Divya Salu John
Bengaluru
Summary
Dynamic security leader with extensive experience at Flipkart, specializing in product security and architecture review. Expert in threat modeling and pentesting, I effectively guide engineering teams to adopt optimal security standards. Proven ability to deliver actionable security recommendations while fostering collaboration and training developers to enhance security awareness.
Overview
14
14
years of professional experience
Work History
Lead
CRED
07.2022 - Current
- Scan and assess vulnerabilities affecting infra and applications.
- Derive a contextualized view for the vulnerabilities to rightly prioritize the vulnerabilities and manage the scale of issues identified.
- Quarterly reports for compliance auditing and assessments
Senior Product Security Lead
Flipkart Internet Private
05.2017 - 06.2022
- Review the design and architecture for applications/services to be released
- Carry out threatmodeling and threat profiling for upcoming products and services.
- Create data and functionality map for the services to build context of the service and provide curated security recommendations for the product owners and developers.
- Guide the pentesting of the services and translate the risk and mitigations to the engineering owners.
- Build security gates and pipelines/processes for productionizing a service
- Provide security trainings for the developers.
Security Analyst
PA Consulting
05.2015 - 05.2017
- Pentesting and reporting for 100+ web applications and mobile apps
Pentest Analyst
Aujas
05.2014 - 05.2015
- Pentesting and onsite consulting for many banks and services in Bengaluru
Pentest Analyst
Paladion Networks
05.2011 - 05.2014
- Conducted penetration testing for 100+ web and citrix applications
- Prepared reports explaining the security issues and detailing the recommendations
- Onsite consulting in Malaysia and Bengaluru for many popular Indian and international banks.
- Worked as a consultant for a year with Sony
Education
Computer And Information Sciences
Sree Narayana Gurukulam College of Engineering
KeralaCertification - Offensive Certified Security Professional (OSCP)
Offensive Security
Certification - CREST Practitioner Security Analyst
CREST
United KingdomCertification - Certified Security Testing Associate
PA Consulting
United KingdomSkills
- Product security expert in reviewing product design and architecture
- Provide data and application security guidelines for building secure products
- Collaborate with the engineering leaders to apprise of security standards followed in the industry and embrace optimal security standards to be adapted
Timeline
Lead
CRED
07.2022 - Current
Senior Product Security Lead
Flipkart Internet Private
05.2017 - 06.2022
Security Analyst
PA Consulting
05.2015 - 05.2017
Pentest Analyst
Aujas
05.2014 - 05.2015
Pentest Analyst
Paladion Networks
05.2011 - 05.2014
Computer And Information Sciences
Sree Narayana Gurukulam College of Engineering
Certification - Offensive Certified Security Professional (OSCP)
Offensive Security
Certification - CREST Practitioner Security Analyst
CREST
Certification - Certified Security Testing Associate
PA Consulting
Similar Profiles
KARTHICK MKARTHICK M
AREA COLLECTION MANAGER at CREDAREA COLLECTION MANAGER at CRED
PUSHPANJALI PANSARIPUSHPANJALI PANSARI
Partnership Consultant at CREDPartnership Consultant at CRED
Kuldeep SurendraKuldeep Surendra
SENIOR SITE RELIABILITY ENGINEER at CREDSENIOR SITE RELIABILITY ENGINEER at CRED
Madhuri KonduruMadhuri Konduru
Assistant Manager at VodafoneAssistant Manager at Vodafone
Sandhya CSandhya C
Assistant Manager – People Advisory Services at Ernst and YoungAssistant Manager – People Advisory Services at Ernst and Young