Myself, Aseem. I work as a Security Engineer at Rippling.
My usual work week involves :
- Automating SecOps : Building automation using Golang or Python to effectively manage infrastructure security at scale.
- Code Review : Some PR changes going to production.
In the past, at Gojek I worked in ProdSec team, working on :
- Compliance as Code : This is a framework I wrote from scratch using Golang, to run automated CIS checks on our GCP infra, which spans 250+ projects. Also auto remediating any non-compliant resources. It has been running in production since the past 5 months without any downtime. Runs on Google Cloud Run.
- Android and Web App Pentesting : Pentesting any feature release in the GoJek web API backend and GoJek Android application.
- Code and Design Reviews : Code and design reviews for any feature release in the GoJek API or mobile application.
- Red Teaming : Finding critcal vulnerabilities and escalated privileges to cover any loopholes in the whole GoJek ecosystem.
In my free time, I teach about cybersecurity on my youtube channel HackingSimplified, develop security projects in python, tinker with IoT security, read books 📚, play games 🎮, run 🏃♂️ and bicycle 🚴♂️.