Summary
Overview
Work History
Education
Skills
Websites
Certification
Accomplishments
Projects
Hobbies and Interests
Tools And Languages
Timeline
Generic

Amit Kumar

Pune

Summary

Security Engineer with experience at Zepto, focused on enhancing application resilience through threat modeling, penetration testing, and secure code review. Expertise in integrating security tools into CI/CD pipelines and promoting secure SDLC practices. Demonstrated success in identifying critical vulnerabilities and collaborating on effective remediation strategies. Analytical mindset dedicated to risk mitigation and maintaining a strong security posture.

Overview

7
7
years of professional experience
1
1
Certification

Work History

Security Engineer II

Zepto
Bangalore
01.2025 - Current
  • Conducted threat modeling exercises to identify security vulnerabilities in application architecture.
  • Executed manual and automated penetration tests on web, API, and mobile applications, revealing critical vulnerabilities.
  • Enhanced security posture of SDLC by embedding automated security checks into developer workflows.
  • Led application security initiatives, integrating various security tools into CI/CD pipelines.

Lead Security Consultant

Payatu Security Consulting Pvt. Ltd.
Pune
03.2020 - 12.2025
  • Conduct vulnerability assessment and penetration testing for web applications, API, mobile applications, and Infrastructure.
  • Perform automated & manual source code review on PHP, Java, NodeJS and Python.
  • Automating the Mobile Apsec with Semgrep.
  • Developing and implementing process improvements.
  • Introduce new initiatives.
  • Conducting performance reviews of team members.
  • Reviewing & Delivering quality work.
  • Conduct internal and external trainings on various topics related to security assessments.
  • Conducted secure code reviews to identify coding vulnerabilities and ensure adherence to secure coding practices.
  • Help Team to integrate security tool in CI CD pipeline.

Security Consultant

Freelancer
08.2018 - 08.2020
  • Performed manually and with the aid of tools security assessment over various web applications, Mobile Applications and Infrastructure., thick client Applications.

Education

Bachelor of Technology - Rajasthan Technical University

Govt College of Eng. And Technology
Bikaner
01.2018

Skills

  • Web & Mobile Application Security
  • SAST
  • Threat Modeling
  • Secure SDLC
  • SCA
  • Iac
  • Penetration Testing
  • Secure Code
  • Coding/ Review
  • DAST
  • AWS Cloud Security
  • Configuration Reviews
  • CI/CD integration

Certification

  • Certified Red Team Professional (CRTP), 04/01/22
  • Certified Ethical Hacker (CEH), 01/01/19

Accomplishments

  • Presented on Android Appsec at Seasides Information security conference.
  • UNVEILING MOBILE APP EXPLOITATION CVE-2022-32871.
  • Rewarded & Hall of fame from 30+ MNC's.
  • Submitted Critical to low severity security bugs in APPLE, ZOHO, CONDCX, TENX, Transferwise, Mastercard.
  • Presented on 'Creating code for bypassing Android Security Checks' at Redeem Security Summit.
  • Presented on 'Gaining Access to Protected Components In Android'.
  • Presented on 'Automating Android App vulnerabilities Discovery with semgrep'.

Projects

BUGBAZAAR, 12/01/23, Present, Android BugBazaar: Your mobile appsec playground to Explore, Exploit, Excel. IBUGBAZAAR, 12/01/24, Present, IOS BugBazaar: Your mobile appsec playground to Explore, Exploit, Excel.

Hobbies and Interests

  • Research on open source projects
  • Bug Bounty
  • Automate the things
  • Debugging

Tools And Languages

Burpsuite, Semgrep, Checkmarx, Nmap, Postman, Frida, Ghidra, Owasp top 10, SANS 25, MITRE Attack framework, OWASP ASVS, Python, Java

Timeline

Security Engineer II

Zepto
01.2025 - Current

Lead Security Consultant

Payatu Security Consulting Pvt. Ltd.
03.2020 - 12.2025

Security Consultant

Freelancer
08.2018 - 08.2020

Bachelor of Technology - Rajasthan Technical University

Govt College of Eng. And Technology

Similar Profiles

CREATE PROFILE
Amit Kumar