Cybersecurity Professional

Building the Sound of Security

I'm Sma Das, a cybersecurity professional at Warner Music Group based in New York. I specialize in application security, penetration testing, and building secure systems that protect organizations and their users.

With a background from Rochester Institute of Technology (Summa Cum Laude, 3.95/4.00 GPA), I combine deep technical expertise with a passion for research and knowledge sharing. My work focuses on identifying vulnerabilities, building defensive systems, and helping organizations stay ahead of emerging threats.

Get in Touch LinkedIn GitHub

Work Experience

Warner Music Group

Current

Security Engineer II

Mar 2024 - PresentNew York, NY

›Founded the Application Security program, reducing critical vulnerabilities by ~75% across systems processing $7B annually
›Architected end-to-end DevSecOps ecosystem integrating SAST, secret scanning, automated DAST, and security-as-code pipelines
›Built multi-tenant risk management platform unifying data from Wiz, Cisco Umbrella, GitHub, Ionix, and Rapid7

Google

Security Engineer Intern

Aug 2023 - Jan 2024New York, NY

›Part of the $20M Cybersecurity Clinic Initiative safeguarding critical U.S. infrastructure
›Accelerated vulnerability patching by 32% through automated workflow improvements
›Built multi-threaded Python pipelines to process security event data in real-time

IBM

Security Engineer Intern

May 2023 - Aug 2023New York, NY

›Minimized sensitive data exfiltration by 12% through weekly data privacy reviews
›Gained expert-level understanding of offensive cybersecurity and defensive integrations
›Performed threat analysis using Machine Learning and AI for detailed threat models

TryHackMe

Penetration Tester Intern

May 2021 - Dec 2021Remote

›Created pentesting boxes and vulnerable environments that trained 1M+ users in cybersecurity
›Performed vulnerability assessments on existing machines and built VMs to simulate attack scenarios
›Leveraged the platform extensively to develop hands-on penetration testing skills

Areas of Expertise

Cybersecurity

Web Development

Application Security

Penetration Testing

Network Security

Software Development

Certifications

Certified Ethical Hacker (CEH)

EC-Council

Jan 2024

Practical Network Penetration Tester

TCM Security

Dec 2022

CompTIA Security+

CompTIA

Sep 2022

CompTIA Network+

CompTIA

Aug 2022

CS50x: Introduction to Computer Science

Harvard University

Jun 2020

Languages

English·NativeHindi·NativeAfrikaans·ProfessionalDutch·ProfessionalGerman·Working

Let's Connect

Whether you're interested in cybersecurity consulting, collaboration on research, or just want to chat about the latest in security, I'd love to hear from you.

Get in Touch

Building the Sound of Security

Work Experience

Warner Music Group

Current

Security Engineer II

Mar 2024 - PresentNew York, NY

›Founded the Application Security program, reducing critical vulnerabilities by ~75% across systems processing $7B annually
›Architected end-to-end DevSecOps ecosystem integrating SAST, secret scanning, automated DAST, and security-as-code pipelines
›Built multi-tenant risk management platform unifying data from Wiz, Cisco Umbrella, GitHub, Ionix, and Rapid7

Google

Security Engineer Intern

Aug 2023 - Jan 2024New York, NY

›Part of the $20M Cybersecurity Clinic Initiative safeguarding critical U.S. infrastructure
›Accelerated vulnerability patching by 32% through automated workflow improvements
›Built multi-threaded Python pipelines to process security event data in real-time

IBM

Security Engineer Intern

May 2023 - Aug 2023New York, NY

›Minimized sensitive data exfiltration by 12% through weekly data privacy reviews
›Gained expert-level understanding of offensive cybersecurity and defensive integrations
›Performed threat analysis using Machine Learning and AI for detailed threat models

TryHackMe

Penetration Tester Intern

May 2021 - Dec 2021Remote

›Created pentesting boxes and vulnerable environments that trained 1M+ users in cybersecurity
›Performed vulnerability assessments on existing machines and built VMs to simulate attack scenarios
›Leveraged the platform extensively to develop hands-on penetration testing skills