Summary
Overview
Work History
Education
Skills
Timeline
Generic

Antara Maheshwari

Bengaluru

Summary

Software engineer with over 3.5 years of experience integrating security into every phase of the software development lifecycle. Skilled in automating SAST, DAST, and SCA tools (Checkmarx, SonarQube, 42Crunch, FOSSA) within CI/CD pipelines to ensure secure, compliant releases. Proficient in cloud-native security using GCP, Kubernetes, and secret management tools, like Secret Manager and CredHub. Strong background in Java development, API testing (Postman), and Infrastructure as Code (Terraform). Proven track record of reducing vulnerabilities and improving code quality across distributed systems.

Overview

4
4
years of professional experience

Work History

Software Engineer

Tech Mahindra
08.2022 - Current
  • Implemented FOSSA SCA (Software Composition Analysis) in the development workflow, remediating 100% of critical license and security violations.
  • Integrated SAST tools (Checkmarx, SonarQube) into the CI/CD pipeline to automatically detect and resolve code vulnerabilities during development, reducing security issues by 70%.
  • Conducted DAST using 42Crunch and Postman security testing to identify runtime API vulnerabilities, achieving a security score of 85%.
  • Analyzed and remediated findings from dynamic testing tools, improving API resilience and ensuring conformance to OWASP API Security Top 10.
  • Configured automated scans to identify code smells, insecure coding patterns, and OWASP Top 10 vulnerabilities, ensuring secure and compliant builds.
  • Automated build and deployment using OpenShift Pipelines (Tekton), integrating static/dynamic security scans and open-source compliance checks, enabling secure and rapid delivery in a containerized environment
  • Migrated hardcoded secrets to GCP Secret Manager, implemented IAM policies to secure access, and integrated secret retrieval in CI/CD pipelines for secure deployments across environments.
  • Created and managed cloud infrastructure using Terraform, enabling reproducible and version-controlled deployments across dev, staging, and production environments.

Associate Software Engineer

Tech Mahindra
09.2021 - 08.2022
  • Migrated encrypted passwords in the code to credhub, ensuring security and compliance.
  • Resolved cycode issues of all severities, including 70% of high and critical priority cases.
  • Integrated 42crunch API security scan into the workflow, identified and resolved all detected issues, resulting in a significant improvement and achieving a security score of 85. This ensures better protection against vulnerabilities and security best practices.
  • Addressed FOSSA scan issues by reviewing dependencies and ensuring proper license compliance.
  • Successfully reduced Checkmarx security issues by 70% by proactively identifying vulnerabilities, applying remediation measures, and optimizing code quality.

Education

Bachelor of Technology - Information Technology

Dr B C Roy Engineering College
08-2021

Skills

Java

Spring Boot framework

JIRA management

PostgreSQL

Static application security testing

Software composition analysis

Dynamic application security testing

Google Cloud Platform

Containerization with Docker

Orchestration using Kubernetes

Continuous integration and delivery

Security compliance standards

Infrastructure as code

Timeline

Software Engineer

Tech Mahindra
08.2022 - Current

Associate Software Engineer

Tech Mahindra
09.2021 - 08.2022

Bachelor of Technology - Information Technology

Dr B C Roy Engineering College

Similar Profiles

CREATE PROFILE
Antara Maheshwari