About Me
With 8+ years of hands-on experience in the telecom and healthcare sectors, I am a seasoned Application Security Engineer skilled in various domains. My expertise lies in DevSecOps implementation, conducting comprehensive vulnerability analyses, writing secure code, and proficient application development.
Souradip Ghosh
I'm really good at:
AppSec & DevSecOps
DAST, SAST & SCA tools
SoC2, HIPPA, GDPR Compliance
GitHub Enterprise, Security, Actions
AWS (S3, Route 53, CM, Cloud Front), Azure
Web Application Penetration Testing, VAPT, Vulnerability Analysis
Burp Suite Professional Edition, OWASP ZAP, Kali Linux
JQuery, JavaScript, HTML, CSS
Experience Timeline
- 2023 – Present Lead Application Security Engineer, Capillary Technologies
- 2022 – 2023 SecDevOps Engineer, Telstra
- 2021 – 2022 DevSecOps Engineer, Medly
- 2018 – 2021 Security Compliance Engineer, Torry Harris Integration Solutions
- 2016 – 2018 Software Engineer, Torry Harris Integration Solutions
My Work
Experience
Open Source Projects
Vulnerabilities Fixed
Featured Blog Topics
Syncing Snyk with GitHub SCM using the Snyk API
In today's software development landscape, security is of paramount importance. Integrating security scanning tools into your development workflow can help identify vulnerabilities and ensure the safety of your codebase. Snyk is one such powerful security platform that helps developers find, fix, and monitor vulnerabilities in their open-source libraries and container images. In this blog post, we will explore how to sync Snyk with GitHub SCM using the Snyk API.
Security Champion Program At Medly - A step towards DevSecOps
DevOps enables rapid software development, but often neglects security. Introducing security champions ensures ongoing security focus, preventing production-stage delays caused by fixing identified vulnerabilities, and enhancing product quality.
My Resume
GitHub Projects
py-sqli
This application demonstrates SQL Injection vulnerabilities, improper access controls, and forced browsing attacks. The goal is to showcase how misconfigurations and insecure coding practices can lead to severe security breaches in web applications.
csp-evaluator
A simple Flask-based web application to evaluate Content Security Policy (CSP) headers for common security issues. It highlights missing directives, dangerous values, overly permissive configurations, and provides suggestions for modern security enhancements.
snyk-job-summary-action
This GitHub action creates a finding summary and an HTML report for Snyk GitHub Actions.
Check-JIRA-in-PR
A GitHub Action to verify if a valid Jira ticket exists in the commit messages or pull request title.
JSON-XML Things
A validator and formatter for JSON & XML with clipboard support and offline use.
Where I Work
Bangalore, India
Phone: +91 8951174685
Email: souradipGhosh@outlook.com
© 2025 Souradip Ghosh. All rights reserved.