Summary
Overview
Work History
Education
Skills
Accomplishments
Affiliations
Certification
Languages
Interests
Timeline
Career Experience
Tools
Generic
Bhushan Bhuvanagiri
Open To Work

Bhushan Bhuvanagiri

Summary

I hack, secure, protect, audit, and implement enterprise grade Cybersecurity solutions to protect companies from adversaries around the world. I am a CyberSecurity Enthusiastic who loves to implement best-in-class Security Solutions for my customers which leveraging artificial Intelligence in every aspect of my operations. With over 20+ years of experience and a Master's Degree in Information Security, I have also leveraged Gen AI in every aspect of IT operations to customers . Leveraging established frameworks, deploying streamlined operational models, devising impactful security strategies and leading teams up to 21 employees across 5 timezones, I ensure robust protection across all facets of business operations.

Overview

22
22
years of professional experience
1
1
Certification

Work History

Sr. AI Security Architect - Connected Car Technology

Toyota Motors
07.2024 - Current
  • Accountable and responsible to review the architecture of all Connected Car Technologies apps and Vehicle Telematics on-boarded to Toyota Vehicles.
  • Responsible to perform Application Security Testing on all apps within Connected Technologies on AWS/Azure/GCP and OCI Environments.
  • Responsible to perform security review on all Changes moving to the Production for all Vehicle Telematics application and Oracle Fusion applications affecting AWS and OCI environments by leveraging Oracle Fusion, Oracle Cloudguard, PowerBI, Azure Entra, IDCS, SailPoint IQ and more.
  • Responsible to develop and implement GenAI agents to perform Application Penetration Testing using GenAI. (Total annual Savings → $3.4Million USD)
  • Responsible to develop and implement GenAI agents to perform Firewall Request using a multi-layered Network Security Zones to authorize communications in a highly sensitive network environment. (Total annual Savings → $1Million USD)
  • Developed a fully autonomous process to perform residual risk calculation score, classify every application within the environment, propose if an application qualifies for Threat Modeling and generate a Application Security Certificate which highlights the current state of the application in an enterprise. (Total annual Savings → $2.3Million USD)
  • Responsible to evaluate, assess and validate changes made to the Vehicle Telematics and perform Cloud Architecture Security Accreditation for every app moving to Prod.
  • Responsible to create custom reports using PowerBI with Data originating from Dome9.
  • Responsible to use GLS queries within Dome9 to develop custom security controls.

Lead Application Security Program

Berkshire Hathway Energy
11.2022 - 04.2024
  • Managed and implemented advanced Cyber Security solutions to protect client's sensitive data from potential threats.
  • Designed comprehensive Cyber Security strategies leveraging Oracle Cloudguard to combat cyber threats, reducing risk and enhancing system resilience related to API Security, Cloud Infrastructure, Hexagon, Oracle Fusion Apps and SAAS solutions.
  • Implemented secure coding practices in multiple Coding Languages to enhance organizational cybersecurity posture.
  • Applied expertise in Intrusion Detection to regularly analyze and report on security incidents, significantly reducing risk for numerous clients.
  • Responsible to review and validate IAM rules enforced by Oracle IDCS, Cyberark, Hexagon and others for all on-prem access and create tickets on Archer and Servicenow.
  • Managed various cybersecurity audits and assessments leveraging the capabilities of GCP, ensuring optimal safety protocols were met.
  • Responsible to perform Manual Testing and automated testing using Veracode, Fortify and Terraform Linters.
  • Responsible to establish integrations with AWS Pipelines and & Azure DevOps.
  • Responsible to perform DAST scans using Rapid7 insight Appsec on Jenkins and Azure DevOps and generate GRC reports using OWASP, COBIT, ISO, MITRE ATT&CK & NIST framework.
  • Responsible to setup, configure and run Cloud GRC using Prisma Cloud, WAAS, AWS WAF, Azure WAF, F5-ASM (WAF), API Gatway, Bluecoat Proxy, Skybox, OCI, Oracle Fusion Security, Hexagon Security and more.
  • Responsible to perform Penetration Testing on Cloud facing Web apps written in Java or .NET frameworks and performing risk Assessment and Threat Modelling.
  • Responsible to provide secure development practices for applications on Kubernetes platforms such as VMWare Tanzu, OpenShift, AWS EKS and more.
  • Responsible to ensure security scans are remediated prior to Prod release in Cloud.
  • Responsible to setup security automation using Cortex XSOAR with Prisma Cloud.

