Hashika Kalisetty
Security Engineer
4.5 years securing applications, cloud infrastructure, and AI systems. Led security assessments for 200+ applications, uncovering critical vulnerabilities and embedding security-first practices into development workflows.
Seeking 2026 Full-Time Roles
Actively seeking Security Engineer positions in Application Security and Product Security for 2026 full-time opportunities. Specializing in securing AI systems, adversarial ML, and building secure-by-design products.
About Me
I'm a Security Professional with 4.5 years of experience in Application, Product, and Offensive security, helping organizations uncover critical vulnerabilities and embed secure practices across products and applications through a shift-left approach.
I specialize in penetration testing, threat modelling, secure SDLC, Adversarial ML, and AI security. At KPMG, I led security assessment teams for 200+ applications across major financial institutions ($140B+ in assets), discovering 30+ critical vulnerabilities and reducing vulnerability density by 40%. I learned that effective security isn't about perfect code—it's about building systems where security is the obvious choice.
What excites me most is the intersection of application security, cloud infrastructure, and AI. I'm passionate about building and breaking secure systems while integrating offensive insights into secure engineering workflows. I'm actively seeking 2026 full-time roles in Application, Product, AI and ML Security as a Dec 2025 graduate.
Journey
Career and education timeline
Lead AI & Security Engineer
Federal Reserve Bank of St. Louis (CMU Practicum)
Mountain View, CA
Security Engineer Intern
Astera Labs
Santa Clara, CA
Masters in Information Technology - Information Security
Carnegie Mellon University
Pittsburgh, PA & Mountain View, CA
Cybersecurity Consultant
KPMG
Hyderabad, India
Associate Security Consultant
KPMG
Hyderabad, India
Security Analyst
KPMG
Hyderabad, India
Analyst Intern
KPMG
Hyderabad, India
Bachelor in Electronics & Communication Engineering
SRM University
Chennai, India
Core Expertise
Security engineering across applications, cloud, and AI systems
Application Security Testing
Penetration testing for 200+ web, mobile, and API applications. Expert in discovering SQLi, XSS, CSRF vulnerabilities using Burp Suite and OWASP methodologies.
Adversarial ML & AI Security
Specialize in prompt injection, data poisoning, and model extraction attacks. Secure AI agents with guardrails and LLM-as-a-Judge frameworks for production systems.
Cloud Security & DevSecOps
Secure AWS and GCP infrastructure with Terraform IaC. Build automated CI/CD security pipelines integrating SAST, DAST, and container scanning.
Threat Modeling & Red Team Ops
STRIDE + MITRE ATT&CK threat modeling methodology. CRTP certified red teamer with expertise in Active Directory exploitation and offensive security.
Experience & Credentials
Building security expertise across industry-leading organizations
Work Experience
Astera Labs
Applied AI Engineer Intern
Federal Reserve Bank of St. Louis
Lead AI Engineer (CMU Practicum)
Astera Labs
Security Engineer Intern
KPMG US
Digital Forensics Analyst (Incident Response)
KPMG US
IT Audit Associate
Projects
Security projects across AI, cloud infrastructure, and application security
FRED GPT: Agentic AI Chatbot for Federal Reserve
Challenge
Federal Reserve Bank researchers spent hours manually searching through FRED/FRASER datasets, reducing productivity for millions of FRED users
Solution
Led 5-member team to design secure agentic AI chatbot using Agentic RAG (LangChain) with FastAPI, Postgres, and OpenSearch Vector DB. Implemented Model Context Protocol (MCP) Server using FastMCP for secure agent-to-agent communication and provenance tracking. Designed Hard and Soft Security Guardrails on AWS Bedrock to minimize false positives and validated LLM-as-a-Judge framework to benchmark summarization, retrieval quality, and factual accuracy
Impact
Reduced research time by 70% for millions of FRED users through cross-document reasoning and secure agentic workflows
Technologies
Agent-to-Agent Communication Security Monitoring
Challenge
AI agent attacks and privilege escalation went undetected in multi-agent systems
Solution
Developed real-time visualization tool using Cytoscape.js and FastAPI for tracking agent communication patterns and privilege mapping
Impact
Enabled detection of AI agent attacks through interactive communication graph analysis
Technologies
STRIDE + MITRE ATT&CK Threat Modelling Framework
Challenge
Product security teams lacked unified methodology to identify and prioritize risks, attack surfaces, and vulnerabilities across the SDLC
Solution
Designed threat modelling methodology integrating STRIDE with MITRE ATT&CK framework, mapping threats to adversary TTPs. Conducted secure design reviews for TypeScript-based SPA, identifying application flaws and AWS misconfigurations. Proposed shift-left security including Threat Modelling, DAST, Fuzzing, Incident Response, and Business Continuity
Impact
Established repeatable security framework strengthening secure development practices across product engineering teams
Technologies
Adversarial Machine Learning Research
Challenge
ML models vulnerable to adversarial attacks with no systematic approach to test and harden model security
Solution
Researched and implemented adversarial ML attack techniques including prompt injection, data poisoning, and model extraction attacks to evaluate model robustness
Impact
Established framework for testing ML security and identifying attack vectors in production AI systems
Technologies
Threat Modeling Framework Evaluation for JPMC
Challenge
Organizations lack guidance on selecting the most effective threat modeling framework for their security maturity and risk profile
Solution
Conducted comprehensive threat modelling for JPMorgan Chase as reference organization to identify assets, evaluate security practices, and create remediation plan with business impact analysis. Performed comparative analysis of STRIDE, VAST, PASTA, NIST CSF, and FAIR frameworks across cost, learning curve, and effectiveness metrics
Impact
Delivered actionable framework selection guide with cost-benefit analysis and implementation roadmap
Technologies
OAuth 2.0 Security & Privacy Evaluation
Challenge
OAuth service providers have varying security, privacy, and usability characteristics requiring systematic evaluation
Solution
Evaluated Google, Microsoft, and Okta OAuth 2.0 implementations across security controls, privacy policies, and user experience metrics
Impact
Provided security practitioners with comparative analysis to inform OAuth provider selection
Technologies
CTF Exploit Scripts Development
Challenge
Capture The Flag competitions require rapid development of custom exploit scripts for diverse vulnerability classes
Solution
Developed Python-based exploit automation scripts for CTF competitions targeting buffer overflows, reverse engineering challenges, and binary exploitation scenarios
Impact
Enhanced offensive security skills through hands-on exploitation of real-world vulnerability patterns
Technologies
Secure CI/CD Pipeline for GCP
Challenge
15+ critical vulnerabilities deployed to production due to lack of automated security checks
Solution
Engineered automated CI/CD security pipeline integrating Jenkins, SonarQube, and Kubernetes with Quality Gate blocking
Impact
Prevented vulnerable code deployment, achieved 100% pre-deployment security scanning
Technologies
Outside Work
Life beyond security—adventures that fuel my creativity and perspective.
Rock Climbing
Weekend climber exploring outdoor routes and challenging indoor problems. Love the problem-solving aspect and the community.
Travel & Exploration
Passionate about discovering new cultures, cuisines, and landscapes. Have explored 15+ countries and counting.
Photography
Capturing moments through landscape and street photography. Finding stories in everyday scenes.
Hiking
Trail enthusiast exploring national parks and mountain ranges. Nature is the best escape and inspiration.
Cooking & Food
Experimenting with international cuisines and fusion recipes. The kitchen is another lab for creativity.
Music & Podcasts
Always discovering new artists across genres. Podcast addict interested in tech, security, and storytelling.