Aseem Chopra
Product security engineer specializing in mobile, identity, and connected-vehicle systems across iOS, Android, firmware, and backend services. I own end-to-end security architecture and ship production features with cross-functional teams.
Skills
- Languages: Python, C, C++, Go, PowerShell, Swift, Bash, Clojure, ClojureScript
- Mobile & IoT security: Android, iOS, watchOS, Zephyr, React Native, BLE, NFC, UWB
- Security tooling: Nmap, Frida, Burp Suite, Wireshark, Bettercap, Metasploit, Ghidra, Docker
- Identity & cryptography: SAML, JWT, PKI, HSM integration, TLS 1.3, elliptic-curve crypto, wolfSSL
- System design: end-to-end security architecture for connected-vehicle systems (mobile, backend, firmware)
- Threat modeling, protocol analysis, and penetration testing across mobile, firmware, and services
Experience
Product Security Engineer
• Vouch.ioSep 2022 — Dec 2025 • Remote- Owned end-to-end BLE authentication for iOS and watchOS to enable passwordless vehicle access (GATT flows, device registration, public-key exchange, replay protection, and secure background operation).
- Designed TLS 1.3 session resumption backed by HSM-managed keys for automotive key fobs, improving connection reliability while preserving forward secrecy and hardware-enforced key isolation.
- Built a cross-platform mobile security framework (iOS/Android) using hardware-backed key storage, integrity verification, jailbreak/root detection, and runtime risk assessment.
- Owned security architecture across mobile, backend, and firmware for connected-vehicle systems; led design reviews and remediation decisions with engineering and product leadership.
- Shipped a proximity-based digital key sharing feature enabling secure cross-device key transfer between iPhones using encrypted key-wrapping patterns.
- Reverse engineered Windows Credential Provider flows to validate passwordless login behavior, identify security gaps, and ensure SAML interoperability with enterprise IdPs.
- Found and validated BLE stack and firmware vulnerabilities via protocol analysis, packet captures, and custom tooling, partnering with engineering teams to ship mitigations.
- Built an internal GitHub App & Next.js dashboard to aggregate GitHub Projects milestones and generate a company-wide visual delivery timeline.
Junior Security Analyst
• Vouch.ioSep 2021 — 2022 • Remote- Contributed to research that led to a US-granted patent in secure automotive communication by reviewing security architecture and protocol flows.
- Translated low-level firmware–mobile protocol documentation into higher-level architecture diagrams and specifications, improving cross-team alignment and review velocity.
- Performed STRIDE-based threat modeling for client ECU integrations, identifying trust-boundary gaps and abuse cases and recommending design changes.
- Executed penetration tests and security assessments across Android/iOS apps, embedded firmware, and backend services, delivering actionable remediation guidance.
- Contributed to cryptographic protocol design and implementation reviews for mobile and IoT products in production environments.
- Authored and automated SDK documentation and internal guides, and helped deliver onboarding and security training for new hires.
- Participated in GDPR and CCPA compliance assessments by mapping PII data flows and driving remediation recommendations.
Profiles
Honors
- Hack The Box: Top 160 globally (out of 250K+) by compromising 200+ virtual machines.
- Competitive Programming: Top 900 on SPOJ (out of 300K+) solving hundreds of algorithmic problems.
Education
- MBA, Marketing and AIIndian Institute of Management, Kashipur
Focus on AI-driven products and security-conscious go-to-market.
- B.E., Information TechnologyGuru Gobind Singh Indraprastha University
Algorithms, data structures, computer networks, and cybersecurity foundations.
- High SchoolThe Mother's International School
Science with Economics
Ready for your next security challenge.
Open to security engineering, consulting, and R&D opportunities.