M

Mukul Lohar

DevOps Engineer

Bengaluru, Karnataka, India7 yrs 10 mos experience

Key Highlights

  • Led security initiatives at major tech companies.
  • Recognized in hall of fame by Facebook and Google.
  • Expert in secure SDLC and vulnerability management.
Stackforce AI infers this person is a SaaS security expert with a strong focus on vulnerability management and secure development practices.

Contact

LinkedIn

Skills

Core Skills

Cloud SecuritySecure SdlcPenetration TestingSecure Code ReviewRisk AssessmentDevsecopsVulnerability ManagementSoftware Development

Other Skills

Threat ModelingLarge Language Models (LLM)Public SpeakingJSON Web Token (JWT)White PapersBlack Box TestingWhite Box TestinggRPCHashiCorp VaultBurp SuitemTLSGraphQLSASTDASTContinuous Integration and Continuous Delivery (CI/CD)

About

As a Sr Product Security Engineer at ServiceNow, I contribute to the product security testing team and ensure the security of the ServiceNow store application and platform. Previously, I was a Sr Application Security Engineer at Tokopedia, where I contributed to the SSDLC, DAST, and SAST initiatives. I worked on security automation, threat modeling, cryptography, and secret management, using Golang, NSQ, GRPC, PKI, BurpSuite Enterprises, mTLS, and CodeQL. I also discovered and reported vulnerabilities in Tokopedia, Facebook, Google, and Yahoo, and earned multiple hall of fame recognitions from Facebook and Google.

Experience

7 yrs 10 mos
Total Experience
1 yr 9 mos
Average Tenure
9 mos
Current Experience

Godaddy

Senior Security Engineer

Aug 2025Present · 9 mos · Bengaluru · Remote

  • Driving secure architecture reviews and threat modeling of critical applications
  • Secure code review of applications written in JS, Golang , Java
  • AI , LLM and MCP agentic security
  • Writing automations , PCI DSS
  • AWS Cloud Security
Threat ModelingLarge Language Models (LLM)Secure Code ReviewSecure SDLCPenetration TestingCloud Security

Servicenow

Senior Security Engineer

Jan 2023Aug 2025 · 2 yrs 7 mos · Hyderabad · On-site

  • Handling platform security reviews from Utah to Zurich releases
  • Led security deep dives of mission-critical components of ServiceNow
  • Collaborated with the DevSecOps team to improve SAST rules
  • Secure code reviews and pentesting of ServiceNow Store applications
  • Wrote security white papers and spoke at organization wide security conferences
  • Discovered internal attack vectors and developed pentesting methodologies
  • Internal research led to discovering CVE in OWASP Java HTML Sanitizer library CVE-2025-66021
  • https://github.com/OWASP/java-html-sanitizer/security/advisories/GHSA-g9gq-3pfx-2gw2
Penetration TestingSecure Code ReviewLarge Language Models (LLM)Public SpeakingJSON Web Token (JWT)Risk Assessment+3

Tokopedia

Senior Security Engineer

Oct 2021Jan 2023 · 1 yr 3 mos · Hyderabad · Remote

  • Led enterprise-scale DAST integration and write mircoservice to automate security testing into Jenkins CI/CD pipelines.
  • Designed and implemented end-to-end vulnerability management workflows with JIRA, including custom Burp extensions and automation.
  • Built scalable security tooling in Golang (gRPC, NSQ, mTLS) including multi-channel notification systems.
  • Strengthened application security posture via SAST/DAST validation, dependency reviews, and integrations with GitHub Advanced Security and secret management systems.
Cloud SecuritygRPCHashiCorp VaultThreat ModelingVulnerability ManagementBurp Suite+6

Loginsoft

Security Engineer

Mar 2021Oct 2021 · 7 mos · Hyderabad, Telangana, India · Remote

Orbis vis incorporated

Software Engineer

Jul 2018Mar 2021 · 2 yrs 8 mos · Ahmedabad, Gujarat, India · Remote

  • Apache SOLR , ELK
  • NGINX, Docker
  • Python , Scala , Bash
  • QGIS , Geo Spatial
  • REST
ScalaSolrGitKibanaPython (Programming Language)Software Development

Jk lakshmi cement ltd.

Industrial Trainee

Jun 2015Aug 2015 · 2 mos · Sirohi, Rajasthan, India · On-site

Education

Rajasthan Technical University

Bachelor of Technology (B.Tech.) — Mechanical Engineering

Jan 2012Jan 2016

Stackforce found 100+ more professionals with Cloud Security & Secure Sdlc

Explore similar profiles based on matching skills and experience

Mukesh chaudhari

Mukesh chaudhari

Application Security Manager

at Paytm

India10 yrs 2 mos exp
Penetration TestingVulnerability Assessment
Arun Yadav

Arun Yadav

Senior Security Engineer

at Spare

Bengaluru, India7 yrs 6 mos exp
Detection EngineeringSecurity Incident ResponseSecurity OperationsVulnerability Management
Abhishek Jaiswal

Abhishek Jaiswal

Security and AI

at Confidential

Bengaluru, India6 yrs exp
API SecurityApplication SecurityVulnerability Disclosure ProgramVulnerability Management
Suchith Narayan

Suchith Narayan

Staff Security Engineer

at Razorpay

Bengaluru, India8 yrs 4 mos exp
Karthik B.S

Karthik B.S

Director of Product Security

at Finastra

Orlando, United States13 yrs 2 mos exp
Application SecurityCyber SecurityDevSecOpsInformation SecurityPenetration Testing
PN

Prateek Nikhare

Security Engineering Manager

at ZS

Pune, India11 yrs 11 mos exp
DevSecOpsProduct SecuritySecurity ConsultingVulnerability Assessment
Prashanth Reddy (Praseudo ®)

Prashanth Reddy (Praseudo ®)

Lead Security Engineer (Product Security)

at Head Digital Works

Hyderabad, India11 yrs 4 mos exp
DevSecOpsPentestingAutomationPenetration TestingSecurity Engineering
Hashir K K

Hashir K K

Security Engineer

at Qualcomm

Bengaluru, India6 yrs 1 mo exp
Vulnerability DetectionSoftware Countermeasures