SOUMYA ES  ·  Lead Cybersecurity Engineer  ·  12+ yrs

Principal
Pune12+ years experienceremote
Available within 48 hrs

About SOUMYA

Soumya ES is an accomplished Cybersecurity Engineer with over 13 years of experience in the Cyber Security domain. He has founded a cybersecurity startup and has a proven track record in implementing security strategies, conducting vulnerability assessments, and mentoring development teams on secure coding practices. His expertise spans across various security frameworks and methodologies, making him a valuable asset for any organization looking to enhance its security posture.

Core expertise

BP
BurpSuite Pro
tooling
9/10
SA
SAST
testing
9/10
DA
DAST
testing
9/10
NR
NIST RMF
tooling
8/10
GD
GDPR
tooling
8/10

Additional skills(9)

CBurpSuite ProSASTDASTNIST RMFIBM AppScan EnterpriseSoapUISSLScanSQLMap

Why hire SOUMYA?

Production deploy authorityMentored development teams

Founded a Cyber Security Startup providing consulting and solutions.

Implemented NIST RMF for a business unit, creating comprehensive risk documentation.

Managed the SmartThings Bug Bounty Program to enhance platform security.

Trained development teams on Secure Development practices across multiple engagements.

Conducted security assessments including manual and automated penetration testing.

Drove and oversaw security processes throughout the SDLC for 10+ different projects and teams.

Delivered specialized cyber security trainings and consulting services for multiple clients.

Conducted comprehensive security assessments including manual and automated penetration testing for various clients.

Project highlights(6)

Independent Information Security ConsultingIndependent Information Security Consultant

Overview: Provides independent information security consulting services for clients. Responsibilities: Conducts Vulnerability Assessments, Third Party Risk Assessments, and Threat Modeling. Performs Architecture Reviews and PenTesting (Manual, SAST and DAST). Develops Security Documentation for various client engagements.

BurpSuite ProSASTDAST

Key outcomes:

  • Delivered specialized cyber security trainings and consulting services.

  • Performed comprehensive security assessments including manual and automated penetration testing.

SmartThings IoT SecuritySenior Security Engineer - Testing and Assessment

Overview: Performed comprehensive security testing for the SmartThings IoT Platform. Responsibilities: Conducted Manual Pen Testing, SAST, DAST of web, mobile applications, microservices, and devices. Managed the SmartThings Bug Bounty Program to enhance platform security. Established security guidelines and documentation for all testing procedures and best practices.

SASTDAST

Key outcomes:

  • Managed the SmartThings Bug Bounty Program.

  • Established security guidelines and documentation for all testing procedures.

Cyber Security Strategy ImplementationSenior Security Engineer

Overview: Guided security strategy as a Business Information Security Officer based on central security team inputs. Responsibilities: Created Business Impact Analysis, Risk Assessment, and Mitigation Plan documentation for all projects. Tracked and reported the security status of projects to higher management.

NIST RMFSASTDAST

Key outcomes:

  • Implemented NIST RMF for the Business Unit and created comprehensive risk documentation.

  • Oversaw security processes across 10+ projects and teams throughout the SDLC.

Project 4Security Consultant

  • Conducted pen testing of web applications, web services, and mobile applications for clients.
  • Performed internal and external network infrastructure security reviews.
  • Conducted third-party vendor risk assessments to verify security posture and client requirements.
  • Presented findings along with detailed documentation, including vulnerability details and remediation techniques to clients.
BurpSuite Pro

Key outcomes:

  • Conducted internal and external network infrastructure security reviews.

  • Performed third-party vendor risk assessments, ensuring compliance with client requirements.

Project 5Software Security Intern

  • Performed dynamic vulnerability analysis of web applications.
  • Utilized tools such as Burp Proxy, IBM AppScan, SoapUI, SSLScan, SQLMap for analysis.
BurpSuite ProIBM AppScan EnterpriseSoapUISSLScanSQLMap

Key outcomes:

  • Gained hands-on experience with industry-standard dynamic analysis tools for web application security.

12+ years of industry experience

Cybersecurity5 projects
  • Independent Information Security ConsultingIndependent Information Security ConsultantBurpSuite Pro · SAST · DAST
  • SmartThings IoT SecuritySenior Security Engineer - Testing and AssessmentSAST · DAST
  • Cyber Security Strategy ImplementationSenior Security EngineerNIST RMF · SAST · DAST
  • ProjectSecurity ConsultantBurpSuite Pro
  • ProjectSoftware Security InternBurpSuite Pro · IBM AppScan Enterprise · SoapUI · SSLScan +1
Legal TechReported in resume

Ready to work with SOUMYA?

Onboard within 48 hours. No long hiring cycles, no recruiter middleman.

At a Glance

LocationPune
Experience12+ years
Work moderemote
Direct hirePossible
Start within48 hours
From$2,012/ month

Single contract. Billed in USD.

Typically responds within 4 business hours.

5-day replacement guarantee
48-hour onboarding, single invoice
Direct chat — no recruiter middleman

Top Skills

BurpSuite Pro
9/10
SAST
9/10
DAST
9/10
NIST RMF
8/10
GDPR
8/10
Seniority signals
Owns production deploysSystem ownerCode reviewerMentor / leads juniorsRecognised OSS contributor
VerifiedVetted by Witarist
Technical skills assessed & verified
Background & identity checked
English communication verified
Ready to onboard in 48 hours

Not sure if this is the right fit?

Tell us your requirements and we'll match you with the best candidates.

SOUMYA ES

Cybersecurity Engineer