Summary
Overview
Work History
Education
Skills
Websites
Certification
Volunteering Leadership
Awards Scholarships
Interests
Timeline
Generic

Karthikeyan K

Cybersecurity Leader
Chennai

Summary

Strategic and results-oriented cybersecurity professional with over 14 years of experience. Adept at providing visionary leadership to security teams, fostering collaboration, and developing highly skilled professionals. Instrumental in aligning security strategies with business objectives and ensuring compliance with regulatory standards. Proven expertise in Application security, Pentesting/offensive security, data privacy,risk management, incident response, and effective budget oversight. Skilled in guiding product security initiatives, supporting penetration testing teams, and implementing robust controls. Committed to promoting a security-conscious culture, overseeing vendor relationships, and maintaining a strong security posture. Exceptional track record in building and implementing comprehensive security governance frameworks. Presently, overseeing cybersecurity for 4 business units at Logitech, having established their security framework from inception and elevating their security posture to 60% within a two-year timeframe.

Overview

14
14
years of professional experience
4
4
Certifications
4
4
Languages

Work History

Senior Engineering Manager(Product Security)

Logitech
4 2021 - Current
  • Led Security Risk Assessment effort for products, collaborating with cross-functional teams, resulting in 25% decrease in security threats
  • Own the development and implementation of risk mitigation strategies and incident response plans
  • Increased product security by 80% by leading a team of developers to solve issues in our Tech stack using open source and commercial tools
  • Developed and executed strategic plan for PWS and Gaming security, resulting in 25% decrease in security incidents and improved customer trust
  • Streamlined compliance efforts by developing efficient processes and frameworks, leading to a 50% reduction in compliance-related incidents
  • Conduct and verify security reviews by managing the team,that includes building threat models, security testing for the new features
  • Implemented effective security strategies by defining product specification and development roadmap, resulting in a 60% increase in customer trust
  • Implemented proper SSDLC process across all projects and integrated tools like SAST,DAST and SCA in the pipeline .
  • Managing bug bounty platforms , performing external pentesting with the help of vendors
  • Mentored and trained team of 10 security professionals, leading to a 75% increase in team's knowledge and expertise, resulting in better protection of company's products
  • Effectively Managing the budget to allocate bug bounty programs, tools procurement and external audits
  • Improved security practices by producing and implementing training resources resulting in a 40% decrease in data breaches.

Lead security engineer

Freshworks
01.2019 - 03.2021
  • Perform cyber architecture reviews in alignment with requirements
  • Take part in projects to ensure the proposed/implemented architecture is in line with security requirements
  • Review existing architectures to identify opportunities to incorporate innovative approaches including Cloud Security Architecture, Mobile Platforms and Secure Web Gateway (e.g
  • API Security)
  • Develop Threat Models that enumerate cybersecurity threats by attack surface
  • Document and verify the existing security mitigations and identify if additional mitigations are required for our products
  • Led 12+ engineers to conduct pentesting, improving security of 20+ products and platform services, resulting in 30% decrease in security incidents
  • Improved product SDLC maturity by 50% through implementation of software assurance maturity model (SAMM).

Deputy Manager- Information security

Hexaware Technologies
06.2017 - 01.2019
  • Implemented enhanced security measures resulting in 20% decrease in identified risks and vulnerabilities
  • Minimized data breaches by 50% by ensuring strict adherence to relevant data protection laws and regulations
  • Developed & maintained an incident response plan, reducing downtime by 25% & improving business continuity
  • Governed security management of third-party vendors, resulting in compliance with industry standards and increased trust.

Security Team Lead

Hexaware Technologies
02.2016 - 06.2017
  • Providing solutions to clients based on their security requirements
  • Delivering Vulnerability assessment and penetration testing engagements for clients
  • Giving training to development teams and functional tester about secure coding standards
  • Expert in finding vulnerabilities in web applications using static analysis at the code level and dynamic analysis based on standards like OWASP TOP 10 and SANS 25 using manual and automated tools
  • Designing framework and methodology to assess the security posture of the Internet of things ecosystem
  • Expert in finding vulnerabilities for web and Mobile applications platforms like android, IOS,Dot net, and java
  • Expertise in tools like IBM appscan,Acunetix,Checkmarx,HP Fortify,Metasploit framework,Burp suite,Appscan source,nmap,nessus,nexpose
  • Responsible for Writing threat model and abuse cases for the client projects at requirement phase in waterfall and agile
  • Hands-on experience in IOT security testing using hardware tools like JTAGenum, HACKRF, Ubertooth, Zigbee killer.

Security Analyst

Cognizant
11.2014 - 02.2016
  • Performed Network Security Assessment of 3000+ servers of World's Largest Airlines, Insurance, Telecom, Retails companies
  • Performed Web and Mobile Application Security Assessment of 60+ applications of Leading Banking, Airlines, telecommunication and Insurance clients
  • Performed Servers, Networks, Desktops, Printers and Scanners and Firewall Security Assessment of Leading Healthcare Systems Service Provider
  • Delivered more than 20 projects for customers for tasks on Network Architecture Review and Vulnerability Assessment, Network Penetration Testing, Wireless Network Penetration Testing, Web Application Vulnerability Assessment and Web Application Source Code Review.

