Shetu Shrey, CISSP

CEO

Bengaluru, Karnataka, India12 yrs 6 mos experience
Most Likely To SwitchHighly Stable

Key Highlights

  • Over 12.5 years of experience in Information Security.
  • Expert in Application Security and Security Architecture.
  • Proven track record in implementing DevSecOps processes.
Stackforce AI infers this person is a seasoned Information Security professional specializing in Application Security and DevSecOps.

Contact

LinkedIn

Skills

Core Skills

Security ArchitectureDevsecopsApplication SecurityPenetration TestingVulnerability Assessment

Other Skills

API Security TestingApplication Security TestingAutomated TestingCEHClient InteractionComputer SecurityInformation Security ManagementManual TestingMobile Application SecurityNessusNetwork Penetration TestingNetworkingOWASP StandardsSecure Application Architecture ReviewSecure Configuration Review

About

I am an Information Security Professional with over 12.5+ years of experience in Application Security, Security Architecture. My area of expertise includes: • Define and implement security requirements and processes during the product development lifecycle. • Mature the Shift LEFT Application Security program along with performing security architecture review. • Collaborate with engineering and product teams to identify and prioritize security issues and their remediation. • Review the tech design and perform Threat Modeling & Secure Tech Design review. • Secure SDLC Implementation throughout the product development lifecycle. • DevSecOps Transformation by implementing processes that enables security throughout the SDLC • Web & Mobile Application Security and Penetration Testing • Internal & external network penetration testing • Secure Development training

Experience

Victoria’s secret & co.

3 roles

Security Lead

Promoted

Apr 2023Present · 2 yrs 11 mos

  • In my current role, I am responsible for:
  • Collaborating with the Product team to implement security processes in the Product development lifecycle.
  • Define and implement security requirements during the product development lifecycle.
  • Review the tech design and perform Threat Modeling.
  • Performing security architecture and tech design review from the security perspective.
  • Implementing Shift LEFT Security through security automation.
  • Design and implement security processes throughout the SDLC.
  • Implementing DevSecOps process by designing and implementing the security tool integration in the CI/CD pipeline.
  • Conducting onboarding, knowledge transfer & training for the new/existing team members.
Security ArchitectureThreat ModelingDevSecOpsSecure SDLC

Senior Security Engineer

Apr 2019Mar 2023 · 3 yrs 11 mos

  • I am responsible for performing the Security Assessment for the applications (Web & Mobile) developed using both automated as well as manual approach. I am also responsible for performing the Network Penetration testing for the internal & external networks.
  • My responsibilities also include working with the development teams on the mitigation of the vulnerabilities identified and discuss the secure development practices.
Web Application SecurityMobile Application SecurityNetwork Penetration TestingApplication SecurityPenetration Testing

Security Engineer

Oct 2017Mar 2019 · 1 yr 5 mos

  • As a Security Professional my responsibilities include performing Security Review of the applications developed as well as the internal and external network based on OWASP Top 10 and other security standards.
  • My area of expertise includes:
  • Web Application and Mobile Application (android & iOS) Security Testing
  • Internal and External Network Penetration Testing
  • Vulnerability Assessment and Secure Configuration Review for various devices and servers
  • REST and SOAP based API Security Testing
  • Thick Client Application Security Testing
  • My responsibilities also include working with the development teams on the mitigation of the vulnerabilities identified and secure coding practices.
Web Application Security TestingVulnerability AssessmentSecure Configuration ReviewApplication Security

Cognizant

Associate - Projects (Security Engineer)

Jun 2016Oct 2017 · 1 yr 4 mos · Bengaluru Area, India

  • I handled projects for Application Security Testing. As a Security Engineer and performed automated and manual testing of Web and Mobile Applications, REST and SOAP based API testing based on OWASP Top 10 and other security standards.
  • My responsibilities also included managing client interaction and ensure that deliverable are completed within the Project time frame.
Application Security TestingClient InteractionApplication Security

Paladion networks

3 roles

Senior Analyst and Team Lead - Security Testing

Promoted

Apr 2015Jun 2016 · 1 yr 2 mos · Bengaluru Area, India

  • I perform Web Application Penetration Testing, Android Application Penetration Testing, Secure Application Architecture Review, Internal and External Network Penetration Testing, REST and SOAP based API testing, Vulnerability Assessment and Secure Configuration Review for various devices and servers as a Sr. Analyst.
  • I handle projects for Web Application Penetration Testing, Android Application Penetration Testing, Network Penetration Testing, Vulnerability Assessment and Secure Configuration Review as a Team Lead. I also manage client interaction and ensure that deliverable are completed within the Project time frame.
Web Application Penetration TestingVulnerability AssessmentPenetration Testing

Analyst - Security Testing

Aug 2014Apr 2015 · 8 mos · Bengaluru Area, India

  • Performed Web Application Penetration Testing, Android Application Penetration Testing, Internal and External Network Penetration Testing, Vulnerability Assessment and Secure Configuration Review for various devices and servers as an Analyst.
Web Application Penetration TestingVulnerability AssessmentPenetration Testing

Security Engineer

Jul 2013Aug 2014 · 1 yr 1 mo · Bengaluru Area, India

  • Performed Web Application Penetration Testing, Internal and External Network Penetration Testing, Vulnerability Assessment and Secure Configuration Review for various devices and servers as a Security Engineer.
Web Application Penetration TestingVulnerability AssessmentPenetration Testing

Education

BMS Institute of Technology and Management

Bachelor of Engineering (B.E.) — Electrical and Electronics Engineering

Jan 2009Jan 2013

Stackforce found 100+ more professionals with Security Architecture & Devsecops

Explore similar profiles based on matching skills and experience

Mihir Kotak

Mihir Kotak

Senior Security Engineer

at Amazon Web Services (AWS)

Canada13 yrs 2 mos exp
Application SecurityCloud Security
Nikhil Mittal

Nikhil Mittal

Founding Security Engineer

at Clazar

Pune, India8 yrs 10 mos exp
Komal Preet Kaur

Komal Preet Kaur

Head of Security Engineering

at Jumio Corporation

Bengaluru, India13 yrs exp
Application SecurityCloud SecurityConsultingLitigation SupportPatent Analysis
Mukesh chaudhari

Mukesh chaudhari

Application Security Manager

at Paytm

India10 yrs exp
Penetration TestingVulnerability Assessment
JA

Jauhar Ali

Senior Product Security Engineer

at Cashfree Payments

Bengaluru, India9 yrs exp
Application SecurityCyber-securityNetworkingProduct Security
Sujit Suryawanshi

Sujit Suryawanshi

Information Security Engineer 3

at PayPal

Pune, India8 yrs 3 mos exp
Application SecurityPenetration TestingThreat ModelingVulnerability Assessments
PJ

Pragadeesh Jothimani

Head of Security Engineering

at GoTo Group

Bengaluru, India10 yrs 4 mos exp
LeadershipOffensive SecuritySecurity EngineeringTeam ManagementVulnerability Assessment
Gurleen Kaur Lamba

Gurleen Kaur Lamba

Manager

at Deloitte

Amsterdam, Netherlands8 yrs 3 mos exp