Vaibhav S.

CEO

Bengaluru, Karnataka, India11 yrs experience

Most Likely To Switch

Key Highlights

Expert in securing enterprise-scale applications and cloud platforms.
Led SAST implementation for 6000+ developers.
Certified Red Team Professional with hands-on vulnerability management.

Stackforce AI infers this person is a Product Security expert in the SaaS industry with a focus on cloud security.

Contact

Skills

Core Skills

SastSecurity ReviewsSecurity AssessmentBug MitigationArchitecture Risk AnalysisDevsecops

Other Skills

Security ControlsSecure CodingFedRAMPMitigation StrategiesSnyk CodeSemgrepSecurity AutomationApplication SecurityCustomer EngagementSSDLInfrastructure SecurityCloud SecurityThreat ModelingCryptographyPenetration Testing

About

https://vaibhavshukla92.github.io/ Product Security expert focused on securing enterprise-scale applications and cloud platforms through Architecture Risk Analysis, Secure Design Reviews, Threat Modeling, Vulnerability Management, and DevSecOps. Driving scalable security by integrating AI-assisted tooling such as Claude Code, Cursor, and Gemini into security review, code analysis, and intake workflows to improve coverage, accelerate turnaround, and enhance developer experience. Prior experience: • Strong hands-on experience in Vulnerability Assessment and Source Code Review • Architecture Risk Analysis (cloud, hybrid architecture, etc.) • DevSecOps - Tool evaluation, roadmap, and integration of security touchpoints • Certified Red Team Professional (CRTP) • Certified AWS Solution Architect Associate (AWS-SAA) • CVE-2020-2955 - Vulnerability in Oracle Core Banking Application • Open Source Contributor

Experience

11 yrs

Total Experience

1 yr 6 mos

Average Tenure

2 yrs 4 mos

Current Experience

Salesforce

2 roles

Senior Product Security Advisor

Promoted

Feb 2024 – Present · 2 yrs 4 mos

Work with multiple engineering teams identifying and addressing security risks as a trusted product security advisor.

Security Engineer

Jan 2021 – Jun 2022 · 1 yr 5 mos · Remote

Review Security Bugs Lifecycle and Security Assessment process (comprising threat models, pentests and code review) through SSDL workflow to ensure quality delivery
Drive bug mitigation across clouds to prevent risk propagation
Lead development of bots to address timely closure of critical bugs across clouds
Build trusted relationships with key technology, functional leaders and engineering partners

Security ControlsSecure CodingSecurity AutomationApplication SecurityCustomer EngagementSSDL+4

Atlassian

Product Security Engineering

Jun 2022 – Feb 2024 · 1 yr 8 mos · Remote

Led SAST implementation through close collaboration with engineering teams, seamlessly integrating it into the development process for PR scans and regular assessments. Build metrics to measure its impact and establish the process to achieve FedRAMP compliance.
Developed SAST training for 6000+ devs.
Review code and design to find security issues in new services.
Support developers to quickly patch vulnerabilities during incidents.
Mentor fellow security engineers on security reviews, code reviews and threat models.
Interview and onboard security engineers, ensuring that we expand our team with top-tier talent.

Security ControlsSecure CodingSASTFedRAMPSecurity ReviewsMitigation Strategies+2

Synopsys inc

Security Consultant

Jun 2019 – Jan 2021 · 1 yr 7 mos · Bengaluru, Karnataka, India

Architecture risk analysis for a cloud (AWS) based architecture
Helped clients in their DevSecOps journey with tool evaluation, integration, and future roadmap
Comparative analysis between cloud providers for service offerings’ security capabilities
Security controls in RPA and Containers to facilitate secure execution of critical business processes
Designed an enterprise-wide secure and scalable architecture around Azure Key Vault using Terraform and ServiceNow
Pentests and source code review
Winner of Techfair CTF
Star Award - Individual category

Security ControlsThreat ModelingSecure CodingCryptographyDevSecOpsPenetration Testing+4

Startup

Senior Security Consultant

Jul 2018 – May 2019 · 10 mos

Photon interactive

2 roles

Security Analyst

Jul 2016 – Jun 2018 · 1 yr 11 mos

Conducted thorough penetration testing for web and mobile applications, reviewed source code to identify vulnerabilities, researched and addressed security flaws in both applications and networks. Implemented effective solutions to enhance overall security posture.

Innovation Consultant

Jul 2015 – Jun 2016 · 11 mos

I led efforts to make sure websites and mobile apps were secure by testing them thoroughly. I also looked through the code using tools like Checkmarx and Veracode to find and fix any issues.