Mohd Arif

Co-Founder

Long Beach, California, United States9 yrs 2 mos experience
Most Likely To Switch

Key Highlights

  • Improved issue detection by 40% through threat modeling.
  • Led secure coding practices across engineering teams.
  • Uncovered critical flaws during routine audits.
Stackforce AI infers this person is a Security Engineer specializing in SaaS and Cloud Security.

Contact

LinkedIn

Skills

Core Skills

Threat ModelingSecure Code Review

Other Skills

AWS SecurityBlockchainBurp SuiteBusiness ManagementBusiness StrategyCreoCyber-securityEvent ManagementLinuxManagementMicrosoft ExcelMicrosoft OfficeMicrosoft PowerPointMixed Martial Arts (MMA)Network Security

About

As a Senior Security Engineer with 5+ years of experience, I help companies build and ship secure products without slowing down innovation. I specialize in Web, API, and Mobile Pentesting, Cloud Security, Threat Modeling, and embedding scalable SSDLC practices across engineering orgs. My journey into security began with curiosity and evolved into impact — during a routine audit, I uncovered a critical flaw in an inventory system that could’ve exposed sensitive internal data and disrupted fulfillment operations. That incident taught me how even small oversights can cascade into major business risks — and how the right security mindset can prevent them. At Poshmark, I’ve led efforts to assess and secure third-party libraries, performed security architecture reviews for major product features, and rolled out secure coding practices across engineering. I’ve also built threat models that helped mitigate risks early in the development lifecycle, improving issue detection by 40%. Outside of work, I contribute by delivering hands-on security workshops, organizing CTFs, and speaking at conferences like c0c0n and Seasides. I’m currently open to roles that offer relocation, collaboration, and the opportunity to solve real-world security challenges. Let’s connect and build secure systems that scale.

Experience

Poshmark

Sr. Product Security Engineer

Oct 2023Jul 2025 · 1 yr 9 mos · Bengaluru, Karnataka, India · Hybrid

  • Developing security policies and frameworks for product security.
  • Performing gap analysis in the product area
  • Delivered secure code training to developer teams.
  • Performed Cloud, Web, API, Network, and Mobile Pentesting.
  • Working over Supply chain security
  • Conducting third-party integration assessments and POCs for new tools.
Python (Programming Language)AWS SecuritySecure Code ReviewThreat ModelingNetwork Security

Paytm

Security Engineer

Jun 2021Oct 2023 · 2 yrs 4 mos · India

  • Led SSDLC and Security Champion programs.
  • Conducted architecture reviews and threat modeling.
  • Managed the bug bounty platform and handled reports efficiently.
  • Delivered training on secure coding and security risks.
  • Devloping required automation and dashboard for team
  • Performing Web, API Pentesting, Network Assessment, Mobile Pentesting, Source Code review
Python (Programming Language)AWS SecuritySecure Code ReviewThreat ModelingNetwork Security

Myntra

Information Security Engineer

Jun 2020May 2021 · 11 mos · Bengaluru, Karnataka, India · Hybrid

  • Conducted Web, API, Mobile Penetration Testing, Network Assessments, and Source Code Reviews to identify and mitigate security vulnerabilities.
  • Collaborated with engineering teams to communicate findings, explain vulnerabilities, and advise on remediation strategies.
  • Managed and tracked security issues through Jira tickets, ensuring effective resolution and follow-up.
  • Maintained a dynamic security dashboard to visually represent and track key assessment data and metrics.

Security bsides ahmedabad

Community Volunteer

Apr 2020Apr 2022 · 2 yrs

Python (Programming Language)

Owasp® foundation

Community Volunteer

Sep 2019Present · 6 yrs 6 mos

Seasides information security conference

Community Volunteer

Mar 2019Present · 7 yrs

Null the open security community

Community Volunteer

Jun 2018Present · 7 yrs 9 mos

Bugcrowd

Security Researcher

May 2018Sep 2020 · 2 yrs 4 mos

  • Doing bugbounty at Bugcrowd platform

Hackerone

Security Researcher

May 2018Jan 2020 · 1 yr 8 mos

  • Doing Bughunting at Hacker101 platform

Owasp chhattisgarh chapter

Community Coordinator

May 2018May 2018 · 0 mo

Owasp chhattisgarh

Technical Speak

Jan 2018Sep 2020 · 2 yrs 8 mos

Mozilla india

Mozilla Campus club

Jan 2017Dec 2019 · 2 yrs 11 mos · Durg, Chhattisgarh, India

  • Part of mozilla Campus club, executive member

Education

California State University-Dominguez Hills

Master's degree — Computer and Information Systems Security/Information Assurance

Aug 2025Present

Chhatrapati Shivaji Institute of Technology Kolihapuri, P O Pisegaon

Bachelor of Engineering — Mechanical Engineering

Jan 2015Jan 2019

Stackforce found 100+ more professionals with Threat Modeling & Secure Code Review

Explore similar profiles based on matching skills and experience

Harsh Nath Jha

Harsh Nath Jha

Founding Security Engineer

at Ema Unlimited

Bengaluru, India6 yrs 9 mos exp
Application SecurityCloud SecurityCybersecurityVulnerability Management
RU

Rahul Udaiwal

Lead Security Engineer

at Junglee Games

Bengaluru, India6 yrs 1 mo exp
Application SecurityCloud Security
Vaibhav Gupta

Vaibhav Gupta

Founder

at Appfend

Dublin, Ireland15 yrs 7 mos exp
Mohammed Q.

Mohammed Q.

Security Engineer

at Apple

San Francisco, United States5 yrs 7 mos exp
Utkarsh Kher

Utkarsh Kher

Independent Security Engineer (Working for different clients)

at Self-employed

India9 yrs 7 mos exp
Penetration TestingProduct SecurityRed TeamingSecurity Automation
Ankur Agarwal

Ankur Agarwal

Product Security Tech Lead

at Cisco

Bengaluru, India11 yrs 9 mos exp
Application SecurityCloud SecurityPenetration TestingSecurity Architecture DesignVulnerability Assessment
Yash Jain

Yash Jain

Security Engineer II

at Postman

Bengaluru, India6 yrs exp
Application Security
Jagdeep Singh

Jagdeep Singh

Security Researcher

at HackerOne

Gurugram, India4 yrs 1 mo exp
Penetration TestingApplication SecuritySecurity EducationBackend DevelopmentDevOps