Manthan Dhole

DevOps Engineer

Pune, Maharashtra, India3 yrs 11 mos experience
Highly Stable

Key Highlights

  • Reduced CI/CD build times by 35% for global clients.
  • Achieved 95% compliance coverage during audits.
  • Automated security scanning, cutting release delays by 50%.
Stackforce AI infers this person is a Cloud Security and DevSecOps expert in the SaaS industry.

Contact

marsmanthan@gmail.comLinkedIn

Skills

Core Skills

Cloud SecurityCi/cd SecurityContainer SecurityThreat ModelingCompliance/grcApplication SecuritySupply Chain Risk ManagementSecurity OperationsFull-stack Development

Other Skills

.NetAWSAlgorithmsAmazon EC2Amazon S3AngularAutomationAzureAzure Kubernetes Service (AKS)Back-End Web DevelopmentCIS BenchmarksCycloneDXDASTData StructuresDevSecOps

About

Sr. DevSecOps Engineer with 6+ years of experience securing cloud-native, containerized, and enterprise applications. Proven success in integrating security across CI/CD pipelines, reducing vulnerabilities, accelerating developer productivity, and ensuring compliance with frameworks including NIST, CIS, GDPR, and MITRE ATT&CK. Adept at collaborating with developers, platform engineers, and business stakeholders to balance speed with security. Core Expertise: Cloud Security (AWS, GCP, Azure), Application Security (SAST, DAST, SCA), Container/Kubernetes Security, IaC & CM Security, Threat Modeling, Supply Chain Risk Management, Compliance/GRC. **___Security TechStack____** Cloud:- AWS, Azure, GCP SAST: Veracode, Sonarqube, Gitlab SAST DAST: OWASP Zap, Qualys, Burpsuite, BlackDuck SCA: JFrog XRay & JAS, Veracode, Synk.io, Endor Labs, Sonatype PenTest: Metasploit, Nmap Container Security: Sysdig Secure, Aquasec Trivy, Docker Scout, Snyk.io Threat Modelling: IriusRisk IaC & CM Security: Checkov Cloud Security: AWS GuardDuty, Detective, Inspector, Shield, Firewall Manager, Security Hub CI/CD Security: Gitlab Security, GitHub Advanced Security (GHAS) Secret Detection & Management Software Bill of Material (SBOM): CycloneDx API Security: Mayhem API Supply Chain Risk Management Open Source Survey Reporting License Compliance Security & Compliance Frameworks: NIST, SANS, CIS Controls, GDPR, COBIT, FedRAMP, FIPs, HIPPA, MITRE ATT&CK. Frameworks: .Net, Angular, Springboot. Languages: C, C++, C#, Java, Python, Typescript, JS. Scripting: Bash, Python. Containerization & Orchestration:- Docker, ECS, Docker Compose, Kubernetes Automation:- Shell Scripting, Python, Batch Processes, Custom Developer Tooling. Version Control: Gitlab, GitHub Logging & Monitoring: SumoLogic, Grafana, Telegraf, Prometheus Development:- Python, .Net 6.0, Angular 17, PostgreSQL, ASP.Net Web API. ____My Experience____ * Developed self-service tooling for 50+ developers, reducing environment setup time from hours to minutes * Worked on Platform Engineering tasks for Developers to help them easy out on setting infrastructure, fast and efficiently, for Development related purpose. * Automated CI/CD pipelines for 20+ global clients, reducing build times by 35% and improving deployment reliability * Cloud Security, AppSec, Container/K8s Security, CI/CD Security, Compliance & Governance, Threat Modeling.

Experience

3 yrs 11 mos
Total Experience
2 yrs
Average Tenure
--
Current Experience

Globant

Sr DevSecOps Engineer

Oct 2024Aug 2025 · 10 mos · Pune, Maharashtra, India · Hybrid

  • Secured CI/CD Pipelines: Integrated SAST, DAST, and SCA tools (SonarQube, Veracode, Burp, Trivy) into GitLab/GitHub workflows, reducing vulnerability remediation timelines by 70%.
  • Container & K8s Security: Hardened container images using Trivy, Sysdig, and Docker Scout; reduced high-severity CVEs by 90% across production clusters.
  • Cloud Security Automation: Implemented GuardDuty, Security Hub, and Inspector in AWS to achieve continuous compliance monitoring; cut manual audit effort by 40 hours/month.
  • Threat Modeling & Risk Reduction: Deployed IriusRisk-based threat modeling for critical applications, identifying and mitigating 200+ design-level risks before production.
  • Developer Productivity: Built self-service infrastructure automation for 50+ developers, reducing environment setup time from 6 hours to <30 minutes.
  • Governance & Compliance: Drove adoption of CIS Benchmarks and NIST controls in cloud environments, achieving 95% compliance coverage during internal audits.
SASTDASTSCAGitLabGitHubTrivy+11

