Astha Singhal

CEO

San Francisco, California, United States13 yrs 10 mos experience

Most Likely To SwitchAI ML Practitioner

Key Highlights

Proven track record in building high-performing security teams.
Expertise in securing enterprise applications and infrastructure.
Active contributor to the security community through speaking and organizing.

Stackforce AI infers this person is a seasoned Information Security leader with a focus on scalable security solutions in the SaaS industry.

Contact

Skills

Core Skills

Information Security

Other Skills

GenAI technologiessecurity engineeringworkforce securityapplication security architecturecloud security engineeringbug bountypentestingthreat modelingapplication securitysecurity partnershipssecurity visibilityvulnerability managementpenetration testingdeveloper educationself-service security tools

About

Passionate security leader solving security engineering problems at scale across engineering and workforce technology. Advocate for proactive, usable security, self-service and stakeholder enablement. Proven track record of building, retaining and scaling high performing security teams. Experience with translating enterprise risk needs into security initiatives. Active participant of the security community as a speaker, organizer and program reviewer.

Experience

13 yrs 10 mos

Total Experience

6 yrs 11 mos

Average Tenure

8 yrs 7 mos

Current Experience

Netflix

4 roles

GenAI Security Lead

Jan 2025 – Present · 1 yr 4 mos

I took on additional responsibilities leading the team responsible for protecting Netflix's usage of GenAI technologies across enterprise, content and consumer use cases.

GenAI technologiessecurity engineeringInformation Security

Director, Workforce and Infrastructure Security

May 2022 – Present · 4 yrs

Building unified, scalable approaches to securing the technology footprint that supports Netflix products, studio and enterprise.
Workforce Security for the Netflix workforce (endpoints, vendors, users)
Application and Infrastructure Security Architecture and Strategy
Cloud Security Engineering for Netflix public cloud deployments
Appsec reviews, assessment services (bug bounty, PSIRT, Pentesting, security reviews and threat modeling)
Appsec and worksec engineering at scale

workforce securityapplication security architecturecloud security engineeringbug bountypentestingthreat modeling+1

Director, Application Security

Promoted

Nov 2019 – May 2022 · 2 yrs 6 mos

Led the Application Security organization responsible for securing Netflix's internally built software footprint (includes application, infrastructure and platform services).
Strategic Security Partnerships to identify and drive consolidated, risk-prioritized security roadmaps across Product and Engineering for Application and Infrastructure Security
Scalable and transparent rollout of security capabilities via platform and infrastructure paved roads
Security visibility and risk insight platform development
Security self-service for developers
Software vulnerability management tools and services
Netflix Bug Bounty and Penetration Testing
Product Security Incident Response
Security Architecture Reviews and Threat Modeling

application securitysecurity partnershipssecurity visibilityvulnerability managementbug bountypenetration testing+1

Engineering Manager, Application Security

Oct 2017 – Nov 2019 · 2 yrs 1 mo

Head of the Appsec team that secures all applications and compute systems that run in Netflix's Cloud Infrastructure.
Established and built out the Appsec Engineering function to build tools that reduce risk via application insight and self-service.
Established the Strategic Security Partnership program to drive high leverage security initiatives across the engineering ecosystem.
Manage Appsec professional services like PSIRT, Netflix Bug Bounty, Developer Education, Security Architecture and Vulnerability Management for the Netflix Engineering Workforce

application securitysecurity engineeringdeveloper educationvulnerability managementInformation Security

Cider security

Advisor

Dec 2021 – Dec 2022 · 1 yr

Salesforce

2 roles

Senior Manager, Product Security

Promoted

Sep 2015 – Sep 2017 · 2 yrs

Partnered closely with the Salesforce ISV (Independent Software Vendors) business to secure offerings on the Salesforce AppExchange marketplace.
Led the team responsible for self-service security tools, developer evangelism and training to build out a scalable security program for one of the biggest enterprise software marketplaces.
Established and ran the Partner Security Advisory Council program for strategic global partners in the AppExchange ecosystem.
Managed a team of security engineers that ensures security of various core Salesforce products like the flagship CRM product, the Einstein platform, Salesforce Industries, Trailhead learning platform etc.

self-service security toolsdeveloper trainingsecurity program managementInformation Security

Product Security Engineer (Associate – Senior)

Jun 2012 – Sep 2015 · 3 yrs 3 mos

Helped secure the flagship CRM product build secure features from a design and implementation standpoint
Performed code reviews, application penetration tests and delivered security training for both internal products and Salesforce AppExchange.
Matured the security posture of the Salesforce Wave product from an acquisition to an enterprise level, while helping them integrate with the core product securely.
Performed security assessments for apps submitted to the Salesforce AppExchange Security Review.
Built tools and automation to scale security initiatives for the team.
Ran university recruiting events like on-campus interviews and tech talks at various schools.
Started as an associate security engineer and received various promotions from Associate to Senior

secure codingapplication penetration testingsecurity assessmentsInformation Security