Senior engineer

HCL Technologies
08.2013 - 11.2014
  • Conducts web application vulnerability assessment, automated scanning (primarily using HP WebInspect, IBM Appscan, Checkmarx and Burp suite tools), and manual exploiting and validating of vulnerabilities identified to protect the web application from cyber-security attacks
  • Identified and resolved 50% more code vulnerabilities through automated tools and manual review, ensuring robust security measures
  • Streamlined vulnerability exploitation process resulting in 50% reduction in time and 75% increase in successful attacks
  • Mobile security assessments such as reverse engineering, traffic inspection, business logic testing, etc
  • Reporting, POC, Client coordination, Mitigation process, best practice.

Senior Software Engineer

Mphasis
09.2010 - 08.2013
  • Conducted 20+ penetration tests, source code reviews, and DASTs, uncovering critical flaws and providing actionable recommendations for enhanced security measures
  • Performing code reviews for security vulnerabilities
  • Mitigating the open issues as per the SLA
  • Documenting the fixes for future reference.

Education

Bachelor of Engineering - Electronics And Communications Engineering

Vel High Tech
Chennai
09.2006 - 2010.04

Skills

undefined

Certification

CISSP, ISC2, 06/2023, 07/2026

Volunteering Leadership

  • Defcon, Chapter Leader, Chennai, Tamilnadu, 11/2024, Present, As the leader of the DEFCON Chennai Chapter, I lead the organization of regular meetups, dynamic CTF (Capture The Flag) events, and inclusive gatherings that bring together professionals and students across diverse industry sectors. These initiatives aim to comprehensively explore all facets of cybersecurity. By fostering an environment of collaboration and knowledge exchange, our chapter serves as a platform for individuals to delve into cybersecurity topics, engage in hands-on CTF challenges, and connect with experts from various fields. The emphasis on inclusivity ensures that attendees, regardless of their background, gain insights into the multifaceted landscape of cybersecurity, making DEFCON Chennai a hub for learning, networking, and skill development.
  • OWASP, Chapter Leader, Chennai, Tamilnadu, 04/2021, Present, As the leader of the OWASP Chennai Chapter, I orchestrate and host regular meetups, unifying students and professionals within the cybersecurity realm. With a focus on fostering collaboration, these gatherings serve as a platform for sharing insights on diverse cybersecurity topics. By spearheading these events, I contribute to the growth of a vibrant community dedicated to advancing knowledge and best practices in cybersecurity. Through my leadership, the OWASP Chennai Chapter has become a hub for networking, knowledge exchange, and collective empowerment among cybersecurity enthusiasts, bridging the gap between academia and industry.
  • Educational institutions, Speaker, Engaged in delivering impactful speeches and workshops on the latest trends in cybersecurity, I have had the privilege of sharing insights with students at prominent educational institutions, including SRM, Saveetha, VIT, SSN, and St. Joseph, spanning across India. Through these sessions, I aim to empower students with cutting-edge knowledge, fostering a keen understanding of cybersecurity principles. This endeavor involves not only disseminating information on emerging trends but also encouraging a proactive approach towards addressing challenges in the dynamic landscape of cybersecurity.

Awards Scholarships

Batch topper, Mphasis, 09/2010

Interests

Cricket

Video Games

Reading business books

Timeline

Lead security engineer

Freshworks
01.2019 - 03.2021

Deputy Manager- Information security

Hexaware Technologies
06.2017 - 01.2019

Security Team Lead

Hexaware Technologies
02.2016 - 06.2017

Security Analyst

Cognizant
11.2014 - 02.2016

Senior engineer

HCL Technologies
08.2013 - 11.2014

Senior Software Engineer

Mphasis
09.2010 - 08.2013

Bachelor of Engineering - Electronics And Communications Engineering

Vel High Tech
09.2006 - 2010.04

Senior Engineering Manager(Product Security)

Logitech
4 2021 - Current
CISSP, ISC2, 06/2023, 07/2026
AWS Security specialty, AWS, 08/2021, 08/2024
CEH v12, ECCOUNCIL
CISA (In progress), ISACA

Similar Profiles

  • Chenrui Liu

    Chenrui LiuChenrui Liu

    Mechanical Engineering Intern at LogitechMechanical Engineering Intern at Logitech

    View Profile
  • Aman Nahal

    Aman NahalAman Nahal

    Head of Sales Finance & Sales Operations at LogitechHead of Sales Finance & Sales Operations at Logitech

    View Profile
  • Ian Padilla

    Ian PadillaIan Padilla

    Shipping and Receiving Associate (Office Support) at LogitechShipping and Receiving Associate (Office Support) at Logitech

    View Profile
Karthikeyan KCybersecurity Leader