Rishu Ranjan

DevOps Engineer

Delhi, India9 yrs 8 mos experience
Highly StableAI Enabled

Key Highlights

  • 9 years of experience in cybersecurity domain.
  • Contributed to OWASP Web Security Testing Guide.
  • Led security initiatives for major organizations.
Stackforce AI infers this person is a Cybersecurity expert with extensive experience in application security and vulnerability management.

Contact

LinkedIn

Skills

Core Skills

Application SecurityDevsecopsCloud SecurityVulnerability AssessmentCybersecurityVulnerability ManagementPenetration TestingInformation Security

Other Skills

AWS SecurityAcunetixAmazon Web Services (AWS)Artificial Intelligence (AI)AutomationBug Bounty Program TriagerBurp SuiteCC++CA/CRCommunicationEthical HackingInfrastructure SecurityJavaKubernetes

About

I have almost 9 years of experience in cyber security domain. Currently, working in PAR Technology focuses on advancing application security, emphasizing web application security, penetration testing, and secure code review. Leveraging OSCP certification and as an OWASP Web Security Testing Guide contributor, the organization enhances industry standards and resources. At Paytm, supported infrastructure security and vulnerability management programs using Qualys to assess risks and prioritize vulnerabilities. Enabled compliance audits aligned with RBI standards and led cloud posture security through CWPP. Holds a Master's in Informatics from the University of Delhi, with a dedication to driving impactful cybersecurity initiatives. "Experience of breaking CI/CD for Security"

Experience

9 yrs 8 mos
Total Experience
4 yrs 2 mos
Average Tenure
2 yrs 4 mos
Current Experience

Par technology

Senior Application Security Engineer

Apr 2025Present · 1 yr 2 mos · Gurugram · Hybrid

  • + Implementing SAST and SCA practices using Snyk to identify and remediate code vulnerabilities.
  • + Performing SAST, DAST and Network Security Vulnerability Assessment and Penetration Testing
  • + Working on Meta's Llama Guard for evaluating AI initiative for enterprise workflows, enhancing content moderation and security while actively learning and adapting to new challenges.
  • + Performing security audit for Amazon ECR container images for vulnerabilities and compliance.
  • + Performed PCI DSS v4.0 Compatibility Assessments by identifying compliance gaps and providing remediation guidance to align with updated security requirements.
  • + Involved in developing Statement of Procedures (SOPs), Service Level Agreements (SLAs) for VAPT
  • + Driving application security initiatives to ensure proactive security measures across CI/CD pipelines.
SecOpsDevSecOpsApplication SecurityArtificial Intelligence (AI)Cloud Security

Owasp® foundation

OWASP WSTG Contributor

Feb 2024Present · 2 yrs 4 mos

  • Contributor Acknowledgement - https://owasp.org/www-project-web-security-testing-guide/stable/1-Frontispiece/
  • Work -
  • https://owasp.org/www-community/attacks/Password_Spraying_Attack
  • https://owasp.org/www-community/attacks/Content_Spoofing

Paytm

2 roles

Security Lead

Promoted

Apr 2023Mar 2025 · 1 yr 11 mos

  • Led a team of 6 Security Engineers to optimize organizational security and enhance overall infrastructure protection.
  • Managed Paytm's Infrastructure Security and Vulnerability Management Programme via Qualys, analyzing risks and prioritizing vulnerabilities.
  • Conducted Security Configuration Assessments and Reviews (CA/CR) for multiple banks' mandates, ensuring compliance with RBI guidelines.
  • Managed Cloud Workload Protection Platform (CWPP) to secure cloud posture and identify potential security issues.
CybersecurityDevSecOpsApplication SecurityInformation SecurityProblem SolvingWeb Application Security Assessment+4

Senior Security Engineer

Apr 2021Mar 2023 · 1 yr 11 mos

  • + Performed SAST, DAST and Network Security Vulnerability Assessment and Penetration Testing
  • + Led Vulnerability Management via Qualys for analyzing risk and prioritization of vulnerabilities, validating vulnerability reports and driving remediation.
  • + Involved in developing Statement of Procedures (SOPs), Service Level Agreements (SLAs) for VAPT
  • + Managed AWS Infrastructure for security operations
  • + Delivered Information Security Awareness Training
  • + Developed in-house automated tools and scripts for assessment using Python and Bash
Penetration TestingAWS SecurityAmazon Web Services (AWS)CybersecurityInfrastructure SecurityBug Bounty Program Triager+9

