Sajid's Corner

Sajid Pervez

Some context

My career is at an intersection of various skill sets from appsec, cloudsec, and coding. These are my core areas of expertise. Everyday challenges and much needed empathy adds spice and sweetness into my role.

Titles keep changing but my work revolves around finding ways to solve software security puzzles and figuring solutions for every design flaw and coding bug.

I am currently a Principal Product Security Engineer at MYOB, a SaaS accounting software company supporting all types of businesses.

A bit of history

I started my career in 2005 as a developer writing code for cryptographic solutions (PKI) and integrating PKI and 2FA based strong authentication solutions into enterprise environments. Some more fun parts of the job involved breaking applications.

Below is my cyber career journey in Australia.

Experience

Principal Product Security Engineer

MYOB

Jun 2022 - Present

Product security means application security, cloud security, security architecture reviews, threat modeling, vulnerability management, developer education and more. Its fun.

Application Security Lead

NBN Co

Sep 2020 - Jun 2022

As lead I was responsible for the maturity assessment of application security program, roll-out of SAST and SCA to all critical applications, training developers on secure coding practices.

Senior Security Engineer

AGL Energy

Aug 2019 - Jun 2020

Responsible for application security tooling, automation, maintenance, reporting, training and helping developers with triaging/remediation.

Application Security Consultant

Telstra

Apr 2018 - Aug 2019

Responsible for application security tooling, automation, maintenance, reporting, training and helping developers with triaging/remediation.

Senior TS Advisor (PCI-QSA)

UL Solutions

Oct 2015 - Mar 2018

UL TS division guides companies within the mobile, payments and transit domains through the complex world of electronic transactions. I was a LAMP stack developer and PCI assessor for payment applications.