% focused on engineering fundamentals from 2019 to 2022.
Jijamata Secondary College
Secondary School Certificate, Secondary Education
Grade: 86.0%
Completed secondary school education with an aggregate of 86.0%.
Tech stack
Software and tools used professionally
Availability
Location
Authorized to work in
Job categories
Interested in hiring Yash?
You can contact Yash and 90k+ other talented remote workers on Himalayas.
Message YashFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
