Summary
Overview
Work History
Education
Skills
Accomplishments
Timeline
Generic

Sahad NK

Lead Security Engineer
Bangalore

Summary

Experienced security engineer with 6.5 year proven track record in securing web & mobile applications, APIs & cloud infrastructure. Recognized bug bounty hunter, acknowledged by top companies such as Facebook, Microsoft, and Sony. Skilled in identifying, mitigating, and preventing security vulnerabilities. Possesses strong communication skills enabling the clear and effective explanation of complex technical details to diverse audiences.

Overview

7
7
years of professional experience

Work History

Lead Security Engineer

Flipkart
03.2021 - Current
  • Performed security reviews of applications, systems, and infrastructure to identify and mitigate potential vulnerabilities in business critical applications and services
  • Led the Static Application Security Testing (SAST) program in Flipkart using CodeQL and Snyk
  • Provided security architecture reviews and recommendations for enhancements and new initiatives
  • Implemented mobile security measures to protect against mobile-specific security threats
  • Ensured security in CI/CD pipelines, identifying and addressing potential security issues in the earlier stage of SDLC.
  • Conducted Open Source Software (OSS) security assessments and implemented necessary controls to block the introduction of vulnerable packages to code repository
  • Collaborated with development and operations teams to integrate security into the software development lifecycle (SDLC)
  • Implemented and managed security tools and solutions to monitor and protect systems
  • Contributed to the creation and maintenance of security policies and procedures
  • Documented security findings, recommendations, and solutions for management and stakeholders
  • Stayed informed about the latest security trends, threats, and best practices to continuously improve security posture.

Senior Application Security Specialist

Envestnet Yodlee
04.2019 - 03.2021
  • Identified, reported, and prevented security flaws in Envestnet Yodlee's code bases and acquisitions
  • Worked on cloud (AWS), Docker, and Kubernetes environments, maintaining internal security standards and best practices
  • Performed security reviews, improved internal security tools, and wrote API wrappers for pipeline integrations
  • Collaborated cross-functionally with development teams, architects, and different security teams
  • Presented internal talks, conducted tech sessions, and hosted Capture The Flag events.

Direct Contractor - Application Security Team

Envestnet Yodlee
10.2017 - 03.2019
  • Performed penetration testing for web applications, APIs, and mobile applications
  • Carried out source code reviews and worked with developers on secure coding practices
  • Documented and reported security issues to appropriate team members and management
  • Provided training to new hires within the team.

Education

Bachelor of Technology: Computer Science & Engg -

MES Institute Of Technology & Management
Kollam, Kerala
04.2001 -

Skills

DevSecOps, CI/CD, Android Security

undefined

Accomplishments

  • Acknowledged by Facebook (years 2013, 2014, 2015, 2016 & 2017) for responsibly disclosing security vulnerabilities in its various products and acquisitions. (https://www.facebook.com/whitehat/thanks/)
  • Got featured in TechCrunch, Mashable, NDTV, FinancialExpress and various other medias for finding a critical security issue linked to few of Microsoft Office products.
  • Listed in Microsoft Hall of Fame for finding and reporting critical security vulnerabilities. (September 2014, July 2018 and October 2018)

Timeline

Lead Security Engineer

Flipkart
03.2021 - Current

Senior Application Security Specialist

Envestnet Yodlee
04.2019 - 03.2021

Direct Contractor - Application Security Team

Envestnet Yodlee
10.2017 - 03.2019

Bachelor of Technology: Computer Science & Engg -

MES Institute Of Technology & Management
04.2001 -

Similar Profiles

CREATE PROFILE
Sahad NKLead Security Engineer