Aditya Sharma — Operations Associate

🔍 Professional Journey: - Currently serving as a Manager in Application Security and DevSecOps at EY GDS, where I lead multiple initiatives including Hiring, Learning & Development for Application Security Team in addition to technical project delivery, operations, architecture, leadership and team management. - 9+ years of expertise in the cybersecurity field, specializing in Secure Code Review, Secure SDLC, Application Security, and DevSecOps. - Proven track record in building and managing effective DevSecOps programs, helping large organizations cultivate a culture of security and compliance. - I Oversee multiple Application Security and DevSecOps programs, including SAST, DAST, SCA, IAST, Threat Modeling, Application Security Program Management (ASPM), Secure Code Review, DevSecOps, Security Champions Program, Vulnerability Assessment & Penetration Testing, API Security and manage the integration of security into CI/CD pipelines, and lead vulnerability triaging efforts. - Experienced in performing API security assessments and crafting strategic roadmaps to enhance clients' security postures. - Strong background in team management, successfully leading diverse teams across multiple geographies to achieve project goals. - Skilled in collaborating with development teams in agile environments to ensure secure coding practices and effective vulnerability remediation. 🤝 Leadership Philosophy: - Passionate about bridging the gap between security and development teams to maximize performance and drive operational excellence. - Advocate for continuous process improvement, ensuring best practices are embraced throughout the organization. - Known for my empathetic approach, strong interpersonal skills, and ability to foster an inclusive team environment. - Effective communicator and problem-solver, adept at simplifying complex security concepts for both technical and non-technical audiences. 🌟 Personal Passions: - Avid reader who enjoys exploring new technologies and industry trends. - Athlete and sports enthusiast, dedicated to fitness and competitive sports. - Enjoy playing mobile and PC games, always seeking the next challenge! - Enthusiastic traveler, eager to explore new places and cultures. Let’s connect and embark on new adventures in the ever-evolving world of cybersecurity! #ApplicationSecurity #DevSecOps #CyberSecurity

Stackforce AI infers this person is a cybersecurity expert specializing in application security and DevSecOps.

Location: Gurgaon, Haryana, India

Experience: 9 yrs 9 mos

Skills

Application Security
Devsecops
Api Security
Vulnerability Assessment
Full Stack Development

Career Highlights

Over 9 years of expertise in cybersecurity.
Proven track record in managing DevSecOps programs.
Strong leadership in bridging security and development teams.

Work Experience

EY

Manager (2 yrs 6 mos)

Luxoft

Senior Application Security Specialist (3 mos)

Wipro

Senior Application Security Engineer (1 yr 7 mos)

FIS

IT Security Engineer II (4 mos)

Tata Consultancy Services

IT Analyst (1 yr)

System Engineer (2 yrs)

Assistant System Engineer (1 yr 7 mos)

Graduate Trainee (5 mos)

Education

Master of Computer Applications - MCA at Shanmugha Arts, Science, Technology & Reserch Academy (SASTRA), Thanjavur

Bachelor of Science (B.Sc.) at Dayalbagh Educational Institute, Agra

High School at Nankana Sahib Public School Samrala, Ludhiana

Aditya Sharma

Operations Associate

Gurgaon, Haryana, India9 yrs 9 mos experience

Most Likely To Switch

Key Highlights

Over 9 years of expertise in cybersecurity.
Proven track record in managing DevSecOps programs.
Strong leadership in bridging security and development teams.

Stackforce AI infers this person is a cybersecurity expert specializing in application security and DevSecOps.

