Anudeep Mouli

Director of Engineering

Bengaluru, Karnataka, India12 yrs 11 mos experience

Most Likely To SwitchHighly Stable

Key Highlights

Over 12 years of experience in cybersecurity.
Creator of Alertix, a BurpSuite extender.
Led security assessments for major corporate acquisitions.

Stackforce AI infers this person is a Cyber Security expert with extensive experience in product security and vulnerability management.

Contact

anudeepmouli@gmail.com LinkedIn

Skills

Core Skills

Product SecurityLeadershipVulnerability ManagementSecurity AssessmentsSecurity Awareness TrainingSecurity Policy DevelopmentSecurity OperationsCloud SecurityApplication Security

Other Skills

.NETActive DirectoryAmazon Web Services (AWS)Burp SuiteC++CI/CD IntegrationCryptographyCustom Scripts DevelopmentCyber Security RiskCybersecurityDatabasesDevSecOpsEthical HackingFirewallsHTML

About

Anudeep Mouli is a hacker, infosec consultant, researcher, and enthusiast. His area of interest includes penetration testing, attack research, defense strategies and post exploitation research. He has 12+ years of experience in the security domain, evaluating security posture of applications and infrastructure for many global corporate giants and financial institutions. He is also involved in Red teams. He specializes in assessing security risks at secure environments which require novel attack vectors and "out of the box" approach. He is also the creator of Alertix, a BurpSuite extender which makes it easy to find vulnerable points in web applications. In his spare time, Anudeep researches on new attack methodologies and updates his tools and frameworks. He has also held training and boot camps for various corporates (in India, the MEA, and SEA).

Experience

12 yrs 11 mos

Total Experience

4 yrs 3 mos

Average Tenure

5 yrs 8 mos

Current Experience

Ivanti

5 roles

Director, Product Security

Promoted

Apr 2025 – Present · 1 yr 2 mos

Product SecurityLeadershipCloud SecurityDevSecOpsCyber Security RiskSecurity Policy Development

Senior Manager, Product Security

Promoted

Jan 2023 – Mar 2025 · 2 yrs 2 mos

Established a vulnerability management program, including a responsible disclosure policy and bug bounty program.
Led regular security assessments and penetration testing efforts, both internal and with external vendors.
Implemented a metrics-driven approach to track and reduce the mean time to remediation for security issues.
Developed and delivered security awareness training.
Established a security champions program across engineering teams.
Regularly presented security metrics and initiatives to executive leadership, fostering a security-first culture.
Grew the size of product security team to 4x over 2 years.
Mentored junior security engineers and facilitated knowledge sharing within the team.
Continuously evolved the security program to keep pace with the company's rapid growth and changing threat landscape.
Led security due diligence efforts for 3 strategic acquisitions and 1 merger, playing a crucial role in deal evaluation and risk assessment.
Developed and implemented a comprehensive M&A security playbook, standardizing the approach to security integration during corporate transactions.
Conducted thorough security assessments of acquisition targets, identifying potential risks and compliance gaps.
Evaluated, selected, and implemented a suite of security tools including SAST, DAST, and SCA solutions.
Integrated security scans into CI/CD pipelines, achieving 100% automated security testing coverage for new code.
Developed custom scripts and tools to automate repetitive security tasks and reporting.

Vulnerability ManagementSecurity AssessmentsPenetration TestingSecurity Awareness TrainingSecurity Champions ProgramSecurity Metrics+4

Manager, Product Security

Mar 2022 – Dec 2022 · 9 mos

Leading a team of amazing security folks in building comprehensive application defences.
Management of application and cloud security affairs for all of Ivanti products.
Implement, maintain and improvise the DevSecOps pipeline
Involve in high level security decisions

LeadershipSecurity OperationsSecurity Policy Development

Staff Product Security Engineer

May 2021 – Feb 2022 · 9 mos

Architected secure cloud infrastructure designs using Infrastructure as Code (IaC) principles.
Implemented cloud security best practices across AWS/Azure/GCP environments.
Conducted regular cloud configuration audits and implemented automated compliance checks.

Cloud Security

Senior Product Security Engineer

Jun 2020 – Apr 2021 · 10 mos

Security ownership of all MobileIron client applications part of its MDM portfolio.
Enhancement of SAST and SCA using both commercial and open source solutions.
Performing Cloud Security reviews.

Null - the open security community

Volunteer

Jan 2023 – Present · 3 yrs 5 mos

Zscaler

2 roles

Senior Security Researcher II

Apr 2019 – Jun 2020 · 1 yr 2 mos

Designed and implemented a comprehensive product security strategy aligned with business objectives and industry best practices.
Established security policies, standards, and guidelines tailored to the company's SaaS offerings.
Evaluated, selected, and implemented a suite of security tools including SAST, DAST, and SCA solutions.
Integrated security scans into CI/CD pipelines, achieving 100% automated security testing coverage for new code.
Developed custom scripts and tools to automate repetitive security tasks and reporting.
Created a risk assessment framework to prioritize security efforts across multiple products and features.

Senior Security Researcher I

Nov 2016 – Mar 2019 · 2 yrs 4 mos

As one of the first few hires for Product Security, built internal security program for Zscaler from the ground up.
End-to-end security management for all Zscaler assets.

Application SecurityCloud SecuritySecurity Architecture DesignPenetration Testing

Paladion

4 roles

Project Manager and Tech Specialist - Etisalat, UAE

Mar 2015 – Nov 2016 · 1 yr 8 mos

As a security consultant and penetration tester, I have conducted formal tests on web-based applications, networks, and other types of computer systems on a regular basis. Apart from this I was also managing and mentoring a small team of security engineers.
Had been working on physical security assessments of servers, computer systems, and networks. Along with these tests and assessments, I was also involved in conducting regular security audits from both a logical/theoretical standpoint and a technical/hands-on standpoint. My work also included security of wireless networks, databases, softwares and/or company secrets.