AVAILABLE FOR ENGAGEMENTS / #OPENTOWORK
BILAL
AHMED
KHAN
// |
0+
Years in IT
0+
Apps Pentested
0+
IPs Assessed
0
Certifications
$ whoami → bilal.ahmed.khan
01 / ABOUT
15+ YEARS
SECURING
THE ENTERPRISE
I'm a Senior Application Security Engineer with deep hands-on expertise spanning Web, API, Mobile (Android), and Thick-Client penetration testing. My work covers BFSI, Telecom, Retail, and Government sectors across Saudi Arabia, India, Canada, the Middle East, and the US.
Currently at Flint International (SITE / NCA), I'm responsible for securing business-critical applications for major PIF-backed entities, defining AppSec KPIs, and driving end-to-end vulnerability lifecycle management across GitLab CI/CD pipelines.
📍 Location
Riyadh, Saudi Arabia
🏢 Current
SITE / NCA via Flint International
🌍 Sectors
BFSI · Telecom · Gov · SaaS
🗣️ Languages
EN · HI · UR · MR
🎯
Web & API Security
OWASP Top 10 & API Top 10 across 100+ enterprise web apps and REST/GraphQL APIs.
📱
Mobile & Thick-Client
Android (OWASP MASVS) and thick-client security testing — 30+ mobile apps assessed.
⚙️
DevSecOps / SSDLC
SAST, DAST, SCA embedded into GitLab & Jenkins pipelines. Reduced vuln counts by up to 60%.
🤖
AI / LLM Security
OWASP Top 10 for LLMs — Prompt Injection, Insecure Output Handling, Sensitive Data Exposure.
02 / SKILLS & TOOLS
THE ARSENAL
Full-spectrum coverage — Web · API · Mobile · Thick-Client · Cloud · AI/LLM
🌐
Web App Security
OWASP Top 10
🔌
API Security
OWASP API Top 10
📱
Mobile Security
Android · OWASP MASVS
🤖
AI / LLM Security
OWASP LLM Top 10
⚙️
DevSecOps & Pipeline
SAST · DAST · SCA · Secrets
☁️
Cloud & Infrastructure
AWS · Azure · Containers
⚔️
Offensive Tools
Pentest Arsenal
🛡️
Security Programs
Culture · Governance
$ top_skills --ranked --verbose
Web & API Penetration Testing97%
DevSecOps / SAST-DAST-SCA Integration90%
Security Program Leadership85%
Threat Modeling & Risk Assessment80%
Mobile Application Security (Android)80%
AI / LLM Security70%
Cloud Security (AWS / Azure)65%
03 / EXPERIENCE
BATTLE-TESTED
ACROSS INDUSTRIES
Sr. Software QA Engineer (Security Testing)
Flint International→ SITE / NCA·Riyadh, Saudi Arabia
Jan 2026 — PresentACTIVE
- ▸Securing business-critical applications for major PIF-backed entities in Saudi Arabia
- ▸Defined & implemented Application Security KPIs measuring testing effectiveness and program maturity
- ▸Manual & automated security testing specializing in business logic vulnerabilities and injection attacks
- ▸Orchestrated SAST, SCA & secret scanning integrations within GitLab CI/CD pipelines
- ▸Reduced ecosystem vulnerability count by 60% via GitLab Advanced Security triage and validation
- ▸Directed vulnerability triage using contextual risk and business impact, tracked to resolution in Jira
Team Lead – Product Security Engineer
ConnectWise LLP·Mumbai, India
Oct 2022 — Dec 2025
- ▸Led product security team — manual pentest of Web, API, Mobile & Thick-Client applications
- ▸Implemented SecureCodingDojo platform; delivered developer training → 30% reduction in reported vulns
- ▸Managed corporate Vulnerability Disclosure Program (VDP) triaging external researcher reports
- ▸Built company-wide Security Champions program embedding security into SDLC from design phase
- ▸Integrated Snyk into GitLab & Jenkins for SCA, SAST, Container, and IaC scanning
- ▸Assessed AI-integrated apps using OWASP Top 10 for LLMs — identified Prompt Injection, Insecure Output Handling, Sensitive Data Exposure
