Harsh Shah

Harsh Shah loved solving puzzles and writing code as a teenager. This led him to fun-filled time at SIM where he graduated as a Valedictorian with a distinction in computer science with the University of Wollongong. Currently, he is a Penetration Tester at ExpressVPN. His winning formula is to “put his head down”, focus on solving one puzzle at a time, persistently and steadily forward.

11 Jul 2023


3 mins


Briefly share with us your career path.

I graduated from the University of Wollongong (UOW) with a bachelor in computer science, specialising in digital systems security. I worked as a Software Developer for a few months after graduating, before moving into a consultant role as a Penetration Tester in KPMG. Subsequently, I moved to my current role, as a Red Team Penetration Tester at ExpressVPN.
Tell us about your current role.
As part of my current role, I perform security assessments and penetration tests on ExpressVPN’s products, services and internal infrastructure. These security assessments enable us to find security flaws that might allow external threat actors to compromise the integrity and security of ExpressVPN and its millions of users. Our team will suggest remedial actions for these security flaws and vulnerabilities, thus assisting ExpressVPN to improve on the overall security posture.
What sparked your interest in this field of work?
I loved writing code as a teenager and this resulted in me taking a degree in computer science. I wanted to build new applications and solve complex problems. Soon, I got an opportunity to learn about finding security bugs in complex systems and applications and took it. That landed me a role as a Penetration Tester. I started to enjoy my job of finding security issues. It was like solving puzzles. Sometimes I solved it, other times I don’t. I learnt from my seniors and mentors and got better at it. The more I solved, the better I got. Now, I am still going on, getting better at it. One puzzle at a time.
What are the key challenges you faced at work and how did you overcome them?
When I first joined ExpressVPN, I was overwhelmed by the complex technologies and infrastructure. There was so much to learn and understand about these complex systems. As part of my role, I was supposed to understand these systems and find security bugs in them. There were times when I was lost, confused and had no clue on how to move forward.
I was unsuccessful in finding good bugs for the most part. There are always new challenges when I learnt something new. I got most frustrated when I wasn’t able to solve a problem but someone else did and when I realised how simple the solution was. This caused me to doubt my abilities and lose my self-confidence.
Fortunately, I have great colleagues who would assist me and gave me time to figure issues out. I knew I just had to put my head down and confidently moved forward, which I did. Gradually, I started understanding these systems, and it became clearer to me with every step. I could finally see the big picture. Within a few months of joining the company, I led my first fieldwork. It wasn’t perfect but I was supported by my colleagues. I was far better than where I first joined. With every new project, I learnt something new and applied my learnings. Soon, I was able to deliver another major project.
It is a challenge to constantly get better so as to become the best version of myself. I am growing in confidence and I can feel that change in me. What has worked for me to overcome my self-doubts is to be confident and have faith in my abilities. I have learnt to just put my head down and grind it out. There is always something new to learn and they are all learning opportunities which eventually contribute to your career in a positive way. There is still a lot of work to be done but one small step at a time. 
How has the programme that you studied in SIM benefitted you?
A vast majority of the security bugs stem from insecure coding practices. In order to change this and build secure applications and systems, there is a need for engineers who can code efficiently and securely. The programme provided me comprehensive hands-on training for this and helped me understand the basic building blocks of computing. In this age of block chain and crypto currencies, it is fundamentally important to know the basics of computing and networking. The programme has taught me to be adaptable and how to apply the learnings to solve a problem. I have benefitted from everything that I have learnt during the programme. If I ever had the chance to revisit my past and change something, I wouldn’t. It provided me all the skills required for me to step into the industry.
Were your student days fun? Share with us a most memorable moment.
My most memorable moments in SIM were spent planning orientation camps for the UOW Student Council. I had a lot of fun planning these camps with other student leaders. It also taught me a thing or two about leadership and teamwork. Being awarded the “Helm” was one of my most memorable experiences as I was recognised for my leadership contributions to the Student Council.

Posted online 11 Jul 2023.
Learn more about the programmes offered by University of Wollongong at SIM today.