Safe security

4 roles

Senior Security Analyst I

Promoted

Jul 2020Apr 2021 · 9 mos

  • + Handled Customer communications and internal resources.
  • + Managed a team of 11 resources and training and leading the team for AppSec service line.
  • + Performed Web Application Vulnerability Assessment and Penetration Testing and Source Code Reviews using both automated and manual tools.
  • + Developed in-house automated tools and scripts for assessment using Python and Bash.
Penetration TestingCybersecurityVulnerability AssessmentInformation SecurityProblem SolvingWeb Application Security Assessment+1

Security Analyst III

Promoted

Jun 2018Jun 2020 · 2 yrs

  • + Managed services' work flow design and report integration with Company's Product- SAFE.
  • + Handled Customer communications and managing internal resources.
  • + Managed a team of 6 resources, including 4 mid senior and 2 junior security analysts.
  • + Recruited, Mentored and Managed the team of highly efficient security professionals.
  • + Conducted vulnerability assessment of web applications to ensure adherence to the security as per industry standards.
  • + Performed Red Team Assessment for the client.
Penetration TestingCybersecurityInfrastructure SecurityVulnerability AssessmentInformation SecurityProblem Solving+1

Senior Associate

Promoted

Jun 2017May 2018 · 11 mos

  • + Worked on vulnerability assessment and penetration testing on more than 100+ web applications, Restful API/Web services, and thick client applications and Network Penetration testing.
  • + Performed Security Assessment of Company's Product- SAFE (Security Assessment Framework for Enterprise).
Penetration TestingCybersecurityVulnerability AssessmentInformation SecurityProblem SolvingWeb Application Security Assessment

Associate

Jun 2016May 2017 · 11 mos

  • + Worked on multiple projects from Web Application, mobile to Network Security with finding security vulnerabilities.
  • + Providing code level fixes or exact vendor released patch to mitigate identified vulnerabilities to the developers.
  • + Performed black box and grey box security testing of web applications to identify, qualify, and prioritize risks.
CybersecurityVulnerability AssessmentInformation SecurityWeb Application Security Assessment

Education

Institute of Informatics and Communication, University of Delhi

M.Sc.Informatics — Informatics

Jan 2014Jan 2016

Atma Ram Sanatan Dharma College

Bachelor’s Degree — Electronics

Jan 2011Jan 2014

Kendriya Vidyalaya

Intermediate — Elementary Education

Jan 2004Jan 2011

Stackforce found 100+ more professionals with Application Security & Devsecops

Explore similar profiles based on matching skills and experience

Nikhil Betke

Nikhil Betke

Full Stack Developer

at UBS

Pune, India5 yrs 10 mos exp
Back-End Web DevelopmentDatabase DevelopmentMicroservicesJava DevelopmentFront-End Web Development
Shajakhan Kamalmydeen

Shajakhan Kamalmydeen

Sr Staff IT Architect

at Thermo Fisher Scientific

Bengaluru, India17 yrs 6 mos exp
Technical Solution DesignEnterprise Solution DesignNetwork DesignData Center Infrastructure
Karthikeyan M

Karthikeyan M

Engineering Technical Lead

at Cisco Systems (India) Pvt. Ltd.

Bengaluru, India20 yrs 3 mos exp
Cloud-Native ArchitectureSite Reliability EngineeringTechnical EngineeringCloud EngineeringTechnical Support
Anvith S Gowda

Anvith S Gowda

Senior Backend Engineer

at Test Yantra

Gurugram, India4 yrs 5 mos exp
JavaSpring BootMicroservices ArchitectureApache Kafka
Macha Rushikesh Reddy

Macha Rushikesh Reddy

DevOps Engineer

at PDI Technologies

Telangana, India3 yrs 6 mos exp
AWSDevOpsKubernetesCloud Computing
Hassan K.

Hassan K.

Deputy General Manager | Cloud Solutions Architect – DevSecOps

at iDigiCloud Technologies

Mumbai, India13 yrs exp
Cloud ArchitectureDevSecOpsDevOpsSystem Administration
Jayesh Solanki

Jayesh Solanki

Network Architect

at Tata Consultancy Services

United Kingdom9 yrs 4 mos exp
Prashanthkumar M

Prashanthkumar M

Expert Engineer

at Eviden

Bengaluru, India9 yrs 3 mos exp
Vulnerability ManagementVulnerability Assessment