Lead Application Security Program/Cloud Architect

Duke-Energy
11.2019 - 11.2022
  • Accountable and responsible to create Application Security Program from scratch.
  • Responsible to define the goals, objectives, scope and create a 3-5 year roadmap.
  • Managed and implemented advanced Cyber Security solutions to protect client's sensitive data from potential threats.
  • Designed comprehensive Cyber Security strategies to combat cyber threats, reducing risk and enhancing system resilience.
  • Implemented secure coding practices in multiple Coding Languages to enhance organizational cybersecurity posture.
  • Applied expertise in Intrusion Detection to regularly analyze and report on security incidents, significantly reducing risk for numerous clients.
  • Responsible to perform GRC while operating, maintaining and manage SAST products such as Checkmarx, SonarQube, Hexagon, SAP SecureCode, APIGEE, Skybox, etc.
  • Responsible to perform manual testing and automated SCA testing using NexusIQ.
  • Involved in performing integrations with Jenkins, Concourse, Azure DevOps & AWS Pipeline, Cortex XSOAR, McAfee Web Gateway, Trend Micro, F5-ASM (WAF), etc.
  • Responsible to evaluate the security of Java Spring boot based mobile applications for critical applications using JWT and Ping Identity Federation.
  • Developed comprehensive threat detection systems using GCP, significantly reducing potential security risks.
  • Responsible to evaluate and perform POC on 3rd Party risk assessment on all third party libraries using SCA.
  • Accountable and responsible to create custom reports using PowerBI & demonstrate business value on Sharepoint and use Fortify Web Scan for DAST scans.
  • Accountable and responsible to generate unified reports using PowerBI and RSA Archer based on the standards of OWASP, NIST, ISO, MITRE ATT&CK & COBIT regulations.
  • Responsible to ensure penetration testing was performed on all apps prior to production.
  • Responsible to re-architect, design, develop, operationalized & delivery of WAF Service using Signal Science.
  • Developed SOAR use cases on Cortex XSOAR by integrating various 3rd party products such as Splunk, MS Power Automate, Nexus, Checkmarx, Oracle OCI Security, Skybox, McAfee, Fastly, Hexagon Security etc.
  • Responsible to define metrics, stats, KPI's, KRI's, threshold triggers and risk analysis.
  • Accountable and responsible to perform threat modeling for each application & identify Attack vectors.
  • Responsible to demonstrate business value by removing manual intervention and generating stats to the executives.

Lead Vulnerability Management

SAP Labs
03.2018 - 11.2019
  • Led the design, development, and delivery of a comprehensive Vulnerability Management program across AWS and Azure environments.
  • Re-architected IAM with RSA and implemented MFA integration within Azure.
  • Conducted threat modeling, source code reviews, CVSS scoring, and risk assessments.
  • Oversaw on-prem to cloud infrastructure migration and validated security across app and infra layers.
  • Designed and managed F5 ASM and McAfee Web Gateway WAF solutions with custom rulesets.
  • Defined and automated SOAR use cases using Demisto, integrated with ServiceNow, Slack, and other tools.
  • Delivered security metrics, KPIs/KRIs, and compliance dashboards via PowerBI.

Lead Internal Software based Vulnerability Management

Morgan Stanley
04.2017 - 03.2018
  • Built a service for managing non-patchable vulnerabilities and large-scale incidents.
  • Assessed risks using CVSS v3; defined KPIs, KRIs, and remediation standards.
  • Automated security testing via CI/CD; enhanced protocols using diverse programming languages.
  • Reviewed source code and led remediation with BU stakeholders.
  • Developed SOAR workflows triggered by Splunk; managed patchable and emergency fixes.
  • Addressed critical infrastructure issues (Kerberos, LDAP, AD, Win10, etc.).
  • Reported metrics to leadership; documented plans in Archer/OpenPages.
  • Led cross-unit meetings and effectively negotiated risk solutions.

