Keshav Kandasamy

DevOps Engineer

Chennai, Tamil Nadu, India8 yrs 5 mos experience

Key Highlights

Expert in implementing secure coding practices.
Proven track record in DevSecOps and automation.
Strong background in vulnerability assessment and penetration testing.

Stackforce AI infers this person is a Security Engineer specializing in Application Security and DevSecOps within the SaaS industry.

Contact

Skills

Core Skills

Application SecuritySecure Code ReviewDevsecops

Other Skills

AnsibleAWS SecurityThreat ModelingWeb Application SecurityC++Ethical HackingPenetration TestingInformation SecurityVulnerability AssessmentCybersecurityJavaC (Programming Language)SQLDockerJenkins

About

Someone who loves to solve problems at scale

Experience

8 yrs 5 mos

Total Experience

1 yr 9 mos

Average Tenure

1 yr 2 mos

Current Experience

Amagi

Lead Security Engineer

Mar 2025 – Present · 1 yr 2 mos · Bengaluru, Karnataka, India

Locus

Senior Security Engineer

Aug 2023 – Mar 2025 · 1 yr 7 mos · Bengaluru, Karnataka, India · Remote

Atlassian

Product Security Engineer

Nov 2022 – Apr 2023 · 5 mos · Bengaluru, Karnataka, India

Freshworks

3 roles

Senior Security Engineer

Apr 2021 – Oct 2022 · 1 yr 6 mos

Implemented a GoldenAMI automation pipeline for the most popular operating systems using Ansible.
Conducted a Secure Coding Developer Training for Java developers. Covered the top vulnerabilities that are currently prevalent in the industry.
Currently owning and managing the automated SAST pipeline across different products and services in Freshworks.

Secure Code ReviewAnsibleApplication Security

Security Engineer

Promoted

Jun 2020 – Apr 2021 · 10 mos

Implemented a DevSecOps pipeline and integrated a SAST tool to run before the code is merged into production for all products and services.
Hands On experience in Docker, Jenkins CI, Github, Github Actions, CI CD, Java, Python, AWS Services, Maven/Gradle.
Integrated the SAST tool with a custom issue tracker application and developed many smart features to bring ease for the developers without affecting their pace of product delivery.
Implemented a framework for identifying authorization issues which is difficult to be done manually.
Built various other internal tools to automate the time consuming process which is done manually everytime.
Apart from automations, I'm working as a pentester who is experienced in finding OWASP and other security related vulnerabilities.
Performed advanced penetration testing techniques to keep the security of the applications in check.

Secure Code ReviewAWS SecurityDevSecOpsApplication Security

Software Engineer - Security

Aug 2019 – Apr 2021 · 1 yr 8 mos

Zoho corporation

Member Of Technical Staff

May 2017 – Jun 2019 · 2 yrs 1 mo · Chennai Area, India

Worked on Vulnerability Manager Plus product.The product fixes vulnerabilities by patching different products in the machine that is vulnerable and also provide best practices for Operating systems and web servers by modifying their configurations. (i.e) Hardening of Operating systems and Web servers. From a central location, it is possible to monitor all the machines present in the enterprise.
Worked on the agent side that is done using C++ which delivers the logic required for the product.
Analysed top web servers like Apache,Tomcat,Nginx, IIS and implemented best practices on them using compliance such as CIS, STIG.
Implemented port scanning which tells the open ports on the machine.
Insight knowledge about Windows Operating system so as to implement the best practices onthem.
Worked on Web Application penetration testing and implemented using C++.