- ▸Conducted OWASP Top 10 / API Top 10 assessments, CTF events & phishing simulations
- ▸🔧 Built DNSReaper wrapper for AWS Route 53 — automated subdomain takeover detection across R53 records, reduced dangling DNS exposure by 50–60%
- ▸🔧 Built secret scanning wrapper for SCM repositories — fetched & validated hardcoded secrets, automated stakeholder notifications, achieved 60–70% reduction
- ▸🔧 Built nightly API scan automation using Burp Suite Pro + Postman — continuous OWASP API Top 10 coverage across all API endpoints
Technology Security Associate Manager
Accenture·Mumbai, India
Jul 2021 — Oct 2022
- ▸Led one of the org's largest security assessment programs — 100+ apps across SAST, DAST, SCA, Pentest
- ▸Managed team of 4 security engineers; ensured quality-driven outcomes and timely remediation
- ▸Established Secure SDLC practices and DevSecOps culture across client environments
- ▸Developed MBSS Baselines for Network Devices, Windows, Linux, Docker, and Containers
- ▸Created vulnerable-machine lab for internal CTF events to upskill security staff
- ▸Led RFP responses, proposals, and costing for security engagements
Manager – Application Security
KPMG·Mumbai, India
Jan 2020 — Jul 2021
🏆 ENCORE Rising Star Award — Q1 2020
- ▸Delivered security engagements across Middle East, Canada & USA for Banking, Telecom, Retail & Pharma
- ▸Penetration tested 100+ web applications and 30+ Android mobile applications (OWASP MASVS)
- ▸Conducted OWASP Top 10 / API Top 10 assessments across diverse client environments
- ▸VAPT on 600+ IPs — comprehensive infrastructure and application scope
- ▸Prepared client reports with CVSS risk ratings presented directly to executive stakeholders
Application Security Engineer
Cornerstone OnDemand·Mumbai, India
Jun 2019 — Jan 2020
- ▸Penetration tested web, thick-client & mobile applications prior to quarterly releases
- ▸Integrated automated DAST scanning via Burp Suite + Selenium + Postman + Jenkins into CI/CD
- ▸Implemented Snyk for SCA and developed Dome9 GSL rules for continuous AWS cloud posture monitoring
- ▸Designed targeted social engineering campaigns — phishing and vishing for multiple industry clients
Principal Quality Engineer
Continuum Managed Solutions Pvt. Ltd.·Mumbai, India
Jan 2011 — May 2019
- ▸8 years QA engineering — collaborated with InfoSec team on web app vulnerability assessments (XSS, SQLi, Broken Auth)
- ▸Managed QA team of 5 engineers across system & acceptance testing, test strategy and plans
- ▸Delivered automated test scripts and contributed to CI/CD quality initiatives
- ▸Managed test cases in TestRail; analysis reporting in Jira/Confluence
04 / AUTOMATION & TOOLS BUILT
SECURITY AUTOMATION
Custom tooling built to scale security operations and eliminate manual toil
🌐
DNSReaper Wrapper — Subdomain Takeover Detection
ConnectWise LLP · 2022–2025
📈50–60% reduction in dangling DNS records
⚠️ Problem
AWS Route 53 records were pointing to deprovisioned resources, creating subdomain takeover vulnerabilities that could be exploited to hijack company subdomains.
🔧 Solution
Built a custom Python wrapper around DNSReaper to automate subdomain takeover scanning across all Route 53 records at scale. The wrapper validated and de-duplicated results, eliminated false positives, and generated structured reports with remediation guidance for the CloudOps team.
✅ Outcome
Identified all dangling DNS records across the R53 estate. Partnered with CloudOps to track and remediate findings, achieving a 50–60% reduction in exposed subdomain takeover vectors.