Sr. Information Security Advisor

Bombardier Aerospace
01.2012 - 01.2017
  • Led vulnerability management, application security, and incident response initiatives.
  • Ensured Bombardier and industry compliance across projects and infrastructure.
  • Developed security requirements using tools/tech like LDAP, SAML2, OAuth2, WAF, Fortify, Qualys, Splunk, Hexagon and more.
  • Performed threat modeling, risk assessments, and architecture/security reviews.
  • Managed secure IAM integration for AWS/Azure cloud migration.
  • Delivered FAA, CT, NIST & ISO compliance certifications.
  • Led SOAR automation using Demisto with Qualys, ServiceNow, Splunk, and McAfee.
  • Maintained F5 WAF policies and developed Python scripts for automation.
  • Held monthly security meetings and promoted internal policy compliance.
  • Montreal

Sr. Security Consultant

HSBC
01.2011 - 01.2012
  • Performed manual penetration testing and evaluated attack success rates on internal and external applications.
  • Executed exploits and conducted risk assessments using CVSS v2 scoring.
  • Conducted vulnerability and security assessments on web, mobile, API, and green screen applications at HSBC.
  • Analyzed false positives and managed exclusion processes.
  • Tested portal environments with J2EE, SSO, fraud management, virtual keyboards, and multi-factor authentication.
  • Used tools like WebInspect, Fortify, AppScan, BurpSuite, Rapid7, Nessus, and Qualys.
  • Executed attacks including XSS, SQL injection, and parameter tampering.
  • Managed client relationships and provided risk analysis with mitigation aligned to NIST, FIM, and MEI standards.
  • Vancouver

Java & .NET Developer / Security Engineer

Aviva Solutions
01.2009 - 07.2010
  • Developed Java and .NET applications supporting Aviva's Security Program aligned with company policies.
  • Reviewed security threats and assessed severity from bulletins for Aviva products.
  • Conducted threat analysis workshops and planned remediation per vendor release schedules.
  • Performed manual penetration testing and ensured secure code design in SDLC.
  • Created Secure Code Design standards, source code review services, and remediation plans.
  • Reviewed security architecture and implemented multi-layered network defense and access controls.
  • Led incident response activities including forensics, penetration testing, and vulnerability scans.
  • Developed infrastructure and security policies per ISO27002 standards.
  • Managed network security, firewall validation, and client relationships at senior levels.
  • Montréal

Web application Penetration Tester

ISAIX Technologies
01.2008 - 12.2008
  • Conducted manual penetration testing to ensure applications are free from common attacks.
  • Researched, implemented, and deployed internal security tools for enhanced system visibility.
  • Assessed vulnerabilities using CVSS standards and prioritized based on severity.
  • Performed both automated and manual security testing across Web, Mobile, API, and standalone apps.
  • Executed penetration testing on ISAIX's web banking platform using tools like AppScan, Metasploit, Nessus, Acunetix, and more.
  • Documented risks and delivered 3-level technical reports outlining vulnerabilities and proposed improvements.
  • Montréal

Java Developer

Auto TEC Embedded Solutions
08.2004 - 12.2006
  • Developed app security requirements based on OWASP, COBIT, ISO27000, and CVSS.
  • Conducted code reviews, security scans, and vulnerability assessments.
  • Deployed secure 3-tier Java apps with LDAP/Active Directory integration.
  • Implemented mitigative controls to address security threats.
  • Collaborated with internal teams and third parties for vulnerability remediation.
  • Built secure apps for banking, airline, and government sectors using Java, PHP, and .NET.
  • Led GE Money web banking project with ISO27000 compliance and mainframe integration.
  • India

Education

Masters of Engineering - Information Systems Security

Concordia University
Montreal, QC, Canada
12.2008

Skills

  • Cybersecurity strategy
  • Vulnerability assessment
  • Endpoint security
  • Security information and event management
  • Veracode
  • Checkmarx One
  • Qualys
  • Rapid7 InsightVM
  • CloudFlare
  • Akamai
  • Fastly/SignalScience
  • F5 ASM / AdvWAF
  • Microsoft Defender EDR
  • Microsoft Sentinel
  • Gitlab
  • Github
  • Bitbucket
  • Jenkins
  • CyberArk
  • Sailpoint IQ
  • Okta
  • ELK Stack
  • HP WebInspect
  • IBM AppScan
  • Fortify On-Demand
  • Nessus
  • Wireshark
  • FireEye
  • MacAfee
  • Tanium
  • Symantec SEP
  • SentinelOne
  • Algosec
  • ZAP
  • Cortex xSOAR Demisto
  • Illumio
  • Prisma Cloud
  • Oracle OCI
  • API Security APIGEE
  • Postman
  • Dome9
  • Hexagon
  • N8Nio
  • Make
  • Zapier

Accomplishments

  • Lead and implemented a fully autonomous Enterprise Risk Management Solutions across the business with over 1000+ applications saving over 1.5 Million in Cybersecurity Operations.
  • Lead and implemented fully autonomous AI-powered Penetration Testing Solution that performs Penetration Testing on application on a schedule. The solution saves over 3.4 Million in Cost savings to the Business.
  • Lead and accountable for a well oiled Application Security Program that helped improve DevOps pipeline visibility by 97%, security exposure by over 92% and provided overall security visibility of 98%.

