Shakti Shrivas
About Shakti Shrivas
Shakti Shrivas is an InfoSec Engineer currently working at BukuWarung in India, where he has been employed since 2023. He has prior experience at BYJU'S and AEGIS I-NET PVT LTD, and holds a Master of Computer Applications degree.
Work at BukuWarung
Shakti Shrivas serves as an InfoSec Engineer at BukuWarung, a role he has held since 2023. His responsibilities include conducting IT security posture assessments to validate password policies and multi-factor authentication using Jumpcloud. He plays a key role in maintaining and auditing ISO 27001 compliance as part of the Information Security Management System (ISMS). Additionally, he manages endpoint detection through CrowdStrike Falcon and creates, validates, and manages a bug bounty program.
Previous Experience at BYJU'S
Before joining BukuWarung, Shakti Shrivas worked at BYJU'S as a Cloud Native Security Engineer from 2021 to 2023. In this position, he focused on enhancing cloud security measures and contributed to the overall security framework of the organization. His experience at BYJU'S provided him with valuable insights into cloud-native security practices.
Background in Network Administration
Shakti's career began at AEGIS I-NET PVT LTD, where he worked as a Network Administrator from 2017 to 2018. During his tenure, he gained foundational knowledge in network security and administration, which has been instrumental in his subsequent roles in information security.
Education and Expertise
Shakti Shrivas holds a Master of Computer Applications (MCA) from the Cambridge Institute of Technology, where he studied Python and Vulnerability Assessment from 2018 to 2020. He also earned a Bachelor of Computer Applications (BCA) from Jabalpur College of Computer & Communication, studying Computer/Information Technology Administration and Management from 2015 to 2018. His educational background provides a strong foundation in both software development and information security.
Achievements in Security Automation
Shakti has made significant contributions to security automation in his roles. He integrated a CI/CD pipeline to create a Cloud Security Posture Management (CSPM) platform using Defectdojo and Prowler, which automated monthly AWS security audits and resulted in a cost reduction of 91.6%. He also streamlined and automated container security processes using Trivy and conducts quarterly secure code reviews using SonarQube.