Stack:PythonDNSReaperAWS Route 53 APIBoto3Jira Integration
Subdomain TakeoverDNSReaperAWS Route 53PythonCloudOps
🔑
Secret Detection Wrapper — SCM Repository Scanning
ConnectWise LLP · 2022–2025
📈60–70% reduction in hardcoded secrets exposure
⚠️ Problem
Hardcoded secrets (API keys, tokens, passwords) were embedded within SCM repositories across GitLab, creating critical exposure risk if repositories were ever breached or leaked.
🔧 Solution
Engineered a secret scanning wrapper that fetched SCM repositories, ran detection tooling, and — crucially — validated and verified each finding to surface only confirmed, exploitable credentials. Filtered out entropy false positives. Automated stakeholder notifications with contextual severity, affected file paths, commit history, and remediation steps.
✅ Outcome
Drove a 60–70% reduction in hardcoded secrets exposure across the SCM estate. Stakeholders received actionable, prioritised reports with zero noise.
Stack:PythonTruffleHogGitLab APISlack WebhooksEmail AutomationCustom Entropy Validator
Secret ScanningTruffleHogSCM SecurityGitLabPythonAutomation
🔌
Nightly API Security Scan — Burp Suite Pro + Postman
ConnectWise LLP · 2022–2025
📈Continuous OWASP API Top 10 coverage across all endpoints
⚠️ Problem
Manual API security testing only happened at release gates, leaving API vulnerabilities undetected between testing cycles. New API endpoints were frequently added without security review.
🔧 Solution
Designed and implemented an automated nightly API scanning pipeline integrating Burp Suite Pro (via its REST API) with Postman collections. The pipeline imported updated Postman collections nightly, executed Burp's active scanner against all API endpoints, and generated structured reports. Regressions were automatically flagged and tickets raised in Jira for developer triage.
✅ Outcome
Shifted API security testing from periodic to continuous. New API vulnerabilities were caught within 24 hours of introduction, preventing them from reaching production.
Stack:Burp Suite Pro REST APIPostmanNewmanJenkinsPythonJira API
Burp Suite ProPostmanAPI SecurityOWASP API Top 10CI/CDNightly ScanJenkins
05 / CERTIFICATIONS & AWARDS
CREDENTIALS &
RECOGNITION
🔴CRTE
2023Certified Red Team Expert
Altered Security
Advanced AD attacks, lateral movement & persistence in enterprise environments.
🔵CARTP
2021Certified Azure Red Team Professional
Altered Security
Azure attack paths, service principal abuse, and tenant escalation.
☁️AZ-900
2021Azure Fundamentals
Microsoft
Microsoft certified cloud fundamentals and Azure service architecture.
🛡️CASE .NET
2019Certified Application Security Engineer
EC-Council
Secure coding, threat modeling, and security testing for .NET apps.
🏅CPSA
2019CREST Practitioner Security Analyst
CREST
UK CREST accredited practitioner-level security analysis.
🎯ECSA
2019EC-Council Certified Security Analyst
EC-Council
Advanced penetration testing concepts, methodologies and reporting.
🔍CTIA
2018Certified Threat Intelligence Analyst
EC-Council
Threat intelligence lifecycle, IOC analysis and strategic reporting.
⚔️CEH
2017Certified Ethical Hacker
EC-Council
Ethical hacking techniques, tools and methodologies across attack phases.
✅ISTQB
2014ISTQB Foundation Level
ISTQB
International software testing qualifications board — testing fundamentals.
$ cat awards.txt
🏆
Employee of the Year
Best performance in application testing & management
🥇
Team Maestro Security Award
Security incident handling excellence
⚡
Spot Award
Resolved critical client server issue within 24 hours
⭐
STAR Performer Award
Quarterly release performance recognition
🌟
ENCORE Rising Star Award
Q1 April–June 2020, KPMG
06 / CONTACT
LET'S BUILD
SOMETHING
SECURE
Looking for a seasoned Application Security Engineer to strengthen your security posture? Whether it's a web or API pentest, mobile assessment, DevSecOps integration, or building an AppSec program from the ground up — I'd love to connect.
$ ping bilal --subject "Let's work together"
📍 Location: Riyadh, Saudi Arabia
✅ Availability: Open to engagements and #OpenToWork
⚡ Response: Within 24 hours