Infor global solutions

2 roles

DevOps Engineer

Promoted

Jun 2023Nov 2024 · 1 yr 5 mos

  • Application Security Improvements: Migrated security scanning from manual processes to automated pipelines, cutting release delays due to vulnerabilities by 50%.
  • Supply Chain Security: Introduced SBOM generation (CycloneDX) into delivery workflows, improving transparency of open-source dependencies across 30+ microservices.
  • Monitoring & Logging: Implemented Prometheus + Grafana dashboards for proactive security monitoring, reducing mean-time-to-detect (MTTD) by 45%.
  • Cross-Functional Leadership: Partnered with development, QA, and compliance teams to embed “security by design,” reducing late-stage vulnerability discoveries by 60%.
  • Cloud: AWS and Azure
  • AWS: EC2, ECR, ECS, ELB, RDS, Lambda, S3, IAM, CloudFormation, CloudWatch, Route53, API Gateway
  • Containerization: Docker, Kubernetes
  • CI/CD: Gitlab, Jenkins
  • Scripting: Shell/Bash, Python
  • Infrastructure as Code (IaC): CloudFormation
  • Vulnerability Management and Security Integrations: SAST, DAST, Veracode, SonarQube, Container Security (Docker Scout), CycloneDX, Open Source Survey Reporting (OSS)
  • Monitoring: Monocle, Grafana, Telegraf, InfluxDB
SASTDASTSBOMCycloneDXPrometheusGrafana+10

Software Engineer Associate

Sep 2021Jun 2023 · 1 yr 9 mos

  • Worked as a Fullstack ERP Application Developer, using .Net Microservices and Angular 13.
  • Also worked as DevOps Engineer, building and maintaining pipelines using Jenkins, packaging using Docker and deploying them to AWS Resources using Faro and Windsor as Orchestration tool.
.NetAngularJenkinsDockerAWSFull-Stack Development

Education

D.N.P College of Engineering

Bachelor of Engineering — Civil Engineering

Jan 2015Jan 2020

DiTRP's Certification

Advanced Diploma in Software and Web Development — Software Development

Jan 2020Jan 2021

Stackforce found 100+ more professionals with Cloud Security & Ci/cd Security

Explore similar profiles based on matching skills and experience

Busra Kugler

Busra Kugler

Security Engineer

at XBOW

Germany9 yrs exp
Application SecurityComplianceInfrastructure SecurityProduct SecuritySecurity Operations
Ravi Yadav

Ravi Yadav

Global Head, Cybersecurity Business Unit at Tata Consultancy Services

at Tata Consultancy Services

Atlanta, United States22 yrs 10 mos exp
Cloud SecurityCyber SecuritySecurity Strategy DevelopmentRisk ManagementNetwork Security
AK

Amit Kumar

AI Security Lead engineer

at SAP Fioneer

Pune, India11 yrs 2 mos exp
AI Privacy & GovernanceAI Security EngineeringMLSecOps
Kishan Kumar Singh

Kishan Kumar Singh

Security Engineer

at Confidential

Mumbai, India0 mo exp
Incident Response (IR)Microsoft AzureSIEMVulnerability Assessment (VA)
Francis A.

Francis A.

Senior Staff Security Engineer

at LinkedIn

Sunnyvale, United States12 yrs 6 mos exp
AI SecurityApplication SecurityCloud Security
Neeraj Kumar

Neeraj Kumar

Cyber Security Specialist

at Wipro

Gurugram, India8 yrs 2 mos exp
Penetration TestingVulnerability Assessment
Al-Amir Badmus

Al-Amir Badmus

Senior Application Security Engineer

at MerkleFence

Lagos, Nigeria7 yrs exp
API SecurityApplication SecurityApplication Security AssessmentsConsultingCybersecurity
Shagun Bhatia

Shagun Bhatia

Application Security Engineer

at Netflix

San Francisco, United States6 yrs 1 mo exp
Application SecurityPenetration TestingSecurity ArchitectureThreat ModelingWeb Application Security