Vandana Verma — CEO

With over 19 years of experience in the cybersecurity industry, I am a Security Relations Leader at Snyk, a leading cloud-native application security platform that helps developers find and fix vulnerabilities in their applications and containers. I work with the developer and security communities to raise awareness, educate, and enable them to build secure software faster and better. Running OWASP AppSec Days India Conference to educate people about cybersecurity. I have also served as a member of the OWASP Global Board of Directors, where I have contributed to the development and promotion of open-source security standards and best practices. As a passionate advocate for diversity and inclusion in cybersecurity, I lead and support various initiatives such as InfosecGirls, InfosecDiversity and InfosecKids, aiming to inspire, educate, and empower the next generation of security professionals. I am also a frequent speaker, trainer, and mentor at various global and regional events, such as Black Hat, Global AppSec, Grace Hopper, and BSides. I was Chair of the Women in Security Excelling-India chapter (1000+ members) while at IBM. I have received multiple awards and recognitions for my leadership, influence, and innovation in the security field. Trained 90 k+ citizens in kids/young women cyber awareness. One of the Top 10 Influential Women in Cybersecurity.

Stackforce AI infers this person is a Cybersecurity expert with a focus on application security and compliance.

Location: Bangalore, India

Experience: 20 yrs 5 mos

Skills

Security
Application Security
Information Security
Compliance
Security Operations

Career Highlights

19 years of experience in cybersecurity.
Top 10 Influential Women in Cybersecurity.
Led initiatives for diversity and inclusion in cybersecurity.

Work Experience

OWASP® Foundation

Compliance Lead (1 yr 2 mos)

Global Board of Directors (1 yr 11 mos)

Chair Of The Board Of Directors (1 yr)

Global Board of Directors - Vice-Chair (1 yr)

Global Board of Directors - Treasurer (1 yr 1 mo)

Chapter Leader - Bangalore (9 yrs 2 mos)

Women In AppSec Asia Lead and Secretary (3 yrs 10 mos)

Volunteer at OWASP Bangalore (4 yrs 9 mos)

DigitalXForce

Advisory Board Member (1 yr 5 mos)

OWASP AppSec Days India

Organiser (2 yrs 2 mos)

Snyk

Security Leader (4 yrs 9 mos)

Security Phoenix

Advisory Board (2 yrs 8 mos)

Cloud Security Alliance

Education and Research Director (10 mos)

InfosecKids

Founder (6 yrs 2 mos)

Virtually Testing - A nonprofit 501 (c)

Director of Secure Coding Practices (3 yrs 11 mos)

BSides Delhi

Co-Organizer Conference (3 yrs 11 mos)

IBM

Security Solutions Architect - India Software Labs (3 yrs 6 mos)

Time Inc. India

Manager Information Security (2 yrs 10 mos)

Accenture

Information Security Lead (2 yrs 2 mos)

IBM

Senior Information Security Consultant (1 yr 4 mos)

Wipro Limited

Information Security Engineer (5 yrs 5 mos)

Education

PGDBM at Symbiosis Institute of Management Studies

Post Graduate Diploma at National Academy of Legal Studies & Research (NALSAR) University Hyderabad

Vandana Verma

CEO

Bangalore, India20 yrs 5 mos experience

Most Likely To SwitchAI Enabled

Key Highlights

19 years of experience in cybersecurity.
Top 10 Influential Women in Cybersecurity.
Led initiatives for diversity and inclusion in cybersecurity.

Stackforce AI infers this person is a Cybersecurity expert with a focus on application security and compliance.

Contact

Skills

Core Skills

SecurityApplication SecurityInformation SecurityComplianceSecurity Operations

Other Skills

AI securityApplication security assessmentArcSightArcsigBig Data security implementationCEHCISOCloud SecurityData CenterDevSecOpsEthical HackingFirewall ManagementFirewallsIDSIPS

About

Experience

Owasp® foundation

8 roles

Compliance Lead

Jan 2025 – Present · 1 yr 2 mos

Global Board of Directors

Jan 2023 – Dec 2024 · 1 yr 11 mos

Chair Of The Board Of Directors

Jan 2022 – Jan 2023 · 1 yr

Global Board of Directors - Vice-Chair

Jan 2021 – Jan 2022 · 1 yr

Global Board of Directors - Treasurer

Nov 2019 – Dec 2020 · 1 yr 1 mo

Chapter Leader - Bangalore

Jan 2017 – Present · 9 yrs 2 mos

Women In AppSec Asia Lead and Secretary

Promoted

Jan 2016 – Nov 2019 · 3 yrs 10 mos

Volunteer at OWASP Bangalore

Jan 2012 – Oct 2016 · 4 yrs 9 mos

null Bangalore Meet 26 May 2018 Combined null/OWASP/G4H Meet - Monthly Meet
https://null.co.in/event_sessions/2016-owasp-projects
https://open-security-summit.org/participant-remote/vandana-verma/
null Bangalore Meet 14 October 2017 Combined null/OWASP/G4H Meet - October 2017
https://null.co.in/event_sessions/1669-owasp-cloud-top-10
null Bangalore Meet 17 June 2017 null/OWASP/G4H Combined meet - June 2017
https://www.owasp.org/index.php/Bangalore#tab=Next_Meeting
https://null.co.in/event_sessions/1495-overview-of-big-data-security
https://owaspsummit.org/Participants/remote/Vandana-Verma.html
null Bangalore Meet 17 January 2015 null/OWASP/G4H Monthly Meet
https://null.co.in/event_sessions/238-owasp-top-10
null Bangalore Meet 13 December 2014 Combined Security Monthly Meet null/OWASP/G4H December 2014
https://null.co.in/event_sessions/207-security-news-bytes

