Samir Alam

Application Security & Compliance Engineer | Secure Software Developer

Engineering Secure Applications
Through Security, Risk & Compliance

CEH v12-CertifiedFULL Stack Developer

Application Security & Compliance Engineer specializing in secure software development. Experienced in security control engineering, vulnerability management (SAST/DAST), penetration testing analysis, AWS cloud security, and Secure SDLC integration while building modern web applications.

profile

Professional Experience

company logo

Shell | IDT Assurance Analyst

Feb 2025 – Present
  • Strengthened enterprise security posture by engineering security controls.
  • Conducted risk-based security assurance reviews.
  • Developed Power BI dashboards for vulnerability insights.
  • SQL-based validation across large security datasets.
  • Embedded privacy-by-design and Secure SDLC practices.
company logo

Shell | Security & Compliance Analyst

Aug 2023 – Jan 2025
  • Application security risk assessments.
  • SAST / DAST vulnerability management.
  • Penetration testing report analysis.
  • Remediation of OWASP Top 10 vulnerabilities.
  • Security control testing and audit evidence preparation.
View Full Experience →

Internship & Education

Application Security

Focused on SAST/DAST, OWASP Top 10 and vulnerability analysis.

Cloud & Networking

AWS IAM, EC2, S3 with networking fundamentals.

Programming & Automation

Python, JavaScript, TypeScript and security automation.

Frameworks & Certifications

ISO 27001, ISO 31000, GRC methodologies.

MERN Stack Development

MongoDB, Express, React, Node.js full-stack applications.

Certifications & Achievements

Certified Ethical Hacker (CEH v12)

EC-Council

Security & Compliance Nanodegree

Udacity

Special Mention Award

STGI Hackathon, Panchkula

Achievements

  • Improved audit closure timelines by 30% through automation
  • Recognized for stakeholder engagement in security advisory initiatives