For this month’s employee interview, we talked with Sarthak Taneja, Security Engineer at Finoa. 

Coming from Delhi, Sarthak joined Finoa in 2022 and has been instrumental in setting up our security infrastructure. Known for his spirited nature, he is one of the youngest members of Finoa. 

In this interview, Sarthak talks about his professional background, what pulled him toward cybersecurity, and the highlight of his journey.

Can you tell us a bit about yourself? 

Hi, I am Sarthak. I work as a Security Engineer at Finoa, with a focus on Security Infrastructure and Operations. 

While growing up, I was an inquisitive child. I was known for breaking things to understand how they work. In my mission to comprehend how the world functions, I got pulled toward hacking. Intrigued by the complexity, I decided to pursue a career in cybersecurity. 

How did you end up in Finoa? 

I started my education in security in 2017 with a Bachelor's in Information Security. After finishing my internship at Panasonic in 2019, I started working as an Information Security Engineer at a financial services provider. The time spent working at one of the largest fintech companies was fruitful, but I soon realized that I was ready for my next adventure. 

I stumbled upon Finoa while looking for new opportunities. The prospect of working for a crypto asset platform working in Web3 excited me as I was looking for more complex problems to solve this time. I applied for the role and moved to Berlin in 2022 after being accepted. 

What does a regular day look like for you? 

My day starts with an overview of the tasks due, which usually involve engineering processes and architecting security infrastructure. Currently, we are migrating internally which means that we get to organize threat modeling sessions for infrastructural applications and learn more. 

A large portion of my role as a security engineer involves building detective and reactive controls. As a crypto platform, you never know what may hit you, so you need to prepare for all the possibilities. The first step of structuring a secure infrastructure is assuming all entities are exposed to some level of threat. Drafting a cyber resilience plan is a necessity. 

My job is to build infrastructure with safety nests and to counter unknown attack vectors by building multiple layers of security controls. 

What does Finoa do to ensure the utmost security of the platform?

As a crypto-asset platform, one of Finoa’s key responsibilities is providing the utmost security. Our customers, which include high-net-worth individuals, VCs, and institutional investors, trust us with their crypto funds. It is on us to create a safe and resilient platform infrastructure. 

We conduct penetration tests and source code reviews on a regular cadence to check the resilience of our infrastructure.

Our customers & employees are our assets. We secure their devices and activities to safeguard sensitive information. Cyber resilience plans and disaster recovery models are drafted to gain control back in the event of a mishap. 

What has been the highlight of your journey so far? 

When I first entered the industry, I was a bug hunter and worked as a penetration tester. It was fun breaking things. I was convinced that it was where I wanted to stay and work. My previous manager, however, pushed me to explore other domains. He believed that it is crucial to know all the intricacies and get the know-how of the industry to become a security expert.

That ended up being the turning point of my career. Learning about other processes taught me to see the bigger picture and connect the dots. It sharpened my ability to foresee and prepare for the future. And here I am, Thinking Red and Acting Blue.

If you were to give a piece of advice to someone about staying safe online, what would it be?

Be aware of the data you share. 

We are lucky to be living where privacy is a huge concern. The EU has drafted regulations like GDPR to prohibit the misuse of personal data. However, as individuals, we need to navigate the internet cautiously. While browsing, read the cookie policy, select your preferences, and never click on suspicious links. 

Even one wrong click can lead to significant consequences for the organization. 

Thank You for talking with us, Sarthak. Let’s end with a rapid-fire: 

Where can one find you after work? 

In a bouldering gym or a park reading some book.

What is the one thing you do to secure your devices?

I have two personal laptops, one of which is a sandbox device that I use to open suspicious files.

How would you describe yourself using one word?

A wrangler.

Interested in joining Finoa? Check out our open positions