Fazil Khan A

Product Manager

Bengaluru, Karnataka, India9 yrs 9 mos experience

Key Highlights

  • Reduced critical vulnerabilities by 40% across flagship applications.
  • Led application security program integrating security into development lifecycle.
  • Expertise in cloud security and threat modeling for enterprises.
Stackforce AI infers this person is a Cybersecurity Expert specializing in application security and cloud security for enterprise environments.

Contact

LinkedIn

Skills

Core Skills

Application SecurityCloud SecuritySecurity FrameworksSecurity AutomationRisk AssessmentsNetwork Security

Other Skills

Application Risk AssessmentBluecoat ProxiesBorder Gateway Protocol (BGP)CI/CDCheckpointCisco ASACustomer ServiceCustomer SupportCyber InsuranceCybersecurityDASTDLPDigital ForensicsFidelisFirewall Management

About

I’m a Staff Product Security Leader, where I champion “security by design” across complex energy-tech and digital products. Over the past nine years, I’ve partnered with engineering, DevOps, and product teams to embed defense-in-depth practices - from threat modeling and secure code reviews to automated CI/CD gates - reducing critical vulnerabilities by 40% across our flagship applications. Beyond the day job, I’ve been invited to lend my expertise as a judge for a student startup pitch fest - bringing fresh perspectives from countless cybersecurity conferences to help founders bake resilience and privacy into their MVPs. My work on runtime application self-protection (RASP) and service-mesh mTLS across multi-cloud setups has influenced how teams secure mission-critical environments, and my white paper on smart-manufacturing security continues to guide best practices in OT. I hold a Bachelor of Engineering in Electronics and Communication Engineering and am actively pursuing my CSSLP, CCSP and CISSP certification to further sharpen my Cybersecurity skills. 📬 Let’s connect if you’re building secure-by-design products or seeking a sounding board on application security, DevSecOps, and cloud-native architectures!

Experience

9 yrs 9 mos
Total Experience
2 yrs 6 mos
Average Tenure
2 yrs 3 mos
Current Experience

Baker hughes

Staff Product Security Analyst

Mar 2024Present · 2 yrs 3 mos · Bengaluru, Karnataka, India · Hybrid

  • Built and led the application security program, integrating security into the software development lifecycle.
  • Developed security automation tools, performed threat modeling, and enhanced cloud security controls.
  • Led security architecture reviews and implemented threat modeling practices for software projects.
  • Conducted manual and automated secure code reviews in Go Lang, Java, PL/SQL, C/C++ and Python to identify vulnerabilities.
  • Integrated security testing into CI/CD pipelines using industry leading tools and technologies..
  • Conducted static and dynamic application security testing (SAST/DAST/SCA/Container Security/Secrets Scanning) and advised on remediation strategies.
Application SecuritySecure SDLCThreat ModelingCloud SecuritySASTDAST+1

Hcltech

Technical Lead

Sep 2021Mar 2024 · 2 yrs 6 mos · Chennai, Tamil Nadu, India · Hybrid

  • Designed and implemented security strategies for enterprises, focusing on secure architecture and automation. Contributed to cloud security best practices and guided teams on compliance and threat modeling.
  • Designed and implemented AWS, GCP, and Azure security controls to meet compliance frameworks (NIST, CIS, IEC 62443).
  • Advised clients on implementing security frameworks such as MITRE ATT&CK ICS, OWASP, EU CRA and SEMI E187.
  • Assessed cloud configurations using Qualys, Nessus, and OpenVAS, ensuring best security practices.
  • Conducted static and dynamic application security testing (SAST/DAST) and advised on remediation strategies.
  • Developed and maintained secure coding guidelines and security best practices for developers.
  • Performed security assessments for cloud-based applications and provided recommendations for AWS security enhancements.
Cloud SecurityThreat ModelingSecurity FrameworksSASTDAST

Tata consultancy services

Cyber Security Analyst

Aug 2019May 2021 · 1 yr 9 mos · Chennai, Tamil Nadu, India

  • Automated security processes for CI/CD pipelines, ensuring secure software deployment. Specialized in securing critical infrastructure by implementing industry frameworks, conducting red team exercises, and performing risk assessments.
  • Implemented security automation within CI/CD pipelines, ensuring robust software delivery processes.
  • Conducted SAST and DAST to identify and remediate security risks.
  • Advised clients on implementing security frameworks such as MITRE ATT&CK ICS, OWASP, and SEMI E187.
  • Conducted red teaming exercises using Metasploit, Kali, and Nmap to identify system vulnerabilities.
  • Performed risk assessments and security reviews for critical infrastructure in compliance with IEC 62443.
Security AutomationRisk AssessmentsRed TeamingSASTDAST

Vwr, part of avantor

2 roles

Network Security Engineer

Promoted

May 2016Aug 2019 · 3 yrs 3 mos

  • Worked on Checkpoint Firewall R80.10 and ACL rules.
Network SecurityFirewall Management

Engineer I

May 2016Aug 2019 · 3 yrs 3 mos

Education

Angel College of Engineering and Technology

Bachelor of Engineering - BE

Jan 2012Jan 2016

Kendriya Vidyalaya

AFS Sulur — Coimbatore

Stackforce found 100+ more professionals with Application Security & Cloud Security

Explore similar profiles based on matching skills and experience

MS

Mangesh Shinde

Manager – Data Migration and Resiliency

at Yotta Data Services Private Limited

Pune, India9 yrs 6 mos exp
Disaster RecoveryCloud resiliency
MI

Mohammed Irfan M A

Professional Services Senior Consultant (CyberSec|DevSecOps)

at Black Duck

Dubai, United Arab Emirates4 yrs 11 mos exp
CybersecurityDevSecOpsAppSecInfrastructureSoftware Development
SU

Sagar Uppuluri

Gap year

at Career Break

Guntur, India10 yrs 7 mos exp
Higher Education TeachingSolution ArchitectureJavaArchitecture
DK

Dor Kviatkovski

Regional Sales Manager

at Palo Alto Networks

Tel Aviv-Yafo, Israel11 yrs 6 mos exp
CybersecurityAI SecurityPublic Sector SalesDigital Process Management
JK

Jahanavi Krishnakumar

Senior Software Engineer

at Wipro

Stuttgart, Germany8 yrs 6 mos exp
CC++Python
AK

Ajay Kumar

Senior Information Security Engineer

at Lowe's India

Bengaluru, India10 yrs 4 mos exp
Web Application Security TestingVulnerability AssessmentWeb Services SecurityDASTTeam Management
PB

Prashanth Bandlamudi

SDE 2

at Amazon

Bellevue, United States4 yrs 3 mos exp
MicroservicesJavaCryptographyNetwork SecurityAI/ML
RB

Rathish Babu

Senior Engineer

at Bharat Electronics Limited

Bengaluru, India9 yrs 3 mos exp
NetworkingNetwork SecurityNetwork ManagementIncident ManagementNetwork Configuration