Summary

Overview

Work history

Education

Skills

Certification

Languages

References

Timeline

Abhishek Kumar

Bengaluru,India

Summary

Cybersecurity professional with 12+ years of experience across Application Security, Enterprise Vulnerability Management & GRC within regulated BFSI environments. Strong background in risk-based vulnerability prioritization, zero-day response, CAB-aligned remediation, and CISO-level reporting. Proven ability in driving measurable risk reduction. Looking for next role in EU (sponsorship required).

Overview

years of professional experience

years of post-secondary education

Certification

Work history

Deputy Manager – Application Security & Penetration Testing

Deloitte

Bangalore, India

2024.04 - 2026.02

Lead application security assessments across web, API, thick-client, and cloud platforms for global banking clients.
Perform black-box, grey-box, and white-box penetration testing aligned with OWASP Top 10 and CVSS.
Deliver executive-level risk summaries and detailed technical reports with policy-aligned remediation guidance.
Govern CAB-aligned vulnerability scanning, executing emergency scans and fast-tracked patching for critical and zero-day vulnerabilities.
Validate remediation through retesting and mentor teams to improve assessment quality and consistency.
Review and implementation of ISO/IEC 27001-aligned security controls alongside NIST-based risk prioritization to strengthen application security governance and compliance posture.

Vulnerability Management Lead

Infosys Limited

Pune, India

2022.02 - 2024.03

Owned end-to-end enterprise vulnerability management for a large insurance firm.
Managed Qualys VMDR lifecycle including authenticated scanning, asset grouping, and coverage optimization.
Integrated threat intelligence and CISA KEV data into prioritization workflows, reducing critical vulnerabilities by ~60%.
Built CISO-level KPI/KRI dashboards and improved remediation SLA adherence through governance and automation.
Applied CIS Benchmarks to support vulnerability management and configuration hardening, strengthening baseline security posture across infrastructure and applications.
Translated technical findings into business-level risk narratives to support leadership decision-making.

Cyber Security Intern

Infosys Limited

Pune, India

2022.01 - 2022.12

Supported enterprise vulnerability reporting and remediation tracking.
Performed internal vulnerability management maturity audits as part of VM Centre of Excellence.
Conducted network penetration testing and authenticated scan health checks to ensure compliance.

Test Automation Engineer / DevSecOps Security Engineer

Infosys Limited

, Netherlands (Onsite), India

2013.09 - 2021.12

Integrated SAST and DAST controls into CI/CD pipelines, enabling early identification of application security risks.
Participated in threat modeling and secure design reviews to identify architectural risks during early SDLC phases.
Collaborated with development and product teams to embed security requirements into Agile sprint planning and code reviews.
Implemented automated security testing alongside functional test automation to support DevSecOps practices.
Trained developers and engineers on secure coding standards, CI/CD security tooling, and vulnerability remediation.

Education

Master's Degree - Cyber Security

NIIT University

Neemrana, Rajasthan, India

2020.12 - 2022.12

Skills

Enterprise Vulnerability Scanning (Qualys VMDR)
Application Security - SAST / DAST (Checkmarx, SonarQube, Burp Suite)
Zero-day & Threat Intelligence Response

DevSecOps, Shift-Left Security & Threat Modelling
Security Governance, KPIs / KRIs

Certification

CEH
AZ-900
CISSP (In Progress)

Languages

English (Professional)

Hindi (Native)

References

References available upon request.

Timeline

Deputy Manager – Application Security & Penetration Testing

Deloitte

2024.04 - 2026.02

Vulnerability Management Lead

Infosys Limited

2022.02 - 2024.03

Cyber Security Intern

Infosys Limited

2022.01 - 2022.12

Master's Degree - Cyber Security

NIIT University

2020.12 - 2022.12

Test Automation Engineer / DevSecOps Security Engineer

Infosys Limited

2013.09 - 2021.12

Abhishek Kumar

Summary

Overview

Work history

Deputy Manager – Application Security & Penetration Testing

Vulnerability Management Lead

Cyber Security Intern

Test Automation Engineer / DevSecOps Security Engineer

Education

Master's Degree - Cyber Security

Skills

Certification

Languages

References

Timeline

Deputy Manager – Application Security & Penetration Testing

Vulnerability Management Lead

Cyber Security Intern

Master's Degree - Cyber Security

Test Automation Engineer / DevSecOps Security Engineer

Similar Profiles

DEBASISH PATELDEBASISH PATEL

Mayank AroraMayank Arora

Hema Sujith PolamHema Sujith Polam

JONATHAN SULDOJONATHAN SULDO