Shivam Vaishampayan

Shivam Vaishampayan

he/him

Software Engineer | Security Architect

Securing Products and Platforms

title: “CV” layout: single permalink: /cv/ author_profile: true —

Shivam Vaishampayan

Education

Indian Institute of Information Technology, Allahabad

Bachelor of Technology in Electronics and Communication Engineering
Aug 2018 – May 2022
CGPA: 8.34/10

Technical Skills

  • Programming Languages: C++, Python, Bash
  • Cloud Platforms & Tools: AWS, Terraform, Kubernetes, Docker, Jenkins, Gitlab, Sourcegraph, Emissary Ingress, Paralus
  • Security Tools: HashiCorp Vault, SonarQube, Renovate, Falco, Tetragon, HackerOne, PingSafe
  • Concepts: Security Architecture, Threat Modeling, Vulnerability Management, Hardcoded Secrets Detection, eBPF-based Security, Infrastructure as Code (IaC)

Work Experience

Sprinklr | Product Security Engineer

May 2023 – Present

  • Conducted comprehensive Security Architecture Reviews for major products like Sprinklr Insights, Sprinklr Community, and Sprinklr Service.
  • Designed and implemented an in-house Bring Your Own Key (BYOK) initiative from scratch.
  • Led CNAPP (Cloud-Native Application Protection Platform) vendor evaluation and onboarding projects.
  • Built automation pipelines using Ansible, Terraform, and Kubernetes for deployment processes and security controls.
  • Implemented infrastructure security through RBAC, network segmentation, logging, and compliance policies.

Urban Company | Core Platform & Product Security (SDE I)

Jan 2022 – May 2023

  • Developed Terraform modules for AWS VPC components and EKS clusters, migrating tools like ArgoCD, Jenkins, Kafka, Prometheus, and ELK.
  • Implemented a unique encryption key per PII data per user project (Crypto Shredding).
  • Automated dependency updates and integrated security pipelines using SonarQube for 180+ repositories.
  • Managed bug bounty programs through HackerOne and PingSafe, addressing issues such as dependency confusion, IDOR, and CSRF.
  • Designed PoC setups of eBPF-based networking & security tools for observability and runtime security.

Certificates

  • OSCPOffensive Security Certified Professional (2021)
  • CRTECertified Red Team Expert (2020)

Achievements

  • Selected among Top 5 projects from India for CSAW ESC’20 World Finals cohosted by NYU and IITK.
  • Global Rank - 99 in 7th Flare-On Challenge (FireEye).
  • Achieved 2nd Rank Nationally in the qualification round of CSAW CTF 2020.
  • Secured 2nd Rank at Cyber Hack CTF organized by National Forensic Sciences University.
  • Best Hardware Hack prize at HackOut, a hackathon by Headout in collaboration with GeekHaven, IIITA.

Leadership

  • Lead Organizer - Hack In The North, IIIT-A (Aug 2020 – Aug 2021)