Summary
Overview
Work History
Education
Skills
AREA OF INTEREST
Training
Certification
COMMUNITY AND MEET-UPS
Timeline

CHAITANYA KUMAR

Information Security/VAPT/Product Security
Bengaluru,KA

Summary

Experienced cyber security professional with expertise in product security, application security, network infrastructure, and cloud computing. Known for reliability, adaptability, and a strong emphasis on team collaboration. Skilled in systems analysis, troubleshooting, and automation with a proven track record in developing and implementing robust security strategies. Effective communicator and problem solver with analytical problem-solving skills and proactive defense measures. Eager to secure a position in a dynamic and supportive work setting to advance company goals and protect organizational assets.

Overview

10
10
years of professional experience
4
4
years of post-secondary education
2
2
Certifications

Work History

System Engineer (Cyber Engineering)

CBA India
08.2024 - Current
  • Conducting regular vulnerability scans using Qualys across the organization's network, applications, and systems.
  • Administration of Qualys tools, including configuration, updates, and troubleshooting.
  • Automating scanner deployment on AWS infrastructure.

Sr. Professional I (CyberSec)

Capgemini Engineering
07.2022 - 08.2024

Client: IKEA, Sweden.

  • End-to-end security planning and implementation of various security measures and tools.
  • Threat modeling of applications, system networks, enterprise distributed networks, etc.
  • VAPT of Staging and Production Application.
  • Integration of SAST and SCA tools into the CI/CD (Jenkins and GitHub) pipeline.
  • Working closely with multiple development teams and QA teams to deliver the highest quality software releases in a timely manner.
  • Support the software development team via various CI tools and build systems, identifying opportunities to continuously improve our processes with appropriate automation and reporting.
  • Ensuring continuous code quality checks with Black Duck, Polaris, SonarQube, and GHAS.
  • Managing GCP cloud security vulnerabilities using Google SCC.

Consultant (VAPT)

KPMG Global Services
11.2021 - 07.2022
  • VAPT of web application, Mobile application, thick client applications and APIs.
  • Code Quality/review by using checkmarx tool.
  • Integration of SAST tools to various enterprise products.
  • QC Analysis of Client provided VAPT reports.
  • Tracking of the reported issues and ongoing mitigations.

Sr. Security analyst (VAPT)

WIPRO Technologies
07.2019 - 10.2021
  • Penetration testing of web application, Mobile application, Thick client applications, servers and network devices.
  • Infrastructure Vulnerability Management using Tenable Security Centre and Rapid 7 Nexpose (Insight VM).
  • DAST of web and mobile applications using automated tools.
  • Configuration audit of network devices and security Devices.

Sr. Technical Analyst (VAPT)

Hexaware Technologies
09.2018 - 07.2019

Client: Texas Instruments, Bengaluru.

  • Project: Penetration Testing and Vulnerability Management.
  • Penetration testing of critical web applications, servers, and network devices.
  • Infrastructure Vulnerability Management on Tenable Security Center and IO.
  • Web application testing using HPE WebInspect and Burp Suite.

Server Administrator/ InfoSec Consultant

Escoforte Technologies
01.2017 - 09.2018
  • Performed VAPT and Configuration Audit Assessments for the following clients in varying horizons.
  • Preparing security test strategy and test cases.
  • Analysis the identified vulnerabilities and give appropriate recommendations to patch the vulnerability.
  • Web application security Manual and automated testing as per OWASP top 10.

Customer Support Engineer

VDA Infosolution
12.2015 - 12.2016
  • Client: Cognizant Technology Solution, Noida 135.

Education

PG - Cyber Security Management and Data Science

IIM Nagpur, Nagpur, India
05-2023

B. Tech - CSE

CIT Ranchi
08-2015

12th -

JAC Board
05-2011

10th -

JAC Board
05-2009

Skills

Skilled in system administration across various platforms

AREA OF INTEREST

  • Cloud & Container Security.
  • DevSec Ops.
  • Exploit Writing.

Training

  • Training on MCSA
  • Training on Cisco Certified Network Associate and PC Engineering.
  • Training on CEH
  • Currently Preparing for OSCP.

Certification

EXAM 312-50 CEH (CERTIFIED ETHICAL HACKER) V9

COMMUNITY AND MEET-UPS

BSIDES, Nullcon & Segfault.

Timeline

System Engineer (Cyber Engineering) - CBA India
08.2024 - Current
Sr. Professional I (CyberSec) - Capgemini Engineering
07.2022 - 08.2024
Consultant (VAPT) - KPMG Global Services
11.2021 - 07.2022
Sr. Security analyst (VAPT) - WIPRO Technologies
07.2019 - 10.2021
Sr. Technical Analyst (VAPT) - Hexaware Technologies
09.2018 - 07.2019
Server Administrator/ InfoSec Consultant - Escoforte Technologies
01.2017 - 09.2018
Customer Support Engineer - VDA Infosolution
12.2015 - 12.2016
IIM Nagpur - PG, Cyber Security Management and Data Science
CIT Ranchi - B. Tech, CSE
JAC Board - 12th,
JAC Board - 10th,
CHAITANYA KUMARInformation Security/VAPT/Product Security