About

Varun Gajendragadkar is an Application Security Team Lead at Paycom, based in their headquarters in Oklahoma City. He joined the company in July 2020 as an Application Security Analyst and was promoted to his current role in September 2021. Varun is proficient in using BurpSuite, OWASP ZAP, BlackDuck, and Acunetix, among other security tools. He has experience in hunting and mitigating multiple vulnerabilities in web applications and ensuring that security is integral in the software development process by having constant conversations with developers. Varun's expertise lies in Security Project Management and Security Program Management. He currently leads a team of seven individuals at Paycom and helps in mentoring and day-to-day management of the team. Another major aspect of his work is to ensure that internal dev security projects are completed in the planned time without any scope creep. Jira and Confluence are two tools he uses on a daily basis to achieve this. Varun and his team are working towards making security an integral part of the SDLC, especially in the Agile way of working. They have created multiple training guides for Product Managers and have introduced the concept of Abuser Stories against every User Story. Varun was a speaker at Hacklahoma 2022 at the University of Oklahoma, where he presented a live demo of SQL Injection and Cross Site Scripting and how to mitigate these vulnerabilities. Before joining Paycom, Varun completed his Master's degree in Management Information Systems from Texas A&M University, where he also worked as a Graduate Teaching Assistant for the course Distributor Information and Control Systems. His primary role was that of a Lab Instructor for over 200 students. Varun's past experience includes working as an Application Security Analyst at Paycom, where he performed static and dynamic analyses and threat hunting of OWASP Top 10 issues by employing penetration testing tools and code review of Paycom’s app. He also started the secrets management initiative in Paycom and created training materials for developers and product managers to make security an integral part of agile sprints and retrospectives. Varun also created and led the intern project in Application Security, guiding six interns throughout the duration of the internship. Varun holds a Master of Science degree in Management Information Systems from Texas A&M University and a Bachelor of Technology degree in Computer Science from VIT. He is skilled in SQL, testing, web development, software engineering, and Kubernetes. With 2.35 years