DEEPAK KAUSHIK
Application Security Lead
New Delhi
Summary
Seeking a challenging work environment to enhance knowledge, skills, and experience. Committed to utilizing these assets for personal and organizational growth, striving for optimal results.
Overview
9
9
years of professional experience
2015
2015
years of post-secondary education
2
2
Languages
Work History
Application Security (AppSec) Lead
Airtel Payments Bank
07.2024 - Current
- Transitioned from a vendor employee to a full-time role at Airtel Payments Bank.
- Leading the Application Security team of six professionals within the CISO team.
- Overseeing Vulnerability Assessment & Penetration Testing (VAPT) and Red Team exercises by collaborating with multiple vendors.
- Managing internal and regulatory audits, ensuring compliance with security standards.
- Conducting threat modeling to identify and mitigate potential security risks.
- Successfully deployed Checkmarx in the CI/CD pipeline to enhance secure code analysis.
- Managing and securing third-party integrations within the organization's ecosystem.
- Performing application architecture security reviews to identify and mitigate security gaps.
- Established and implemented the Secure Software Development Lifecycle (SSDLC) aligned with security requirements.
- Securing APIs, mobile applications, web applications, and microservices against vulnerabilities and cyber threats.
Team Lead Information Security
Accenture
07.2021 - 07.2024
- Initially joined as Senior Information Security Analyst, working on a US-based project focused on code review and web application security testing (SAST & DAST)
- Expanded expertise in cloud security and DevSecOps during free time and conducted brown bag sessions on Mobile Security and Android Reverse Engineering
- Transitioned to a new project after one year, specializing in VAPT (Vulnerability Assessment & Penetration Testing) for mobile applications (Android & iOS), web applications, and APIs
- Conducting security assessments, identifying vulnerabilities, and providing developers with remediation strategies
- Performing reverse engineering of mobile applications, exploiting security flaws, and creating PoCs and reports for developer remediation
- Handling security testing of applications and change requests, ensuring compliance with security standards
- Promoted in Dec 2022
- Key Achievements: Contributed to an internal DevSecOps automation project, which is now patented by Accenture, with my name included
- Earned Az-900 and CCSK certifications, and completed training on GCP and AWS
- Security Tools Used: Penetration & Security Testing: Burp Suite, IBM AppScan, HCL AppScan 360, Checkmarx, Fortify; Mobile Security & Reverse Engineering: Jadx, ApkTool, Frida, MobSF; Other Proprietary Security Tools
Senior Information Security Analyst (Android Security Expert)
INNEFU LABS
01.2016 - 06.2021
- Security Research & Reverse Engineering: Conducted reverse engineering, vulnerability research, exploit development, and penetration testing for clients and organizations
- Android Security & CVE Monitoring: Monitored and analyzed CVE vulnerabilities for Android, developed exploits, and automated security testing using custom scripts
- Secure Software Development: Designed and managed security-focused applications, including backend development, deployment, and maintenance
- Web Application Security: Performed security assessments for in-house and client web applications, patched vulnerabilities, and assisted in secure architecture design
- Training & Knowledge Sharing: Conducted security training sessions for government agencies, clients, and interns
- Server Management & Automation: Developed custom automation scripts for testing, server management, and secure deployment processes
- Key Projects & Contributions: Developed a fully encrypted communication platform for internal use, replacing WhatsApp within the organization; Developed a custom Android VPN application for internal and public use; Performed reverse engineering for security analysis and exploit development; Designed custom security and automation tools
- Additional Contributions: Attended and represented the company at various Information Security conferences; Worked on government and law enforcement projects (Confidential)
Education
BCA -
Maharaja Surajmal Institute
12th - undefined
Holy International School
10th - undefined
Kamal Public School
Skills
- Static Application Security Testing
- Dynamic Application Security Testing
- Supply Chain Analysis
- Red Team Operations
- Risk Assessment Framework
- Application Security Architecture Review
- Vulnerability Assessment in Code
- Reverse Engineering Expertise
- Expertise in Security Assessments
- Experience with Kali Linux
- Ubuntu Proficiency
- Multi-Cloud Security Expertise
- DevSecOps Implementation
- Docker Platform Proficiency
- Android Studio
- Visual Studio
- Sublime
- Python
- PHP
- Vbnet
Accomplishments
Successfully granted U.S. Patent for "System and Method for Automated Security Tool Integration," addressing key challenges in DevSecOps adoption.
Past Live Projects And Personal Projects
- Android Reversing tool: A tool written in Django framework to do automated reversing of android applications and generate reports in pdf format. Also does static and dynamic analysis of the applications and fuzzing of all the APIs included in the application.
- Tajmay: A firewall based on open source project OPNSense for a client to deploy it in different hospitality places. With features such as IDS, Antivirus, IPS, Net Monitoring, Captive Portal.
- SecureBusinessGroup.com: A freelance WordPress project.
- Patient Database: An Application in VB.net for a Dentist for storing the database.
- Designed posters, banners, etc. for a Jeweler brand in Photoshop.
- Have worked on a blog about Technology.
Certifications/Technical Qualifications
- CEHv9 Certification
- Az900 Certification
- CCSK Certification
- CCNA training from Rooman Technologies
- Hardware Networking from Rooman technologies
Software Exposure
Windows XP, Windows 7, Windows 8, Windows 10, Windows 11, LINUX (Server/Desktop), Mac OS, Python, PHP, Java Android, Kotlin, Flutter, Java-Core, VB.net, Virus Total, ExploitDB, Any Run, HTML, CSS, PHP, JavaScript, MySQL, Android, Web OS, Linux, iOS, Windows, Blackberry OS, ApkTool, Frida, Jadx, Jar Decompilers, Android Studio, Nmap, Wireshark, Burp Suite, Checkmarx, AppScan, Webinspect, xCode, MobSF, Snyk, Fortify, Veracode, Kali Linux, Metasploit, Nessus, Acunetix
Flexibility To Travel
100%
Timeline
Application Security (AppSec) Lead
Airtel Payments Bank
07.2024 - Current
Team Lead Information Security
Accenture
07.2021 - 07.2024
Senior Information Security Analyst (Android Security Expert)
INNEFU LABS
01.2016 - 06.2021
12th - undefined
Holy International School
10th - undefined
Kamal Public School
BCA -
Maharaja Surajmal Institute
Similar Profiles
Karthik Siddharth RKarthik Siddharth R
Assistant Manager of Sales at Airtel Payments BankAssistant Manager of Sales at Airtel Payments Bank
Priyesh Priyesh null
AVP – Data Engineering & Architecture at Airtel Payments BankAVP – Data Engineering & Architecture at Airtel Payments Bank
SHUBHAM KUMARSHUBHAM KUMAR
Site Reliability Engineer at AIRTEL PAYMENTS BANK / Nehish Software Pvt LTDSite Reliability Engineer at AIRTEL PAYMENTS BANK / Nehish Software Pvt LTD
Bharat GandotraBharat Gandotra
Lead Product Manager at Airtel Payments BankLead Product Manager at Airtel Payments Bank
Nitin DhamijaNitin Dhamija
Chief Finance Officer (CFO) at Expo Stand Services Pvt. Ltd.Chief Finance Officer (CFO) at Expo Stand Services Pvt. Ltd.