Mihir Shah

DevOps Engineer

San Francisco, CA, USA9 yrs 2 mos experience

Key Highlights

  • Authored Amazon best-seller on cloud-native security.
  • Created OWASP VXDF standard for exploitability validation.
  • Mentors future security leaders at Stanford University.
Stackforce AI infers this person is a Cloud Security Expert with a strong focus on SaaS and Fintech industries.

Contact

mihir.shah8260@gmail.comLinkedIn

Skills

Core Skills

Security EngineeringCloud SecurityApplication SecurityLeadershipAutomationBackend DevelopmentJava

Other Skills

API DevelopmentAgile MethodologiesAlgorithm DevelopmentAmazon Web Services (AWS)Android DevelopmentC (Programming Language)C#C++Cloud Security AuditsCoachingCommunication TrainingComplianceComputer ScienceCross Functional RelationshipsCryptography

About

As a Security Engineering Lead at Google Cloud, I help shape the security posture of the world’s most scalable cloud infrastructure, ensuring our products are secure by design and by default. My work bridges deep technical analysis with strategic influence: from leading investigations into complex cloud vulnerabilities and threat detection at scale, to empowering engineering teams through secure design frameworks, automation, and developer-first tooling. I’m the author of the Amazon best-seller Cloud Native Software Security Handbook and creator of the OWASP VXDF standard, used globally to validate exploitability in real-world data flows. I also serve as an industry mentor at Stanford University, helping the next generation of security leaders translate research into practice. I speak at AppSec and Cloud Security conferences including OWASP Global AppSec and Black Hat Middle East. My mission: to make scalable systems verifiably secure without slowing innovation.

Experience

9 yrs 2 mos
Total Experience
1 yr 9 mos
Average Tenure
8 mos
Current Experience

Google

Security Engineer Technical Lead

Oct 2025Present · 8 mos · Sunnyvale, California, United States · Hybrid

  • Google Cloud Platform - Office of CISO
  • Application & Cloud Security, Bug Bounty (Vulnerability Rewards Program)
Security EngineeringCloud SecurityApplication Security

Robinhood

Security Engineering

Jan 2025Oct 2025 · 9 mos · Bellevue, Washington, United States · Hybrid

  • security initiatives across Cloud Security, Application Security, and Privacy functions.
  • Improving compliance workflows to exceed regulatory requirements, streamlining audit readiness.
  • Enhancing cloud and application security practices through cross-team collaboration and process automation
Cloud SecurityApplication SecurityCompliance

Ping identity

Senior Staff Application Security Engineer

Aug 2023Jan 2025 · 1 yr 5 mos · Seattle, Washington, United States · Remote

  • Led security efforts for Ping ID Marketplace anti abuse product security
  • Conducted security assessments for third party OEM integration software, identifying a critical RCE vulnerability
  • Performed cloud security audits and operational security cost cuts
Application SecuritySecurity AssessmentsCloud Security AuditsCloud Security

Forgerock (now ping identity)

Senior Staff Application Security Engineer

Sep 2021Aug 2023 · 1 yr 11 mos · San Francisco Bay Area · Remote

  • Architected the security model for a cloud-based Identity & Access Management service hosted using Kubernetes on the Google Cloud Platform.
  • Worked as a Security lead for multiple product teams at ForgeRock in guiding them for security concerns
  • Supervised and validated Product Bug Bounty programs at ForgeRock
LeadershipSecure CodingCloud SecurityApplication Security

Ublood

Security Software Engineer

Sep 2020Nov 2020 · 2 mos · Bangalore Urban district, India · Remote

  • Sought out by one of the company founders to perform a security assessment for their applications before the product launch
  • Performed security analysis and identified multiple security concerns for the Android, iOS, and AWS applications
  • Created a secure SDLC pipeline leading to better secure coding practices within the organization
Security AssessmentSecure SDLC PipelineCloud SecuritySecurity Engineering

Arista security

Senior Cloud Security Engineer

Oct 2019Sep 2021 · 1 yr 11 mos · San Francisco Bay Area · Remote

  • Worked on filing a patent for Automated defense in cloud-native environments
  • Led a team of security engineers in creating threat detections in cloud environments, and trying to build automated defense
  • Improved the Kubernetes and AWS Security solutions by collaborating with the security research team
Cloud SecurityThreat DetectionAutomationSecurity Engineering

Primatech

Security Software Developer

Apr 2017May 2020 · 3 yrs 1 mo · Bangalore Urban district, India · Remote

  • Developed a backend infrastructure for an investment Banking startup, deployed it on Google Kubernetes Engine, and used GCP managed services also designed an android and iOS app as Frontend solutions
  • Built another project to understand the trend in risk analysis for an insurance company using Java
  • Implemented a microservice architecture for a web app from a monolithic architecture, revising the AWS pricing factor to half of the original price and creating a 30% more performant code
Backend DevelopmentMicroservicesRisk AnalysisApplication Security

Education

Northeastern University

Master of Science - MS — Cybersecurity

Jain (Deemed-to-be University)

Bachelor of Technology - BTech — Computer Science

Stackforce found 100+ more professionals with Security Engineering & Cloud Security

Explore similar profiles based on matching skills and experience

Emma Hershberger (Cockram)

Emma Hershberger (Cockram)

Software Engineering Manager

at Ulteig

Wabasha, United States4 yrs 9 mos exp
Project ManagementSoftware ArchitectureContinuous Integration and Continuous Delivery (CI/CD)Full-Stack DevelopmentAzure DevOps
Jason Martin

Jason Martin

VP FDE

at Databricks

San Francisco, United States33 yrs 5 mos exp
Professional ServicesConsulting
Howard Kelly

Howard Kelly

Founder & Director | Cyber Security, Technology, Data & AI

at Meliora

Hong Kong, Hong Kong SAR13 yrs 7 mos exp
Cyber SecurityRisk Management
Rakesh Reddy Chapatla

Rakesh Reddy Chapatla

Application Engineering Manager

at Synopsys Inc

India16 yrs 3 mos exp
Service Delivery ManagementApplication Security
NY

Nanarao Yarragunta

Lead Software QA Engineer

at Molina Healthcare

Dallas, United States13 yrs 10 mos exp
Quality AssuranceAutomationTest ManagementTest Automation
Pratik G.

Pratik G.

Security Engineer

at eGain Corporation

Sunnyvale, United States5 yrs 1 mo exp
Cloud Security ArchitectureIAM Governance & Access ControlRisk Assessment & ManagementThreat & Vulnerability ManagementSecurity Controls Implementation & Validation
vishal sharma

vishal sharma

Product Security Engineer

at Newt Global

Bengaluru, India3 yrs 7 mos exp
Application SecurityVulnerability Assessment
Pavan Birlangi

Pavan Birlangi

SDE Intern

at Linux Socials

Bengaluru, India0 mo exp
Databases