Asha Rani Muniswamappa
San Jose
Summary
Dynamic security leader with extensive experience at JPMC, specializing in application security and risk management. Proven track record in implementing automated security solutions and conducting threat modeling. Exceptional communication skills and a strong ability to mentor teams, driving compliance with industry standards while enhancing overall system defenses.
Overview
14
14
years of professional experience
1
1
Certification
Work History
VP/ Lead Security Engineer
JPMC
Palo Alto
09.2022 - 12.2024
- Built an application security program as part of the product security team to strengthen overall system defense mechanisms.
- Provided technical direction for development, engineering, interfacing, integration, and testing of system components.
- Executed threat modeling with STRIDE methodology early in SDLC to evaluate product security posture.
- Integrated automated security solutions into CI/CD pipelines through effective tool implementation.
- Implemented Snyk for comprehensive software analysis across various security dimensions.
- Delivered technical design support for system acquisition and decision support systems to stakeholders.
- Deployed WAF policies to enhance web application security measures.
- Collaborated with cross-functional teams to identify and resolve emerging security issues.
- Developed comprehensive risk management strategies aligned with corporate objectives.
- Oversaw budget allocations to ensure alignment with organizational goals and priorities.
- Identified problems and implemented solutions to better streamline operations.
- Maintained relationships with key stakeholders by attending meetings and responding promptly to inquiries or requests for information.
- Hired, trained, and mentored staff members to maximize productivity.
- Oversaw technological improvements, successfully reducing waste and eliminating business bottlenecks.
- Conducted risk assessments to identify and mitigate security weaknesses.
- Evaluated and deployed security tools to protect sensitive financial data.
- Investigated security breaches, evaluated risk factors, and developed remediation plans.
- Conducted periodic vulnerability scans using automated tools to detect weaknesses in the systems.
- Developed and implemented security policies, standards, and procedures.
Staff Product Cybersecurity Engineer
Intuitive
Sunnyvale
08.2019 - 09.2022
- Actively engaged as core member of Pre-Market product security team, driving system security initiatives.
- Led technical direction across development, engineering, integration, and testing activities for components.
- Applied STRIDE methodology for thorough threat modeling to evaluate product security within SDLC.
- Collaborated with diverse teams to identify and mitigate security-related challenges.
- Offered design support for system acquisition specifications and developed proof-of-concept prototypes.
- Managed vendor relations while instructing them on internal processes and compliance protocols.
- Guided junior team members through mentorship during their onboarding and professional growth.
- Directed 510k submissions while ensuring compliance with regulatory and cybersecurity standards.
Lead Security Engineer
Yapstone Holdings Inc
Walnut Creek
10.2017 - 08.2019
- Contributed as a core member of the product security team in an agile environment.
- Executed vulnerability assessments by scrutinizing product designs and architectures.
- Formulated threat models that informed early-stage security posture evaluations in SDLC.
- Implemented automated security tools in CI/CD pipeline to optimize workflow efficiencies.
- Fostered collaboration with cross-functional teams for effective enforcement of security measures.
- Supported developers through secure coding guidelines and tracked resolution of identified issues.
- Crafted security standards that align with organizational policies while ensuring compliance with PCI DSS and GDPR.
- Oversaw grooming of security stories in JIRA, facilitating targeted developer efforts for remediation.
Assistant Manager/Consultant/Associate Consultant, Technology
KPMG India
Bangalore
05.2012 - 08.2016
- Recognized with Encore 'Above & Beyond' award for outstanding project contributions under stringent deadlines.
- Achieved CERT - In certification for KPMG India as part of core team efforts.
- Led information security assessments for diverse clients in India and abroad.
- Conducted comprehensive Application Security assessments, VAPT, and Cloud Security evaluations.
- Oversaw Secure Code Reviews, IS Policy creation, and review of IT General Controls.
- Engaged in business development to enhance Cyber Security Practice outreach.
- Managed VAPT engagements to identify vulnerabilities and recommend tailored implementation strategies.
- Directed project management activities including budgeting, requirements gathering, and team leadership during engagement.
