Yash Anand

DevOps Manager

Delhi, India5 yrs experience

Key Highlights

  • Expert in building security programs from the ground up.
  • Proficient in automating security processes and defenses.
  • Strong experience in application security and vulnerability management.
Stackforce AI infers this person is a Cybersecurity professional specializing in FinTech and E-commerce security solutions.

Contact

LinkedIn

Skills

Core Skills

Application SecurityAutomationVulnerability AssessmentCybersecurityPenetration Testing

Other Skills

GitHubLog MonitoringAmazon Web Services (AWS)ISO 27001Shell ScriptingAWSCloudflareWeb Application FirewallsCloud SecurityPython (Programming Language)IntuneAzure SentinelC++Database Management System (DBMS)Networking

About

I’m a results-driven cybersecurity professional with 4+ years of experience safeguarding high-growth FinTech, E-commerce, and SaaS environments. My passion lies in building security programs from the ground up, automating defenses, and integrating security seamlessly into the software development lifecycle (shift-left security)

Experience

5 yrs
Total Experience
1 yr 8 mos
Average Tenure
--
Current Experience

Aspire

2 roles

Senior Cybersecurity Engineer

Jan 2025Feb 2026 · 1 yr 1 mo · Hybrid

  • Designed and implemented an automated log monitoring solution to detect and flag Personally Identifiable Information (PII) in application logs, preventing sensitive data exposure and strengthening data security controls.
  • Implemented GitHub Advanced Security by integrating Static Application Security Testing (SAST) and Dependabot-based Software Composition Analysis (SCA), enhancing code security posture. Designed and deployed a custom pre-commit Secret Detection tool to prevent accidental credential leaks, ensuring no sensitive data was pushed to repositories.
GitHubAutomationApplication Security

Cyber Security Engineer

Apr 2023Jan 2025 · 1 yr 9 mos · Hybrid

  • Led application security initiatives by designing and implementing end-to-end security testing processes, establishing the AppSec program from the ground up. Partnered with product and engineering teams to prioritize remediation, track vulnerability fixes, and conduct cross-functional security reviews for each release, ensuring secure and compliant software delivery.
  • Proactively uncovered and addressed critical to medium-severity vulnerabilities (LLM injection, SQL injection, access control flaws, rate-limit bypasses) during early SDLC stages, preventing high-risk issues from reaching production.
  • Developed Aspire’s Responsible Disclosure Policy and implemented an end-to-end vulnerability disclosure process, from acknowledging researcher submissions to coordinating remediation and closure with engineering teams.
Amazon Web Services (AWS)ISO 27001Vulnerability AssessmentApplication Security

Meesho

Security Engineer - I

Dec 2021Apr 2023 · 1 yr 4 mos · Bengaluru, Karnataka, India · Remote

  • As a member of the Meesho product security team, I collaborated with the development team to conduct security testing for new features, review PRD and architecture, and perform quarterly testing of the supplier website.
  • Developed an automation solution for Route53 to enhance DNS security, eliminate DNS takeover vulnerabilities, and enable on-demand asset inventory.
  • Created a CVE scanner for EC2 instances using AWS SSM and the NVD CVE database, which significantly reduced reliance on third-party tools like Qualys Cloud Scanner.
  • Designed and implemented a tool for scanning Confluence secrets, improving overall security and confidentiality.
CybersecurityShell ScriptingAWS

Redhunt labs

Security Consultant

Jan 2021Nov 2021 · 10 mos · London, England, United Kingdom · Remote

  • As one of the first members of the Attack Surface Management team, I created and set up the Attack Surface Management Automation. This made our work more efficient, cutting down the time needed by 80% through smarter processes and less manual work.
  • Performed Web application, APIs, Network, and mobile Applications Security testing of several clients.
  • Stay up-to-date with emerging security threats, CVE, and new reconnaissance techniques.
Penetration TestingCybersecurity

Pyramid cyber security & forensic

Security Intern

Mar 2020Jun 2020 · 3 mos · Delhi, India

Education

Indian Institute Of Information Technology Allahabad

Master of Engineering - MEng — Cyber Law and Information Security

Jul 2020May 2022

University School of Information, Communication & Technology (USICT)

Bachelor of Technology - BTech — Computer Science

Jan 2016Jan 2020

Stackforce found 100+ more professionals with Application Security & Automation

Explore similar profiles based on matching skills and experience

Akash Singh

Akash Singh

Security Consultant

at Emirates NBD

Dubai, United Arab Emirates3 yrs 10 mos exp
Information Security
BV

Bhanu Vrat

Principal Security Consultant, Cyber & Data Resilience

at Kroll

New Delhi, India10 yrs 10 mos exp
Cyber-securityInformation SecurityVulnerability ManagementInformation Security Awareness
N‎

Nikita ‎

Security Engineer

at Apple

Bengaluru, India5 yrs 3 mos exp
Application SecurityiOSCloud SecuritySoftware Development
Pethuraj M

Pethuraj M

Cyber Security Specialist

at Anubavam

Chennai, India8 yrs 5 mos exp
Threat & Vulnerability ManagementCybersecurity
SM

Swapnil Mali

Associate

at PwC India

Bengaluru, India4 yrs 4 mos exp
Automotive SecurityPenetration Testing
Astik R.

Astik R.

Senior Security Consultant

at Swarmnetics

Singapore, Singapore4 yrs 7 mos exp
Penetration TestingInformation SecuritySecurity Consulting
Vandana Verma

Vandana Verma

Security Leader

at Snyk

Bangalore, India20 yrs 6 mos exp
Application SecurityComplianceInformation SecuritySecuritySecurity Operations
Aswani Raveendran

Aswani Raveendran

Application Security Specialist

at Carlsberg Group

Birmingham, United Kingdom10 yrs 1 mo exp
Application Security AssessmentPenetration Testing