Summary
Overview
Work History
Education
Skills
Timeline
Generic

Amol Bhure

Summary

Dynamic Information Security leader with over 10 years of hands-on expertise and more than 6 years in managing and developing high-performing technical teams. Proven track record in establishing and fortifying security frameworks from the ground up, executing comprehensive security strategies, and protecting high-stakes projects. Areas of specialization include Application Security, Cloud Security, Governance, Risk & Compliance, Vulnerability Management, and Threat Hunting. Committed to mentoring teams and driving security initiatives that ensure compliance and foster innovation.

Overview

13
13
years of professional experience

Work History

Director Information Security

Saviynt
Bangalore
09.2024 - Current
  • Leading a team of 18 members, comprising managers, architects, principal pentesters, red team specialists, senior security engineers, and security engineers within the application security, red team, and GRC functions, to ensure comprehensive security coverage across the organization's product portfolio.
  • Collaborating with customers to address and resolve security-related concerns, particularly around vulnerabilities in Saviynt products, ensuring customer confidence, and alignment with security best practices.
  • Provided strategic guidance and support to the SOC team, contributing to incident response, and proactive threat detection.
  • Reviewed secure system design and maintenance, ensuring security standards, managing patches, and addressing product security issues with sales, labs, and research engineering teams.
  • Leading efforts to fortify product security, reduce vulnerabilities, and maintain regulatory compliance, ensuring a robust security posture across all operational areas.

Senior Manager - Information Security Engineering

PharmEasy (API Holdings Group)
Bangalore
10.2023 - 08.2024

Engineering Manager - Information Security Engineering

PharmEasy (API Holdings Group)
Bangalore
09.2021 - 09.2023
  • Serve as a Security Engineering Manager with additional responsibilities akin to those of a CISO
  • Report directly to the Co-founder & CTO of API Holdings
  • Built the entire Information Security team from scratch, now comprising 14 members, including 2 Lead Security Engineers, 4 Senior Security Engineers, 7 Security Engineers and two Interns
  • Crafted and executed information security strategies in line with business objectives, ensuring strong governance frameworks, policies and effective risk mitigation measures.
  • Enhanced efficiency via process automation, reducing project time and resource expenditure
  • Conducted Internal and External Vulnerability Assessment & Penetration Testing (VAPT) covering Web, Mobile, API, Cloud and Network, along with Governance Risk Compliance oversight
  • Developed and implemented the organization's information security strategies and policies
  • Obtained CERT-IN & SAR Audit Certificates for org, vital for RBI PCI DSS Compliance
  • Conducted risk assessments and developed risk management plans
  • Mentored team members to enhance their skills and adhere to industry standards
  • Provided security awareness training to 10000+ employees across API Holdings 31 subsidiaries
  • Led various high-profile projects, ensuring on-time and within-budget delivery
  • Managed security incidents and coordinated responses to security breaches
  • Implemented performance metrics to track team progress and promote accountability
  • Negotiated advantageous contracts with suppliers and vendors for tools and services
  • Designed & implemented secure architecture for the HDFC PharmEasy Co-branded Credit Card
  • Secure Software Development Life Cycle SSDLC processes, Secure Code Reviews and Threat Modeling.
  • Developed an interactive security training dashboard tailored for all technical employees.

Independent Contractor (Lead Security Engineer)

BlockFi Inc
Remote
11.2020 - 09.2021
  • Served as the inaugural Engineer representing India for BlockFi and was the first Security Engineer outside the USA to join the company
  • Played a Lead Security role in the Product and Platform Architecture team, leading a team of 9 members from India, Singapore, Poland, and Argentina
  • Implemented SAST, DAST and Threat Modeling processes
  • Configured & managed monitoring tools such as HackerOne, AWS WAF, Humio, Splunk, Orca, Tenable, etc
  • Designed and implemented the company's Vulnerability Management Process
  • Collaborated with the BlockFi Credit Card launch team, designing a custom column encryption scheme for robust protection of sensitive card-related data

Security Researcher

Attify
Bangalore
07.2015 - 10.2020
  • Specialized in breaking into high-security web and mobile applications.
  • Gained extensive experience in IoT security, including firmware exploitation, BLE and Zigbee hacking, and working with Arduino and Raspberry Pi.
  • Played a key role in developing and delivering courses and training programs on Mobile, DevOps, and IoT Security.
  • Conducted penetration testing for over 75+ web, Android, and iOS projects.
  • Developed new content on the latest exploits for the Mobile Security Exploitation Course, with the team delivering training at prominent global clients and prestigious security conferences like BlackHat, Defcon, Toorcon, Syscan, and OWASP AppSec.

Founder

The Secure Lab
Bangalore
05.2013 - 10.2020
  • Initially started taking projects from Upwork gradually built trust & a solid work culture with clients
  • Transitioned to working separately with these clients for longer periods
  • Managed corporate clients from diverse regions, including India, Austria, Denmark, Singapore, Hong Kong, Thailand, Cambodia, Vietnam and the Middle East, handling them independently for approximately six years until the COVID-19 pandemic.
  • My responsibilities included taking projects and delivering them on time, discussing critical vulnerabilities with stakeholders, and managing all aspects of projects from start to finish
  • Some projects required on-site work, leading to international travel and global client exposure
  • Projects focused on Web, Mobile and Network Security consultation.

Software Engineer Intern

Yahoo Inc
Bangalore
02.2012 - 05.2012
  • Worked on a couple projects and got exposure on various Yahoo tools and open sources
  • Also worked on a project which is a front-end library used across all applications developed by the yahoo team.

Education

Bachelor of Engineering (B.E) - Electronics And Communications Engineering

Visvesvaraya Technological University
Bangalore

MBA - Entrepreneurship And Leadership Management

Amity University
Online (Expected In 07/2026)

Skills

  • Leadership
  • Strategic Planning
  • Business continuity planning
  • Disaster Recovery Planning
  • Performance Management
  • Key Performance Indicators (KPI)
  • Objectives and Key Results (OKR)
  • Cross-functional team leadership
  • Operations Management
  • Risk management expertise
  • Hiring & Staffing
  • IT strategy, Innovation & Creativity
  • Stakeholder & Conflict Management
  • Threat Modeling & Intelligence
  • Security Architecture Development
  • Employee Motivation & Decision-Making
  • Web, Mobile, API Penetration Testing
  • GRC, ISO 27001, NIST, PCI DSS
  • Secure Code Review, SAST
  • DevSecOps, DAST, SCA

Timeline

Director Information Security

Saviynt
09.2024 - Current

Senior Manager - Information Security Engineering

PharmEasy (API Holdings Group)
10.2023 - 08.2024

Engineering Manager - Information Security Engineering

PharmEasy (API Holdings Group)
09.2021 - 09.2023

Independent Contractor (Lead Security Engineer)

BlockFi Inc
11.2020 - 09.2021

Security Researcher

Attify
07.2015 - 10.2020

Founder

The Secure Lab
05.2013 - 10.2020

Software Engineer Intern

Yahoo Inc
02.2012 - 05.2012

Bachelor of Engineering (B.E) - Electronics And Communications Engineering

Visvesvaraya Technological University

MBA - Entrepreneurship And Leadership Management

Amity University

Similar Profiles

CREATE PROFILE
Amol Bhure