Devendra Durgapal

CEO

Bengaluru, Karnataka, India20 yrs 1 mo experience
Highly Stable

Key Highlights

  • Led security strategies for B2B and B2C organizations.
  • Expert in Cloud Security and Vulnerability Management.
  • Strong leadership in diverse, distributed teams.
Stackforce AI infers this person is a Cyber Security Leader with expertise in SaaS and B2B security solutions.

Contact

d.durgapal@gmail.comLinkedIn

Skills

Core Skills

Product SecuritySecurity Engineering

Other Skills

Agile MethodologiesAmazon Web Services (AWS)Android SecurityAutomationCCloud ComputingCloud security architectureCommunicationComputer SecurityDevSecOpsEmployee EngagementHackathon EventsIncident ResponseIncident responseInformation Security

About

I am a solutions-driven cyber security leader with experience in managing cybersecurity strategies for fast paced B2B & B2C organizations Products and Platforms. Having diverse experience in Cyber Security Assurance, Security Engineering, Cloud Security, Mobile Security, Vulnerability Management, Penetration Testing, DevSecOps, Security Operations and Risk Management for both On-Prem and Cloud products. Having extensive experience of securing Virtualization, MDM and e-commerce SAAS products. Highly organised, life long learner and independent professional with strong interpersonal skills. An effective leader, skilled in enlisting the support of geographically distributed and culturally diverse work group in aligning with project and organizational goals.

Experience

Druva

Senior Director - Product Security

Jan 2023Present · 3 yrs 2 mos · Bengaluru, Karnataka, India · Remote

Swiggy

General Manager - Product Security

Apr 2020Jan 2023 · 2 yrs 9 mos · Bengaluru, Karnataka, India

  • As a security engineering leader -
  • Defined product & platform security vision, strategy, roadmap & KPIs
  • Built/Hire/Manage a team of high-performing security engineers
  • Responsible for below domains at high level
  • Product Security
  • Web & mobile application security
  • Web APIs security (REST-API, SOAP, GraphQL, etc)
  • Product/Tech spec reviews & Threat Modeling
  • Internal & external security assessment (VAPT, Red Teaming, Bounty program, etc)
  • Product Security Requirement & Secure Coding Guidelines
  • Secure SDLC, Shift Left with DevSecOps CI/CD pipelines
  • Security Engineering
  • Automating security tools & integration for KPI collection, reporting
  • Building secure libraries
  • Infrastructure Security
  • Cloud security architecture & configurations
  • AWS security tooling & automation
  • Perimeter security controls (WAF & DDoS protection)
  • Identity and access management
  • Cloud workload protection
  • Cloud security governance
  • Container security
  • Security Operations
  • Vulnerability management
  • Security logging & monitoring (WAF, SIEM, etc)
  • Alerting & automation
  • Incident response, etc.
  • Compliance & Audit
  • PCI DSS, ISO 27001, CIS, CSA - CCM, NIST CSF
  • Statutory audits & cyber assessments
  • Data privacy & localisation
  • Third party vendor evaluation & audit
Web & mobile application securityWeb APIs securityThreat ModelingVulnerability managementIncident responseCloud security architecture+4

(isc)² bangalore chapter

Board Member, Treasurer

Apr 2019Aug 2022 · 3 yrs 4 mos · Bengaluru, Karnataka, India

  • (ISC)² Bangalore chapter is a not-for-profit organisation which meets regularly and conducts events centered around various aspects of Cyber Security providing an opportunity towards continuous learning and networking for InfoSec professionals. Chapter members are security enthusiasts, (ISC)² credential holders like CISSP, CSSLP & etc., and students.
  • Being treasurer, got the chapter registered with local authorities and ensured that the chapter
  • funds are utilised efficiently. Conducted several information security events, soliciting sponsorship
  • from corporates at Bangalore and working with eminent experts in the information security
  • domain to speak at the events.

Mobileiron

Staff Security Engineer

Jun 2017Apr 2020 · 2 yrs 10 mos · Bangalore

  • Leading product security for both on-prem & cloud MDM products. Responsible for end to end secure SDLC, DevSecOps, Incident Response and Compliances (FedRAMP, FIPS 140-2, Common Criteria, SOC2 Type 2, ISO 27001)
  • Spearheaded external VAPT program for 2018 and 2019 for all MobileIron products. From identify vendors, defining external VAPT process and coordinating internally/externally for VAPT. Able to reduce external VAPT cost to 1x from 4x.
  • Setup DevSecOps pipeline in jenkins CI/CD with jira integration
  • By addressing customer RFP risk questionnaire to close many sales deals
  • Supported in achieving ISO/IEC 27001 certification in 2019
Secure SDLCIncident ResponseVulnerability ManagementProduct Security

Vmware

Senior MTS

Mar 2006Jun 2017 · 11 yrs 3 mos · Bangalore

  • Product security lead for multiple products & solutions of vSphere product-line. Responsible for adherence & executions of secure SDLC for maintenance releases.
  • Co-authored "Software Product Security Test Reference Guide" in VMware
  • Authored internal technical journal on "Evolution of NUMA in processor industry"
  • Conducted multiple Hackathon events for vSphere productline
  • Successfully delivered many security escalations and hot patches
  • Developed security testing framework in python
Secure SDLCSecurity Testing FrameworkHackathon EventsProduct Security

Education

Kumoan Engineering College

Bachelor of Engineering (BE) — Computer Science

Jan 2001Jan 2005

Jawahar Navodaya Vidhyalaya

Mathematics

Jan 1994Jan 2001

Stackforce found 100+ more professionals with Product Security & Security Engineering

Explore similar profiles based on matching skills and experience

Nikhil Mittal

Nikhil Mittal

Founding Security Engineer

at Clazar

Pune, India8 yrs 10 mos exp
Jeff S.

Jeff S.

Director, Product Security Engineering

at Adobe

United States29 yrs 3 mos exp
CybersecurityEngineering LeadershipQuality EngineeringAgile MethodologiesBusiness Strategy
Manikanta T P

Manikanta T P

Senior Product Security Engineer - 4

at Pluralsight

Bengaluru, India8 yrs 11 mos exp
Paras Malhotra

Paras Malhotra

Sr. Director Information Security

at Datadog

Seattle, United States19 yrs 11 mos exp
Client EngagementEngineering StrategyQuality AssuranceRisk ManagementSecurity Assessments
Ronnie Joseph

Ronnie Joseph

Security Engineer

at MongoDB

New York City, United States14 yrs 7 mos exp
Cloud SecurityApplication SecurityCybersecurityCloud ComputingIncident Response
Parv Bajaj

Parv Bajaj

Security Engineer I

at Syfe

Gurgaon, India4 yrs 6 mos exp
Application SecurityIncident ResponsePenetration TestingSecurity ComplianceVulnerability Assessment
Saurabh Arora

Saurabh Arora

Vice President Security engineering

at ZEE - Technology & Innovation

Gurugram, India15 yrs 6 mos exp
Cloud securityContent securityData securityIdentity managementInformation security
Palak Arora

Palak Arora

Senior Product Security Engineer

at Cisco

Bengaluru, India7 yrs 3 mos exp
Penetration TestingVulnerability Assessment