Security Engineer

SABARINATH PANIKKEN

Penetration Testing, Application Security, Product Security, Reverse Engineering, Malware Analysis

Security Engineer with 4+ years of experience in Application Security, Penetration Testing, and Reverse Engineering, currently with the Google Play Store Security team. Recognized across 40+ bug bounty programs and listed in Halls of Fame including Apple, ASUS, DJI and more...

Experience Skills Achievements Resume
Scroll

WORK EXPERIENCE

Google Operation Centre

Security Engineer Specialist | Bangalore | Jun 2024 – Present
  • Reverse engineered Android apps to identify security threats and exploits in Google's ecosystems.
  • Worked with Google Play Protect team to enhance security and efficiency for billions of daily users. Collaborate with cross-functional teams, including Engineering, Policy and Legal, to close product loopholes, update policies, and improve user security and experience.
  • Investigate and analyse emerging malware techniques, developing automated detection mechanisms for new malicious behaviours and Indicators of Compromise (IOCs).

Ernst & Young (EY)

Offensive Security Consultant | Kerala | Sept 2022 – Jun 2024
  • Performed regular security assessments and penetration testing based on standards like OWASP within CI/CD pipelines for web, mobile, API, thick-client applications, and network environments.
  • Conducted thorough security assessments and audits, including manual and automated testing (SAST & DAST) during development and pre-release stages.
  • Developed proofs of concept (POCs) and actionable remediation plans to enhance overall system security.
  • Collaborate with development teams to ensure timely remediation of identified vulnerabilities.
  • Reported critical vulnerabilities, created detailed penetration testing reports, and presented findings to both technical and non-technical stakeholders.

UST Global

SOC Analyst | Kerala | Dec 2021 – Sept 2022
  • Proactively monitored and analyzed security events using leading SIEM tools like QRadar, Sentinel, and LogRhythm.
  • Assisted in end-to-end incident response, threat detection, and mitigation, ensuring swift resolution and minimal impact.
  • Gained hands-on experience with core SOC technologies including SIEM, IDS/IPS, and SOAR platforms.

TECHNICAL SKILLS

Penetration Testing

Web ApplicationsMobile ApplicationsThick ClientAPILLM/AI ModelsNetworkHardware/Embedded

Application Security

SASTDASTSecure SDLCSecure CodingThreat ModelingCloud Security SonarCubeSnykCheckmarxGitleaks

Tools

Burp SuiteMetasploitNucleiSQLMapOWASP ZAPPostmanFridaGhidraNmap

Languages & Others

JavaBashShellSQLDockerKubernetesOWASP Top 10MITRE ATT&CK

ACHIEVEMENTS

Google Star Award

Excellence award from Google Operation Centre for significant contribution to the security team.

EY SPOT Award

Awarded for excellence in offensive security consulting and penetration testing.

40+ Bug Bounties

Rewarded with bounties, goodies and Hall of Fames from 40+ programs including Apple, Asus, DJI, Foursquare, Indian Government and more...

portfolio img

Bounties

portfolio img

Hall of Fames

portfolio img

eWPTXv2