- Organized training sessions for staff on company policies and procedures.
- Contributed to preparing reports for senior management review meetings.
- Provided guidance and support to junior staff members on daily tasks, projects, and objectives.
- Provided leadership, insight and mentoring to newly hired employees to supply knowledge of various company programs.
- Created and managed budgets for travel, training, and team-building activities.
- Assisted in developing operational strategies to improve team performance and efficiency.
- Maintained positive working relationship with fellow staff and management.
- Planned and delivered training sessions to improve employee effectiveness and address areas of weakness.
Security Engineer
Paladion Network
12.2010 - 04.2012
- Conducted web application vulnerability assessments and penetration testing for national and international clients.
- Executed infrastructure penetration testing to identify security gaps and enhance defenses.
- Performed mobile application security testing, thick client testing, and SAP testing.
- Reviewed configurations of network devices and servers to ensure compliance with security standards.
Education
Bachelor of Engineering - Computer Science
VTU
Belgaum, IndiaSkills
- Application security expert
- Excellent understanding of the application security concepts
- Excellent communication skills, presentation skills and interpersonal skills
- Ability to maintain a great rapport with the clients and internal stake holders
- Great leadership qualities and a good team player
- Application Security tools such as Burp Professional, Acunetix, IBM App scanner, Qualys, SOAP UI Pro, SQLMAP, Nikto, Postman, Cenzic Hailstorm, REST API, OWASP CSRF tester;
- Proxy or Sniffing tools such as Wireshark, Fiddler, burp, ZAP, Echo mirage;
- Static code analysis tools like SonarQube, Sonar lint, Veracode, Snyk, IBM App Scanner, HP Fortify etc
- Software Composition Analysis tools like JFrog, Snyk, Blackduck etc
- Log management tools such as Splunk, Elk;
- Network Scanners/Tools such as Nessus Professional, Qualys, nmap, OpenSSL, sslscan, ike-scan, putty, Kali Linux
- Threat Modeling tools such as Microsoft Threat Modeling Tool, OWASP Threat Dragon, Irius Risk etc
Certification
- ECSA(EC-Council certified Security Analyst)
- Trained Personnel for Plynt Certification
- Advanced Android Hacking - nullcon
- PCI-DSS from Cybrary
- CISSP & CCSP from Simplilearn
Key Roles
- Project Management: Prepared project plans, statements of work, timesheets and final reports for different security engagements. Managed teams for remote and onsite security projects. Handled internal stake holder and clients for multiple security related engagements and helping the clients to reduce the security risk posture of their organization.
- Coordination: Acted as a single point of contact and lead and managed security teams for different security projects. Managed multiple vendors.
- Mentor: Trained new employees regarding the process and latest technology relevant to information security and trained and mentored new employees and juniors on Information Security.
- Business Development: Involved in pre-sales support, scoping, resourcing, cost and effort estimation as well as other aspects of business development. Developed business proposals leading to client wins. Handled internal stake holders and clients which has facilitated winning multiple security related engagements.
Timeline
VP/ Lead Security Engineer
JPMC
09.2022 - 12.2024
Staff Product Cybersecurity Engineer
Intuitive
08.2019 - 09.2022
Lead Security Engineer
Yapstone Holdings Inc
10.2017 - 08.2019
Assistant Manager/Consultant/Associate Consultant, Technology
KPMG India
05.2012 - 08.2016
Security Engineer
Paladion Network
12.2010 - 04.2012
Bachelor of Engineering - Computer Science
VTU
Similar Profiles
Divit PatelDivit Patel
Software Engineer at JPMCSoftware Engineer at JPMC
Gemma StevensonGemma Stevenson
Line of Business Escalations Analyst, FinCrime at JPMCLine of Business Escalations Analyst, FinCrime at JPMC
Hiranmai Andru SAP MM ConsultantHiranmai Andru SAP MM Consultant
SAP MM Consultant at JPMCSAP MM Consultant at JPMC
Mauro VillegasMauro Villegas
Digital Products Management at MastercardDigital Products Management at Mastercard