Bansi Pambhar

Ready for Roles: DevSecOps Engineer | Cloud Security Engineer | Cybersecurity Engineer | Automotive Cybersecurity Engineer

Security-focused engineer with hands-on experience in building secure cloud-native systems, automated CI/CD pipelines, and containerized environments. Skilled in DevSecOps, Kubernetes security, vulnerability assessment, and attack simulation, with strong interest in automotive cybersecurity, secure OTA updates, and firmware integrity. Passionate about designing resilient, security-first architectures aligned with real-world industry practices.

Education

B.Tech in Computer Science and Engineering – Gujarat Technological University, Ahmedabad (Sept 2020 – March 2024)
CGPA: 8.39/10
M.Tech in Computer Science and Engineering – CHRIST University, Bengaluru (July 2024 - April 2026)
CGPA: 4/4

Technical Projects

Advanced Container Security with Docker & Kubernetes
Docker and Kubernetes. Conducted in-depth analysis of container and orchestration security threats, implemented advanced security features (unprivileged containers, read-only filesystems, capability restrictions, RBAC, namespaces, resource quotas, and network policies), and validated them through hands-on testing using Minikube, Kubernetes labs, and Docker. The project demonstrates how to secure cloud-native applications through best practices, CIS benchmarks, and automated deployment of security controls.

View Project on GitHub
End-to-End Secure CI/CD Pipeline with Automated VAPT
This project focuses on designing and implementing a complete DevSecOps CI/CD pipeline where security is enforced at every stage of the software delivery lifecycle rather than being treated as a post-deployment activity. The pipeline integrates static, dynamic, container, and runtime security controls to ensure that vulnerable code or misconfigured infrastructure never reaches production. A deliberately vulnerable Flask-based application was developed to validate the effectiveness of each security tool in real-world scenarios. The project simulates enterprise-grade security practices used in modern cloud-native and Kubernetes-based environments.

View Project on GitHub
Secure GitOps-Based DevSecOps Deployment Pipeline
Designed and implemented a GitOps-based Kubernetes deployment model where application delivery and security policies are managed entirely through Git. The project demonstrates real-world DevSecOps practices using Argo CD for continuous deployment and Kyverno for policy enforcement, ensuring only compliant workloads are allowed to run in the cluster. This work highlights practical understanding of Kubernetes security, declarative infrastructure, and modern GitOps workflows used in industry environments.

View Project on GitHub

Academic Projects

Secure OTA Update Verification using Zero-Knowledge Proofs (July 2025 – Present)
Developed a lightweight Zero-Knowledge Proof (ZKP)-based authentication framework to secure Over-the-Air (OTA) updates in connected vehicles. Implemented a security module between the OEM Cloud and the TCU/ECU to validate updates without exposing private keys. Designed mechanisms to ensure authenticity, integrity, and resistance against spoofing, replay, and malicious update attempts. Integrated logging and alerting features to provide real-time feedback to the OEM. Built a CI/CD pipeline for automated testing and vulnerability validation. Demonstrated a scalable and efficient alternative to conventional PKI methods suitable for resource-constrained automotive systems.

View Project on GitHub
Secure Automotive OTA Firmware Delivery Using DevSecOps Pipeline (Feb 2025 - May 2025)
Designed and implemented a DevSecOps CI/CD pipeline to securely build, scan, sign, and deliver automotive ECU firmware updates. Automated firmware builds using Docker and Jenkins with integrated vulnerability scanning via Trivy. Implemented cryptographic OTA signing and vehicle-side verification using OpenSSL to ensure firmware authenticity and integrity. Simulated real-world automotive OTA workflows with security enforcement for safety-critical ECUs.

View Project on GitHub
Design and Implementation of a Vulnerability Assessment and Penetration Testing for Web Application Security (July 2024 – Oct 2024)
Designed and implemented a security framework to harden containerized environments using Developed a structured Vulnerability Assessment and Penetration Testing (VAPT) framework using tools like Nikto, Nmap, and DVWA to identify and analyze web application vulnerabilities. Applied software engineering practices such as requirement gathering, modular design, and version control using Git. Emphasized code maintainability and documentation, and conducted unit and functional testing to validate findings. The project also compared security performance between Docker and non-Docker environments, focusing on attack vectors like XSS and SQL injection.

Skills

Programming: Python, C, HTML, CSS, SQL, Data Structures and Algorithms (DSA)

DevOps and Automation: Docker, Linux System Administration, Jenkins, Ansible, Git, Minikube, Maven, CI/CD Pipeline Design and Automation

DevSecOps & Security Engineering: Secure CI/CD Pipelines, Static and Dynamic Security Testing (SAST/DAST), Container Image Scanning, Runtime Security, GitOps Security, Infrastructure Security Automation

CyberSecurity: Vulnerability Assessment and Penetration Testing (VAPT), Web Application Security, Network Security, Cloud Security, Container Security, Security Testing and Threat Analysis

Cloud Platforms: TCP/IP, UDP, DNS, HTTP/HTTPS, SMTP, DHCP, Routing and Switching Fundamentals

Cloud Platforms: Amazon Web Services (EC2, S3, Load Balancer), Microsoft Azure, Google Cloud Platform (GCP)

Automotive Cybersecurity: Secure OTA Updates, ECU and TCU Security, Firmware Integrity Verification, Authentication Mechanisms, Automotive Threat Modeling, V2X Security Fundamentals, CAN Bus Basics, ISO/SAE 21434 Awareness

Software Engineering Practices: Agile Methodologies, Version Control (Git), Unit and Integration Testing, Documentation, Troubleshooting and Debugging

Internships & Experience

DevSecOps Engineer | Automotive-X Lab, Banglore (Feb 2025 – Present)
Design and implement security controls for vehicle-connected systems, applying DevSecOps practices to automotive-grade. Firmware and OTA update pipelines. Build and maintain CI/CD workows for vehicle software components, integrating automated security testing and vulnerability validation. Apply threat modeling and secure-by-design principles to connected vehicle architectures, aligning with automotive cybersecurity standards
DevSecOps Engineer | C-DAC, Bengaluru (Nov 2024 – Jan 2025)
Worked on secure software development practices by integrating DevSecOps principles into the SDLC. Conducted vulnerability assessments using Wireshark, Nmap, and Metasploit, and implemented basic security testing during development. Collaborated with engineering teams to enhance secure coding, automate security scans, and apply cryptographic techniques for secure deployments.
DevSecOps Engineer | BESEANT TECHNOLOGIES, Bengaluru (March 2024 – July 2024)
Gained hands-on experience in implementing end-to-end DevOps lifecycle, including CI/CD implementation with Jenkins, containerization using Docker and Kubernetes, infrastructure automation with Ansible and Terraform, and cloud deployment leveraging AWS products and services.
Cloud Engineer | RISEASCEND TECHNOLOGIES, Ahmedabad (June 2023 – Feb 2024)
Gained hands-on experience with Microsoft Azure for cloud deployment, resource management, and monitoring. Implemented and maintained CI/CD pipelines using Git and Jenkins to automate builds and deployments. Worked on Docker containerization and automation scripting to streamline application delivery in cloud environments. Actively contributed to Agile DevOps practices, ensuring efficient and reliable software delivery.

Position of Responsibility

Computer Society Member | IEEE and WIE (March 2025 - Present)
Actively participate in technical discussions, events, and workshops focused on computing technologies, cybersecurity, and professional development.

Achievements

Contact

Current Location: Bengaluru, Karnataka

Contact no: +91 9316366831

Email: bansipambhar02@gmail.com

LinkedIn Profile

GitHub Profile