security engineer · bengaluru, india

Janmitha
Rathnakumar

AppSec Penetration Testing IoT Security SBOM / Supply Chain Secure SDLC
get_in_touch() view_work()
01

about

Security engineer with hands-on offensive and defensive experience across web applications, IoT firmware, and supply chain security.

Most recently at Festo, Bengaluru — uncovering vulnerabilities in enterprise-grade products, engineering SBOM automation systems, and writing pentest reports that engineering teams actually ship fixes from.

Previously at LÆMON, Berlin — awarded Intern of the Month, the only intern in the cohort to receive the recognition across a 6-month engagement.

M.Sc. in IT Security Management from Arden University, Germany. Bilingual in English and German. Native Tamil speaker.

20+
vulnerabilities found in production systems
1K+
npm packages processed with zero API failures
4
languages: English, German, Hindi, Tamil
competition award winner
02

skills

offensive tools

Burp Suite OWASP ZAP sqlmap Metasploit Kali Linux

firmware & network

Binwalk Wireshark Scapy PyShark Docker

sbom & compliance

SPDX CycloneDX npm Registry API GitHub API

dev stack

Python JavaScript Node.js React Native Java MongoDB SQL
03

experience

IT Security Intern — Festo Apr 2025 – Feb 2026
Web & Product Security · Bengaluru, India
  • Discovered and documented 20+ vulnerabilities across Angular/Java enterprise apps using Burp Suite, OWASP ZAP & sqlmap — each with severity rating, PoC steps, and developer-ready remediation.
  • Engineered an SBOM automation pipeline (Node.js, npm API, GitHub API) processing 1,000+ packages, eliminating manual license-compliance effort and surfacing known CVEs across the dependency graph.
  • Implemented SPDX/CycloneDX SBOM frameworks with exponential-backoff rate-limiting — achieving zero API failures across all production runs.
  • Performed firmware analysis with Binwalk on IoT devices, mapping embedded attack surfaces before hardware entered production.
  • Authored structured pentest reports adopted directly by engineering teams, cutting mean-time-to-remediation through reproduction scripts and fix-ready guidance.
Junior Software Developer — LÆMON Aug 2022 – Feb 2023
Security Focus · Berlin, Germany
  • Awarded Intern of the Month — the only intern in the cohort to receive the recognition across a 6-month engagement.
  • Embedded security-first SDLC into React Native codebase (iOS & Android): input validation, encrypted transmission, and secure session handling from day one.
  • Secured GDPR-compliant PII pipelines for NLP training data — implemented access controls and data-handling procedures that passed internal review with zero findings.
  • Led code review cycles eliminating injection risks and insecure data-handling patterns before each production release.
04

projects

[ SBOM · Festo Org ]
SBOM Automated License Metadata Enrichment System
Processed 1,000+ npm packages with zero manual intervention. Built license normalization engine resolving complex SPDX expressions via multi-source fallback strategy. Interactive batch review with session persistence.
Node.js npm Registry API GitHub API SPDX CycloneDX
[ Network · IDS ]
Network Intrusion Detection via Python Traffic Analysis
Real-time packet capture engine detecting DoS and MITM attack signatures with visual dashboards — reducing detection time from manual log review to automated flagging.
Python Scapy PyShark Wireshark Matplotlib
[ Mobile · Auth ]
Facial Recognition & QR Merchant App
Real-time face detection with encrypted QR transaction flow and input validation securing end-to-end authentication for merchant payments.
OpenCV Android Studio Java
05

achievements

certifications

  • Tata Cybersecurity Security Analyst Simulation Forage · Dec 2024
  • M.Sc. IT Security Management Arden University, Germany · 2025
  • Advanced Full Stack Engineering NIIT, Chennai · 2022

awards

  • 1st Prize — Dev Competition SRM University
  • Intern of the Month LÆMON, Berlin — only intern in cohort
  • 3rd Prize — Web Design Competition Interface
  • 1st Prize — Techie World E-Quiz National level
06

education

M.Sc. IT Security Management
Arden University, Germany
2025
B.Sc. Computer Science
Anna Adarsh College, Chennai
2021
07

contact

Let's work together

Open to AppSec, Penetration Testing, Product Security & SOC Analyst roles in Bengaluru.

janmitharathna@gmail.com in linkedin github +91-9677797118