Bhavesh K.

DevOps Engineer

Vancouver, BC, Canada6 yrs 3 mos experience

Highly Stable

Key Highlights

Led vulnerability management for 8,000 AWS resources.
Identified 53 vulnerabilities in mobile and IoT protocols.
Passionate about embedding security in development lifecycle.

Stackforce AI infers this person is a Cybersecurity expert specializing in application and cloud security.

Contact

Skills

Core Skills

Application SecurityVulnerability ManagementPenetration TestingFuzzingSecurity Assessment

Other Skills

AWSAlgorithmsAutomationCC++CUDACloud ServicesDASTData StructuresDatabaseDjangoExploitGitGoogle Cloud PlatformIDA Pro

About

I am a Senior Security Engineer with over 9 years of experience in application security, vulnerability management, and cloud security. My expertise lies in building and scaling security programs from the ground up, exemplified by my work leading the vulnerability management program for over 8,000 AWS resources and 1,000+ GitHub repositories at Samsung Ads, which was instrumental in achieving SOC 2 compliance. With a track record of discovering and remediating critical vulnerabilities, including publishing multiple CVEs, I have a deep technical background in protocol fuzzing, penetration testing, and secure architecture design. At Qualcomm, I led fuzzing projects that uncovered over 53 security vulnerabilities in critical mobile and IoT protocols. I am passionate about collaborating with engineering and DevOps teams to embed security into the development lifecycle and build resilient systems. My hands-on experience with tools like Wiz, Prisma Cloud, GitHub Advanced Security, and Burp Suite, combined with a strong foundation in Python, Golang, and C++, allows me to tackle complex security challenges effectively. Currently seeking new opportunities in senior-level application and cloud security roles where I can leverage my skills to protect critical infrastructure and mentor growing teams.

Experience

6 yrs 3 mos

Total Experience

3 yrs 1 mo

Average Tenure

Current Experience

Samsung ads

Application Security Analyst 3

Sep 2022 – Present · 3 yrs 8 mos · Vancouver, British Columbia, Canada · Remote

Spearheaded a comprehensive vulnerability management program, securing over 3,000 compute instances, 8,000 AWS resources and 1000+ GitHub repositories.
Achieved zero critical vulnerabilities in exposed resources and eliminated 120+ plaintext secrets through custom automation.
Collaborated with engineering teams on secure design reviews using STRIDE and OWASP methodologies to enhance system security.

Application SecurityVulnerability ManagementAWSAutomation

Qualcomm

Senior Security Engineer

Sep 2019 – Jun 2022 · 2 yrs 9 mos · Greater Hyderabad Area · On-site

Spearheaded high-impact fuzzing projects, identifying over 53 security vulnerabilities in multimedia and connectivity protocols.
Developed custom fuzzing modules for complex protocols, enhancing security testing across Android, Automotive, and IoT platforms.
Collaborated with development teams to ensure timely remediation of vulnerabilities, improving overall product security.

FuzzingPenetration TestingSecurity Assessment

Fortra

2 roles

Cyber Security Engineer

Jan 2017 – Aug 2019 · 2 yrs 7 mos · Bengaluru Area, India

Executed over 20 fuzzing and security assessment engagements for clients like BMW and Singtel, identifying critical vulnerabilities.
Developed custom fuzzing modules for the beSTORM platform, enhancing security for industrial and network protocols.
Delivered on-site training to clients, equipping them with advanced fuzzing techniques and module development skills.
Note: Beyond Security was acquired by Fortra in 2021.

FuzzingSecurity AssessmentTraining Delivery