Swapnil Maurya

DevOps Manager

Mumbai, Maharashtra, India4 yrs 3 mos experience

Highly StableAI Enabled

Key Highlights

Achieved SOC2 compliance with zero non-conformities.
Improved cloud security risk posture significantly.
Developed a robust DevSecOps pipeline for automation.

Stackforce AI infers this person is a Security Engineer specializing in SaaS security and compliance.

Contact

Skills

Core Skills

DevsecopsVulnerability ManagementCloud SecurityCompliance ManagementIncident ResponseApplication Security

Other Skills

Amazon Web Services (AWS)Corporate SecurityCybersecurityISO 27001IT AuditIncident HandlingIncident ManagementInformation SecurityInformation Security EngineeringInformation Security ManagementOWASPPenetration TestingPrompt EngineeringRegulatory ComplianceResearch

About

As a Security Engineer at HackerRank, I am passionate about ensuring the security and integrity of web applications and platforms. In my current role, I perform vulnerability assessment, handling vendor risk assessments, managing audit and compliance on HackerRank's web products and services, using various tools and techniques. I also collaborate with the development and operations teams to implement security best practices and standards, and to provide guidance and support on security issues. I have contributed to several projects that improved the security posture and performance of HackerRank, such as enhancing the authentication and authorization mechanisms, implementing secure coding practices, and developing security awareness training programs. I have a Bachelor of Engineering in Computer Engineering from Lokmanya Tilak College of Engineering, where I developed a strong foundation in web application security, cybersecurity, and software engineering. I also have a keen interest in learning new technologies and skills related to web security and DevSecOps, and I am always looking for opportunities to expand my knowledge and expertise in this domain. I am a web application security enthusiast and an aspiring DevSecOps, and I am motivated by the challenge and satisfaction of securing web applications and platforms from cyber threats.

Experience

Eq technologic

Security Analyst

Feb 2025 – Present · 1 yr 1 mo · Pune, Maharashtra, India · Hybrid

1. Conducting Vulnerability Assessment and Penetration Testing (VAPT) to identify and mitigate security risks in the product.
2. Developing and integrating a robust DevSecOps pipeline to enhance security automation in the software development lifecycle.
3. Triaging vulnerabilities from security scans, prioritizing remediation efforts, and collaborating with teams to ensure effective risk mitigation.

Vulnerability AssessmentPenetration TestingDevSecOpsVulnerability Management

Hackerrank

3 roles

Security Engineer II

Promoted

Jul 2023 – Oct 2024 · 1 yr 3 mos · Remote

1. Improved Cloud Security risk posture from 0.35% to 60-70% by fixing misconfigurations and performing a comprehensive clean-up and update of AWS infrastructure.
2. Led SOC2 Type 2 compliance process to completion within 1 month, achieving certification with zero non-conformities.
3. Managed the RFP process single-handedly, collaborating with cross-functional teams and developing a library of 1,400+ questions and answers to streamline responses, eliminating repetitive processes and creating a single source of truth.
4. Reduced DLP and CASB alerts by optimizing and updating rules based on user activity, significantly cutting down false positives and enabling more efficient incident response.
5. Onboarded and led the VAPT process, completing revalidation within 30 days by addressing all identified issues, enhancing security posture and operational readiness.
6. Regularly reviewed Endpoint detection logs for suspicious activity, proactively identifying and mitigating potential security threats on corporate devices, ensuring robust protection in corporate environments.

Cloud SecuritySOC2 ComplianceIncident ResponseVulnerability AssessmentCompliance Management

Security Engineer I

Promoted

Jul 2021 – Jun 2023 · 1 yr 11 mos · Remote

1. Conducted triage and validation of vulnerabilities for bug bounties and VAPT, ensuring swift incident response and root cause analysis.
2. Remediated security issues in backend and AWS cloud infrastructure, implementing robust solutions for enhanced protection.
3. Oversaw ISO 27001, SOC2, and GDPR compliance, actively participating in audit processes.
4. Managed security questionnaires, RFP responses, and vendor reviews to boost security measures, in addition to collaborating with legal to review contracts for compliance with security standards.
5. Developed a Real-time alerting system using Cloud-Custodian, reducing non-compliant resource creation and streamlining audit processes.

Vulnerability TriageSecurity ComplianceIncident ResponseVulnerability ManagementCompliance Management