Srajan Gupta

DevOps Engineer

San Jose, California, United States8 yrs 4 mos experience
Most Likely To SwitchAI ML Practitioner

Key Highlights

  • Expert in threat modeling and application security.
  • Developed proprietary tools for real-time threat detection.
  • Passionate about integrating security into software design.
Stackforce AI infers this person is a Cybersecurity expert focused on application security and threat modeling.

Contact

LinkedIn

Skills

Core Skills

Threat ModelingApplication SecuritySecurityIncident ResponseSecurity Automation

Other Skills

Data Loss PreventionZero-Trust Network AccessEmail SecuritySIEMThreat huntingZTNACloud SecuritySecure ArchitectureAPI SecurityApplication Security ArchitectureAmazon Web Services (AWS)Penetration TestingSplunkArtificial IntelligenceAsset Management

About

"Most systems are secure... until someone actually looks at them" I’m passionate about finding those cracks in how things are built — not just through bugs, but through the architecture itself. My work lives at the intersection of developer experience, security engineering, and platform design. I think like an attacker, build like an engineer, and write like someone who actually wants you to stay awake while reading about threat models. My goal is to help teams make security decisions before code is written — and ensure they scale those decisions as fast as they scale their architecture. Currently focused on building tools and frameworks that bring security closer to design, and closer to developers.

Experience

8 yrs 4 mos
Total Experience
2 yrs 9 mos
Average Tenure
4 yrs
Current Experience

Dave

Senior Security Engineer

May 2022Present · 4 yrs · San Francisco Bay Area

  • Led the refinement of the threat modeling process, boosting risk mitigation efficiency in SDLC.
  • Directed a cross-functional team in the development of a suite of proprietary tools and products, significantly improving the detection and mitigation of threats in real-time, while reducing the Fraud Losses.
  • Built a secrets management tool from the ground up, securing sensitive data effectively.
  • Developed reusable security components to streamline secure software development.
  • Authored and maintained the organization's security policies and procedures, leading security awareness training sessions that increased security compliance among engineering teams.
  • Crafted custom Capture The Flag (CTF) challenges tailored to exploit vulnerabilities discovered within our code repositories, effectively educating and engaging engineering teams on security best practices.
  • Partnered with engineering teams to tackle complex security challenges within the cloud, ensuring the integrity of products.
Threat ModelingApplication Security

Ripcord

Founding Security Engineer

Feb 2020Apr 2022 · 2 yrs 2 mos · San Francisco Bay Area

  • As the First Security Engineer, established and upheld novel security policies, creating a foundational benchmark for security practices within the organization.
  • Worked on Data Loss Prevention, Identifying and classifying different data types and applied data protection polls at various ends.
  • Designed and Managed Security Operations Center (SOC) and acted as the escalation PoC to triage and remediate incidents.
  • Streamlined incident response by scripting automated solutions to frequent issues, significantly reducing Mean Time to Resolve (MTTR), and built custom workflows for automating a variety of IT tasks.
  • Adopted a Zero-Trust Network Access (ZTNA) strategy throughout the organization to ensure secure yet seamless access for users, aligning with modern security best practices.
  • Worked extensively with the Compliance team and acted as the technical liaison when needed for security validation to customers.
  • Produced technical documentation related to the scope, nature and characteristics of the project to be implemented and acted as the SME for it.
Threat ModelingApplication SecurityData Loss PreventionIncident ResponseZero-Trust Network Access

Bj's wholesale club

Security Threat Analyst

Jun 2019Aug 2019 · 2 mos · Greater Boston Area

  • Developed an app to automate and integrate Proofpoint TAP email threat with IBM Qradar(SIEM) via SaaS API using Python.
  • Performed reactive Incident response on security events by analyzing logs using SIEM correlation between multiple log sources like EDR and firewalls.
  • Researched about the integration of different SOAR platforms with SIEM and other tools to automate the incident response process.
  • Researched tactics, and techniques (TTPs) and looked for probable paths based on former TTPs used in a campaign to improve the Triage Process.
  • Utilized the MITRE Attack Framework to determine gaps in custom IOC correlation, reduced false positives, and refined existing rules for better threat
  • detection and response.
  • Performed periodic network security assessments for critical systems using Tenable Nessus and reviewed for evidence of vulnerability.
Security AutomationEmail SecuritySIEM

Wipro limited

2 roles

Project Engineer

Jun 2017Dec 2017 · 6 mos

Security Analyst

Sep 2015May 2017 · 1 yr 8 mos

  • Worked in SOC for Citi Bank
  • Utilized SIEM tool – Splunk, Arbor to monitor and report real-time machine-generated data. Identified attacks, conducted analysis, and created alerts for future events.
  • Developed alerts and timed reports and managed Splunk applications.
  • Performed security incident response and incident handling based on risk categorization and established procedures.
  • Worked with multiple data sources and parsed them accordingly.

Shreyancy consultancy

Web Developer

May 2014Jul 2014 · 2 mos · Noida Area, India

Education

Arizona State University

Master's degree — Cyber security and software engineering

Jan 2018Jan 2019

Jaypee University of Information Technology

Bachelor of Technology (B.Tech.) — Computer Science

Jan 2011Jan 2015

Delhi Public School, Mathura Road, New Delhi

Secondary Education — Science

Jan 2009Jan 2011

Stackforce found 100+ more professionals with Threat Modeling & Application Security

Explore similar profiles based on matching skills and experience

Vaibhav Gupta

Vaibhav Gupta

Founder

at Appfend

Dublin, Ireland15 yrs 9 mos exp
Satish Bommisetty

Satish Bommisetty

Senior Manager, Product Security

at Highspot

Hyderabad, India19 yrs 9 mos exp
API SecurityApplication SecurityPenetration TestingSecure SDLCVulnerability Disclosure Programs
Karan Bhatt

Karan Bhatt

Engineer- Security [Consultant]

at Ajaib

Bengaluru, India3 yrs 9 mos exp
Application SecurityCloud SecurityPenetration TestingVulnerability Management
Prakhar Prasad

Prakhar Prasad

Security Engineer

at Atlassian

India5 yrs 8 mos exp
Bug Bounty ProgramProduct SecuritySecurity ReviewsSoftware Development LifecycleVulnerability Assessment
Vikram P.

Vikram P.

Sr Security Engineer II

at Endor Labs

India11 yrs 7 mos exp
ID

Ishan D.

Security Consultant

at Confidential

Pune, India10 yrs 2 mos exp
Vulnerability AssessmentEthical Hacking
Pardeep Battu

Pardeep Battu

Senior Security Engineer

at GoDaddy

Bengaluru, India10 yrs 1 mo exp
Bhushan Nikam

Bhushan Nikam

Senior Manager

at Morgan Stanley

India11 yrs 8 mos exp