Digitalxforce

Advisory Board Member

Oct 2024 – Present · 1 yr 5 mos

Owasp appsec days india

Organiser

Jan 2024 – Present · 2 yrs 2 mos

Snyk

Security Leader

Jun 2021 – Present · 4 yrs 9 mos · India

#ProductSecurity #SecRel #opensource #AIsecurity

Product SecuritySecRelopensourceAI securitySecurityApplication Security

Security phoenix

Advisory Board

Nov 2020 – Jul 2023 · 2 yrs 8 mos

Cloud security alliance

Education and Research Director

Jul 2020 – May 2021 · 10 mos · Bangalore Urban, Karnataka, India

Infoseckids

Founder

Jan 2020 – Present · 6 yrs 2 mos

Virtually testing - a nonprofit 501 (c)

Director of Secure Coding Practices

Jan 2019 – Dec 2022 · 3 yrs 11 mos

Bsides delhi

Co-Organizer Conference

Jan 2019 – Dec 2022 · 3 yrs 11 mos · New Delhi, Delhi, India

Ibm

Security Solutions Architect - India Software Labs

Nov 2017 – May 2021 · 3 yrs 6 mos

GSI Labs helps Systems Integrators build innovative and repeatable solution offerings using IBM technology. It also provide re-usable methods, tools, frameworks, governance and a learning environment for accelerating Systems Integrator capabilities.
The product portfolio includes IBM Trusteer, IBM MaaS360 And IBM Cloud Identity

Time inc. india

Manager Information Security

Oct 2014 – Aug 2017 · 2 yrs 10 mos

Job Role:-
# Application security assessment of numerous financial and non-financial web applications using IBM AppScan Enterprise/Standard, Cenzic Hailstorm, Accunetix, Burp Professional, ZAP etc.
#Part of Big Data security implementation including Hadoop, HAWQ, GEMFIRE, GreenPlum etc.
# Mobile Application Security assessment for Android and iOS platforms.
# Security incident investigation and analysis for the application team.
# Network Security assessments by using Nessus, Nmap etc.
# Documentation and Review of various information security policies and procedures.
# Provide support as SME to team for different security incidents.
#Malware analysis and Reverse Engineering
#Network Penetration Testing
#Secure Configuration Audits
#Firewall Rule Base Analysis
#Part of Websense Implementation
#Worked on DLP Vontu Implementation
#Closely working with Vendor's like FireEye and Rapid7 to analyze the products and create POC.
#Implemented Checkmarx for Secure Source code analysis and Cenzic for application assessent

Application security assessmentBig Data security implementationMobile Application Security assessmentNetwork Security assessmentsMalware analysisNetwork Penetration Testing+2

Accenture

Information Security Lead

Aug 2012 – Oct 2014 · 2 yrs 2 mos · Bengaluru Area, India

Web Application Vulnerability Assessment (Dynamic Scan) & Manual Testing using Security Tools like Cenzic Hailstorm, Webscarab, Fiddler, ZAP, Burp, IBM Appscan
Static Vulnerability Assessment using IBM Appscan, Checkmarx & Fortify
Network Vulnerability Assessment using Qualysguard
Implementation of QualysGuardand Application Security Tools
Websense Implementation

Web Application Vulnerability AssessmentStatic Vulnerability AssessmentNetwork Vulnerability AssessmentInformation SecurityApplication Security

Ibm

Senior Information Security Consultant

Apr 2011 – Aug 2012 · 1 yr 4 mos · Bengaluru Area, India

Part of SOC Operations, Compliance, Service activation & Deactivation to support top US bank & Mining, Oil & Gas, Real estate & Hotels organizations. Working with Lean (GDF) methodology to improve performance and utilization in-line with business need.
Remote Support for Customers locations/ Datacenters across globe.
Periodic Compliance activities to validate the device security based on ISec Policy & User Revalidation.
Service activation & Deactivation Process in-line with compliance with ISEC policy document creation for each device group.
Extended support with third party Ethical Hackers
Part of shared Security Operation Centre – SOC with pooling resources.
Extended Information Security Advisory member
Analyzing suspected/infected files, web urls with extended support from most AV vendors.
Train and share technical and Process details to the team.
Main products Support are ISS VSOC/ Site Protector / ISS VMS Scanner.

SOC OperationsComplianceService activationSecurity AdvisoryInformation Security

Wipro limited

Information Security Engineer

Nov 2005 – Apr 2011 · 5 yrs 5 mos

SOC- Security Monitoring.
Project Description
Project involves analyzing events that are suspicious. Monitoring the events that are generated on the console. Looking into Security event management using ArcSight. Vulnerability Management using QualysGuard. File integrity management using Tripwire. Network intrusion detection using ISS. Host intrusion Detection System using SCSP, Deep Security (HIDS), Source Fire.

Security MonitoringVulnerability ManagementInformation SecuritySecurity Operations