Affiliations

  • ISACA
  • SANS
  • BSIDES
  • ISC2

Certification

  • GIAC: GWAPT
  • CRISC
  • CISM
  • CISSP (in-progress)
  • AWS & Azure Security
  • Six Sigma Green Belt
  • Qualys Certified
  • SCJP

Languages

English
Native or Bilingual
French
Professional Working
Hindi
Full Professional
Tamil
Professional Working
Telugu
Professional Working
Kanada
Professional Working
Punjabi
Limited Working

Interests

  • I participate in low-impact exercises to strengthen core muscles
  • Gym Workouts
  • Enjoy hobbies that combine physical activity with outdoor exploration
  • Camping
  • Hiking
  • Backpacking
  • App Development
  • Artificial Intelligence (AI) and Machine Learning
  • Animal Care

Timeline

Sr. AI Security Architect - Connected Car Technology

Toyota Motors
07.2024 - Current

Lead Application Security Program

Berkshire Hathway Energy
11.2022 - 04.2024

Lead Application Security Program/Cloud Architect

Duke-Energy
11.2019 - 11.2022

Lead Vulnerability Management

SAP Labs
03.2018 - 11.2019

Lead Internal Software based Vulnerability Management

Morgan Stanley
04.2017 - 03.2018

Sr. Information Security Advisor

Bombardier Aerospace
01.2012 - 01.2017

Sr. Security Consultant

HSBC
01.2011 - 01.2012

Java & .NET Developer / Security Engineer

Aviva Solutions
01.2009 - 07.2010

Web application Penetration Tester

ISAIX Technologies
01.2008 - 12.2008

Java Developer

Auto TEC Embedded Solutions
08.2004 - 12.2006

Masters of Engineering - Information Systems Security

Concordia University

Career Experience

  • IBovi Strategic Security INC, Cybersecurity Consultant, 2017-06-01, Present
  • Toyota Motors(TMNA), Sr. AI Security Architect - Connected Car Technology, 2024-07-01, Present
  • Marriot Group, Sr. Application/Cloud/Gen AI Security Consultant, 2024-01-01, 2024-07-01
  • CVS Health (CVS), Sr. Application Security Consultant, 2022-06-01, 2023-12-01
  • Berkshire Hathaway Energy (BHE), Lead Application Security Program, 2021-07-01, 2022-04-01
  • Duke-Energy, Lead Application Security Program/Pentester, 2019-11-01, 2021-07-01
  • JMFamily Inc, Lead Application Security, 2019-08-01, 2019-11-01
  • SAP Labs, Lead Vulnerability Management, 2018-03-01, 2019-08-01
  • Morgan Stanley, Lead Internal Software based Vulnerability Management, 2017-04-01, 2018-03-01
  • Bombardier Aerospace, Sr. Information Security Advisor, 2012-01-01, 2017-01-01
  • HSBC, Sr. Security Consultant, 2011-01-01, 2012-01-01
  • Aviva Solutions, Java & .NET Developer / Security Engineer, 2009-01-01, 2010-07-01
  • ISAIX Technologies, Web application Penetration Tester, 2008-01-01, 2008-12-01
  • Auto TEC Embedded Solutions, Java Developer, 2004-08-01, 2006-12-01

Tools

Kali, Samurai WTF, ELK Stack, SourceFire, HP WebInspect, IBM AppScan, Fortify On-Demand, Qualys/Nessus, Acunetix, Veracode, Wireshark, McAfee NSM, McAfee SIEM/IDS/IPS, FireEye NX, FireEye EX, ZAP, Tanium, Symantec SEP, SentinelOne, Qualys/ModSecurity WAF, Rapid7, Algosec, F5 ASM proxy, Cortex xSOAR, Illumio, Trend Micro IWSS, Prisma Cloud, Oracle OCI, API Security APIGEE, Akamai, CloudFlare, Postman, Cyberark, Dome9, Hexagon, Sailpoint IQ, Microsoft Defender EDR, Microsoft Sentinel, Gitlab, Github, bitbucket, Jenkins, Concourse, ADO, N8N.io, Make, Zapier, Relevance AI

Similar Profiles

CREATE PROFILE