Ishita Kapur
Bengaluru
Summary
Cybersecurity professional with 10+ years of experience protecting networks, systems, and data from cyber threats. Skilled in identifying risks, responding to incidents, and building security solutions that support business needs.
Overview
10
10
years of professional experience
4
4
Certification
Work History
Senior Security Specialist
London Stock Exchange Group
01.2023 - Current
- Conduct security risk assessments and audits to identify vulnerabilities and ensure compliance with regulatory requirements.
- Prepare detailed security reports and documentation for management and regulatory bodies.
- Participating in red team activities
Security Delivery Team Lead
Accenture
08.2022 - 01.2023
- Lead and manage a team of security professionals, providing guidance, mentorship, and support.
- Oversee the delivery of security projects, ensuring they are completed on time and within budget.
- Conduct regular performance reviews and provide feedback to team members.
Consultant
Wipro
04.2021 - 08.2022
- Conduct security assessments, including vulnerability assessments and penetration testing.
- Develop and implement security policies, procedures, and solutions for clients.
Security Consultant 2
ProVise Consulting
10.2019 - 03.2021
- Lead security consulting engagements with clients, including risk assessments, compliance audits, and security architecture reviews.
- Assist in threat mitigation and risk calculations. (Threat Modelling)
Senior Cybersecurity Analyst
Network Intelligence
02.2018 - 10.2019
- Lead and conduct in-depth security assessments, including vulnerability assessments and penetration tests.
- Develop and implement security policies, procedures, and guidelines.
- Mentor and guide junior cybersecurity analysts.
- Coordinated with stakeholders for mitigation activities.
Cybersecurity Analyst
Tech Mahindra
07.2015 - 01.2018
- Conduct security assessments and penetration tests on networks, applications, APIs Thick client, etc.
- Develop and enforce security policies, standards, and guidelines.
- Conduct security awareness training for employees.
- Prepare detailed reports on security incidents, including root cause analysis and remediation recommendations.
Education
Bachelors - Electronics and Communication Engineering
Chitkara University
07.2015
Skills
Core Security Skills
- Red Teaming & Adversary Simulation
- Penetration Testing (Web, Mobile, Network, APIs)
- Application Security Testing (SAST, DAST, SCA)
- Active Directory Security & Exploitation
- Cloud Security (AWS, Azure, GCP)
- Container Security (Docker, Kubernetes, EKS/AKS)
- DevSecOps & Secure SDLC
- Threat Emulation & Attack Simulation (TTPs aligned with MITRE ATT&CK)
- Privilege Escalation & Lateral Movement
- Kerberos & Active Directory Attacks (Kerberoasting, AS-REP Roasting, Delegation Abuse, DCSync, Golden & Silver Ticketing)
- Pass-the-Hash / Pass-the-Ticket / Overpass-the-Hash
- Process Injection & Evasion Techniques (AMSI Bypass, Process Hollowing, DLL Injection, Inline Shellcode)
- OPSEC-Safe Operations & Beacon Management
- Command-and-Control (Cobalt Strike, Sliver, Nighthawk, Covenant, Empire)
- Red Team & C2: Cobalt Strike, Covenant, Sliver, Nighthawk, Mythic
- AD & Credential Abuse: Mimikatz, Rubeus, Kekeo, SharpHound, BloodHound, Powerview, Impacket
- Lateral Movement: WMI, PsExec, DCOM, WinRM, RDP, Kerberos Delegation Abuse
- Post-Exploitation: Token Impersonation, Skeleton Key, Shadow Credentials, SID History Injection
- Web & AppSec: Burp Suite, SQLmap, ffuf, OWASP ZAP, custom Python/Bash scripts
- Exploitation & Enumeration: Metasploit, Responder, CrackMapExec, Hydra, Hashcat, John the Ripper
- Security Architecture & Threat Modeling
- Secure Configuration & Hardening (Windows, Linux, Cloud)
- CI/CD Pipeline Security Integration
- Vulnerability Management & Exploit Development
- Detection Evasion vs EDR & SIEM
- Leading Red/Blue/Purple Team Engagements
- Security Awareness & Training Sessions
- Cross-Functional Team Collaboration
- Technical Mentorship & Knowledge Sharing
Websites
Certification
- Certified Red Team Operator (CRTO), Zero-Point Security, 19/08/25
- Offensive Security Certified Professional (OSCP), Offensive Security, 10/01/22
- Pentester Academy Cloud Security Professional (PaCSP), Pentester Academy, 09/01/21
- Certified Red Team Professional (CRTP), Pentester Academy, 11/01/20
Hobbies and Interests
- Dance
- Yoga
- Hiking
- Travel
Timeline
Senior Security Specialist
London Stock Exchange Group
01.2023 - Current
Security Delivery Team Lead
Accenture
08.2022 - 01.2023
Consultant
Wipro
04.2021 - 08.2022
Security Consultant 2
ProVise Consulting
10.2019 - 03.2021
Senior Cybersecurity Analyst
Network Intelligence
02.2018 - 10.2019
Cybersecurity Analyst
Tech Mahindra
07.2015 - 01.2018
Bachelors - Electronics and Communication Engineering
Chitkara University
Similar Profiles
VARUN AVARUN A
Associate Content Analyst at London Stock Exchange GroupAssociate Content Analyst at London Stock Exchange Group
Tanya GargTanya Garg
Customer Success Manager, Trading and Banking Solutions at London Stock Exchange GroupCustomer Success Manager, Trading and Banking Solutions at London Stock Exchange Group
Jeffrey McGuinnessJeffrey McGuinness
Full Time Employee at London Stock Exchange GroupFull Time Employee at London Stock Exchange Group
Ashani BandaraAshani Bandara
Analyst, Securities Data Collection at London Stock Exchange Group PLCAnalyst, Securities Data Collection at London Stock Exchange Group PLC
Ayushi SharmaAyushi Sharma
Emerging Architect at Shell India Markets Pvt LtdEmerging Architect at Shell India Markets Pvt Ltd