Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic
Anshuman Kumar

Anshuman Kumar

Security Architect
Gurgaon

Summary

Experienced Cybersecurity Architect with 9 years of expertise in Application Security, Cloud Security, Secure SDLC, and DevSecOps automation, driving risk reduction and compliance across large enterprise and financial services environments.
Proven success in integrating SAST, DAST, SCA, and container security tools into CI/CD pipelines, leading threat modeling (STRIDE), secure SDLC, and implementing encryption (AES, RSA, TLS/SSL) & cryptography to safeguard data in transit and at rest.

Expert in designing secure by design architectures across cloud-native and enterprise environments aligned with RBI, ISO 27001, and PCI DSS compliance for BFSI and SaaS environments. Experienced in collaborating with global clients to design secure cloud-native architectures and advise on Cloud Security Posture Management (CSPM), IAM, and zero-trust implementation.

Overview

10
10
years of professional experience
1
1
Certification

Work History

Senior Security Consultant

EY
11.2025 - Current
  • Conduct SAST and MCD triaging for enterprise applications, analyze scan findings from Checkmarx, Fortify, and SonarQube, prioritize vulnerabilities by business impact, and coordinate developer remediation workflows.
  • Lead threat modeling workshops (STRIDE + MITRE mapping) during the design and architecture phases to identify and enumerate risks early in the SDLC.
  • Provide mentoring and technical guidance on secure design, threat modeling, and vulnerability remediation to engineering leads and security champions.

Security Architect

Comviva
03.2024 - 04.2025
  • Integrated threat modeling based on STRIDE & MITRE ATT&CK to identify all the risks & threats in the early stage of secure SDLC (SSDLC).
  • Implemented data encryption, cryptography, and secret key management using AES, RSA, and TLS/SSL protocols, along with Hashicorp/Azure key vault for secure key management.
  • Led secure SDLC initiatives by embedding automated SAST, DAST, SCA, and container security tools (Fortify, JFrog, Acunetix, Trivy) into CI/CD pipelines (Jenkins, GitHub), improving vulnerability remediation timelines by 35%.
  • Conducted training session on OWASP Top 10 for App, API & Cloud with 200+ developers to promote secure coding practices.
  • Conducted end-to-end architecture security assessments covering infrastructure, cloud, and application layers; delivered actionable recommendations that reduced high-risk vulnerabilities by 40%.
  • Used python for log parsing, workflow automation, and creating report dashboards to reduce manual effort by 40%.
  • Secured the API gateway by implementing the API rate limiting and reduced the incoming traffics & risk of DDoS attack.
  • Responded to customer security questionnaires, RFP security sections, and InfoSec addendums, enabling smooth onboarding of external clients.

Cyber Security Manager

TruBoard Partners
02.2022 - 02.2024
  • Applied Azure Security Center policies,Microsoft Purview, WAF, AWS GuardDuty & CloudTrail, and monitoring tools (Grafana,Prometheus) to enhance cloud-native security posture in hybrid cloud environments.
  • Designed architectural artifacts(HLD/LLD) and data flow diagram.
  • Designed and reviewed security architectures for cloud-native and hybrid systems, ensuring alignment with NIST, ISO 27001, and industry best practices.
  • Reduced the security incidents by 40% using open source SIEM tool (Wazuh) by integrating with other NIDS tools (Suricata, Snort).
  • Partnered with SOC teams during incident investigations, provided architecture-level guidance, and conducted root-cause analysis for cloud and application security incidents.
  • Secured the SDLC by integrating SAST/DAST/SCA tool with CI/CD pipeline (Jenkins, Azure DevOps, GitHub) and provided training for secure coding guidelines (Java, Python).
  • Delivered regular VAPT assessments using OpenVAS, Nessus, Tenable & Burpsuite tool.
  • Reviewed Terraform templates and IaC configurations to identify misconfigurations in IAM, networking, and storage settings.
  • Implemented CIS-benchmarked hardening across Linux, Windows, and cloud workloads; optimized firewall rules, IAM policies, and encryption standards to reduce the attack surface.

Information Security Analyst

Indialends
01.2018 - 02.2022
  • Secured AWS workloads using GuardDuty, IAM, KMS, CloudTrail, Security Hub and Azure workloads using Defender for Cloud, Key Vault, IAM, and Policy.
  • Developed security policies and patch management frameworks that ensured compliance with ISO 27001 and SOC2 regulatory and audit requirements.
  • Managed firewall and server hardening in alignment with CIS benchmarks, defining firewall policies and implementing IDS/IPS & traffic throttling controls to mitigate DDoS attacks.
  • Analyzed network traffic and system logs to detect malicious activities and UEBA from NIDS & Endpoint security tools (EDR, XDR).
  • Designed security control standards, configuration baselines, and architecture review checklists to streamline governance and reduce review time by 30%.

Technical Support

Balj Technology
01.2017 - 12.2017
  • Improved IT service management efficiency by deploying a ticketing system that reduced average issue resolution time by 20%.
  • Provided on-site and remote support for complex technical issues, consistently achieving 95%+ customer satisfaction scores.
  • Delivered end-to-end network design, installation, and maintenance services for SME clients, ensuring secure and resilient infrastructure.

Education

B.tech - Computer Science Engineering

IIMT College of Engineering
07-2017

Skills

Secure Code Review (Auth, Crypto, OWASP)

,

Firewall & Infra Security (WAF, IDS/IPS)

,

Secrets & Key management (Azure Key Vault, AWS KMS)

,

OWASP Top 10 (Web, API, Cloud, LLM)

,

Zero Trust Architecture

,

Risk & Compliance (PCI-DSS,ISO 27001)

,

Data Protection & Encryption (AES, SSL/TLS, Key vault)

,

Incident Response & Threat Detection(SIEM,NIDS,EDR/XDR)

,Identity & Access Management (IAM, SSO, MFA),

API & Cloud Security (Microsoft Purview, AWS CloudTrail)

,

Vulnerability Management & Penetration Testing

,

DevSecops & CI/CD Security (SAST,DAST,SCA)

,

Python & Powershell scripting

,

Threat Modeling (STRIDE, MITRE ATT&CK)

,

Secure by Design Architecture

Certification

  • ISO 27001 Auditor, The Knowledge Academy, August 2023 — Present
  • Cyber Crisis Management Professional, FCRF, August 2025 — August 2028
  • CISSP - In Progress

Languages

English
Hindi

Timeline

Senior Security Consultant

EY
11.2025 - Current

Security Architect

Comviva
03.2024 - 04.2025

Cyber Security Manager

TruBoard Partners
02.2022 - 02.2024

Information Security Analyst

Indialends
01.2018 - 02.2022

Technical Support

Balj Technology
01.2017 - 12.2017

B.tech - Computer Science Engineering

IIMT College of Engineering
Anshuman KumarSecurity Architect