Security Engineer (Application & Cloud) focused on threat modeling, secure design/code review, CI/CD security guardrails (SAST/DAST), incident response, and network security.
๐ M.S. Cybersecurity @ University of Delaware (GPA 3.96) โ research on secure EV charging protocols (LIN-CP) & embedded security.
- Built secure boot + signed firmware for EVSE controllers; integrated memory-safety tooling & PR gates.
- Shipped cloud telemetry (AWS/GCP) with least-privilege IAM, secrets/KMS, audit logging, anomaly detection.
- Reported 80+ critical vulns (XSS, SSRF, RCE) via bug bounty programs.
Motto:
Build it secure. Break it better. Fix it faster.
Security focus: Application Security, Cloud Security, Secure SDLC, Threat Modeling, Network Security, Secure Code Review, VAPT, API Security, Risk Assessment, IAM / Secrets / KMS, SIEM / IDPS, Incident Response, Digital Forensics
๐ Certifications
- CEH โ Certified Ethical Hacker
- GCP Professional Cloud Security Engineer
- CRTP โ Certified Red Team Professional
- eJPT โ INE Junior Penetration Tester
๐ What I Actually Do
- Design: Threat models, security architecture reviews, secure SDLC guardrails
- Build: IaC & pipelines for SAST/DAST, secrets management, IAM boundaries
- Break: Pentesting (web/mobile), misuse cases, fuzzing, reverse engineering
- Respond: Alert triage, incident RCA, tabletop exercises
- Enable: Security playbooks, developer training, documentation
- Portfolio: https://5h4rk.me
- Email: [email protected]
- LinkedIn: /in/Gocharan