Contact

Skills

Core Skills

Application SecurityDevsecopsApi SecurityVulnerability AssessmentFull Stack Development

Other Skills

API DevelopmentASPMAmazon Web Services (AWS)Application Security ArchitectureApplication Security AssessmentsAppscanBootstrapBurp SuiteCSPMCybersecurityDASTDevOpsEnglishEthical HackingIAST

About

Experience

Ey

Manager

Sep 2023 – Present · 2 yrs 6 mos · Noida, Uttar Pradesh, India

Application SecurityDevSecOpsSecure Code ReviewSecure SDLCSecure CodingThreat Modelling+11

Luxoft

Senior Application Security Specialist

Jun 2023 – Sep 2023 · 3 mos · Noida, Uttar Pradesh, India · Remote

Managing SAST and DAST platforms using Microfocus Fortify and Fortify SSC
Managing JFrog XRay’s Artifactory for SCA scanning
Working with developers to fix the True Positive triaged vulnerabilities
Managing Secure Coding Guidelines program to train developers using Security Champions Program

Application SecurityDevSecOpsVulnerability RemediationSecure Code ReviewSecure CodingSecure SDLC+8

Wipro

Senior Application Security Engineer

Nov 2021 – Jun 2023 · 1 yr 7 mos · Gurugram, Haryana, India · Hybrid

Creating and Managing Application Security Program
Secure Design Review or Secure Architecture Review or Threat Modelling
SAST, Secure Code Review
DAST, Penetration Testing
Vulnerability Triage and Remediation
Managing WAF (Imperva, CloudFlare) with Network Security Team
Supporting Cloud Security related tasks
Tools Used: Shiftleft, Invicti, Bright Security, Dazz, Wiz, Lacework, Phylum, BurpSuite, PlexTrac, Fortify

Application SecuritySecure Code ReviewPenetration TestingThreat ModellingSecure Architecture ReviewSecurity Engineering+16

Fis

IT Security Engineer II

Jul 2021 – Nov 2021 · 4 mos · Noida, Uttar Pradesh, India · Remote

Provide SME input for Application Security
Planning and managing the delivery of Application Security tests (both automatic and manual), and source code reviews on web applications
Formulating and implementing monitoring, policies, procedures, and standards relating to application security
Responsible for managing or providing developer application security awareness
and education
Provide security remediation advice and training to technical personnel
Work directly with internal business units to communicate risk and help resolve open vulnerabilities
Track, report, and close software security workstreams using JIRA

API SecurityDASTPenetration TestingSecure CodingVulnerability Assessment and Penetration Testing (VAPT)Web Application Security+2

Tata consultancy services

4 roles

IT Analyst

Promoted

Jul 2020 – Jul 2021 · 1 yr

VA&PT of Web Applications and APIs, Dynamic Application Security Testing(DAST), Static Analysis Security Testing(SAST), Secure Code Review, Secure Coding Practices, HCL Appscan Enterprise and Standard, Burpsuite, Checkmarx, Kali Linux, Metasploit, nmap, sqlmap, Wireshark, Fiddler, Postman, Swagger, Insomnia

DASTPenetration TestingCSPMSecure CodingVulnerability Assessment and Penetration Testing (VAPT)SAST+4

System Engineer

Jul 2018 – Jul 2020 · 2 yrs

Vulnerability Assessment and Penetration Testing (VAPT)

Assistant System Engineer

Dec 2016 – Jul 2018 · 1 yr 7 mos

Vulnerability Assessment and Penetration Testing (VAPT)

Graduate Trainee

Jul 2016 – Dec 2016 · 5 mos

Description: Item Response Theory (IRT) Engine, Virtual Chemistry Lab in Unity
Role: Team Leader Responsibilities:
I was assigned a couple of projects including creating Full Stack Applications with Front and Back End in it using JAVA MVC Framework, JS, Bootstrap, jQuery.
Created IRT Engine, based on a statistical theory (Item Response Theory) to find ability of candidates writing exam, using R language to implement theory and plot various charts using Java Hibernate Framework and MVC structure for Web Application implementation.
o It is the preferred method for developing scales in the US especially when optimal decisions are demanded, as in so-called high-stakes tests, e.g., GRE and GMAT
Created Virtual Chemistry Lab to conduct Salt Analysis, using Maya to create objects, Unity to use those objects and setting up the lab and its interaction, Java to create automated program to conduct test cases, JUnit to create test cases of positive and negative tests