Rohit Jangam

Client: TRYG (Denmark, Norway & Sweden)

Role Description:

• Leading security automation and AppSec governance across 150+ applications across Nordic regions.
• Integrated Snyk (SAST & SCA) into GitLab and Azure DevOps Repos, enabling continuous vulnerability detection across diverse codebases.
• Developed custom automated security pipelines that trigger scans on every commit, enforce severity-based gating, and block insecure builds.
• Published detailed scan logs and vulnerability insights to centralized reporting systems for real-time visibility.
• Worked with application teams to review architectures, analyze vulnerabilities, guide secure coding practices, and drive remediation efforts.
• Delivered clear, data-driven security dashboards and reports, ensuring scalable and consistent security coverage across all business units.

Client: Aon Plc (Global)
Role Description:

• Led onboarding of 100+ business-critical applications into Cloudflare with end-to-end security hardening.
• Configured WAF (managed/core rules), SSL/TLS, DDoS protection, bot rules, and rate limiting to secure global applications without impacting business continuity.
• Built a fully automated Azure DevOps + Terraform framework that standardized onboarding, eliminated manual configurations, and improved deployment consistency.
• Collaborated with application teams to analyze Cloudflare/WAF logs, troubleshoot issues, mitigate threats, and tune security rules.
• Enabled continuous improvement of the organization’s application security posture through automation, visibility, and proactive threat mitigation.

Client: ING Bank, Netherlands

Role Description:

• Specialized in API security by designing and developing advanced OPA Rego policies to enforce strict authorization and compliance rules across APIs.
• Built, tested, and validated policy sets in complex banking environments to prevent unauthorized access and ensure secure data flows.
• Integrated OPA policies into automated cloud infrastructure, enabling seamless policy enforcement through the client portal.
• Strengthened the bank’s API security posture by delivering scalable, automated and audit-ready policy frameworks.

Client: Selective Insurance, USA

Role Description:

• Assessed application security posture using the DevSecOps Maturity Model aligned to emerging OWASP Top 10 threats.
• Conducted AppSec posture interviews with application teams, gathering detailed inputs and analyzing current security practices.
• Produced comprehensive security posture reports and scoring frameworks across multiple applications to identify gaps and recommend remediation.
• Enabled teams to improve their overall AppSec maturity through structured assessment and clear, actionable findings.