Objective
Summary
Certification
Work History
Education
Teacher

RAVISHANKER KUSUMA

Security Architect
Bangalore

Objective

To apply my expertise as a Security Architect to develop and implement  advanced security frameworks, enabling organizations to proactively  defend against cyber threats and achieve a robust and resilient security  posture.

Summary

  • Professional with about 19+ years of rich experience in all phases of SDLC in Mobile, Telecom & Fintech domains.
  • 10+ years of experience in Application Security Development , Secure Product Lifecycle, Threat Modeling, Application Security, API Security, Mobile Security, Vulnerability Assessment & Penetration testing.
  • 3+ years of experience in iOS App Development
  • Experience with secure SDLC methodologies, including the integration of security tools into CI/CD pipelines, and proficiency in static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), Interactive application security testing (IAST), and Container scanning tools.
  • In-depth knowledge of application security principles, secure coding practices, and common vulnerabilities (such as OWASP Top 10)
  • Proficient in programming languages JavaScript/Node.js, Python, PHP, Objective-C, Java & C/C++.

Certification

Certified Ethical Hacker (CEH)

Work History

Security Architect

PayPal
Bangalore
01.2022 - Current

Security Architect

PayPal
Singapore
12.2016 - 01.2022
  • Led application security initiatives throughout the SDLC, providing expertise and guidance to development teams
  • Conducted comprehensive application security assessments, including SAST, DAST, IAST & Container scanning, identifying vulnerabilities and providing remediation recommendations
  • Integrated security tools into CI/CD pipelines, ensuring security testing is automated and integrated seamlessly
  • Collaborated with cross-functional teams to implement secure coding practices and perform code reviews to identify and mitigate security risks
  • Developed and delivered application security training sessions to educate developers on secure coding practices and common vulnerabilities

Application Security Engineer

Ness Technologies ( Client: PayPal)
Singapore
04.2016 - 12.2016
  • Designed and developed a comprehensive portal for streamlined Pentesting workflows, encompassing Pentest requests, Jira ticket management, and automated report generation.
  • Conducted comprehensive penetration tests and vulnerability assessments for PayPal web & mobile applications.
  • Conducted regular security training sessions for employees to raise awareness of potential threats and best practices.

IOS Developer

Helius Technologies ( Client: DBS Bank)
Singapore
09.2014 - 04.2016
  • Development of Digibank app for DBS bank.
  • Conducted comprehensive security assessments of mobile applications, platforms, and devices, identifying vulnerabilities and risks.
  • Performed penetration testing and code review to identify security flaws and recommended remediation measures.
  • Collaborated with cross-functional teams to design and implement secure mobile architectures and frameworks.
  • Conducted security audits and risk assessments to identify compliance gaps and recommended corrective actions.
  • Provided security training and awareness programs for mobile application developers and users.

Product Development Lead

Kony Labs
Hyderabad
04.2013 - 09.2014
  • Design and development of Mobile applications.
  • Developed necessary iOS FFI libraries for Mobile Device Management Project
  • Developed MDM iOS application.
  • Guided team members in iOS MDM feature development.
  • Design and development of Mobile Application Management (MAM) application.

Tech Lead

Ness Technologies ( Client: PayPal )
Chennai
02.2011 - 03.2013
  • Design and development of PayPal mobile application.
  • Deployment of Site-wide SSL Resumption keys.
  • Developed a tool to monitor SSL resumption status using CAL logs.
  • Development of XSS, CSRF frameworks, and fixing authentication bypass issues.

Senior Engineer

Cdot Alcatel-Lucent Research Center Pvt. Ltd
Chennai
10.2006 - 02.2011

Project: UMTS Femtocell BS – Offshore Platform Team (Linux, C/C++)

  • Development of AGPS feature and bug fixes.
  • Management of Firewall profile and activation mechanism for different variants.
  • Develop APIs for runtime firewall users.
  • Upgraded of Strongswan package for USIM feature support

Project: Wimax CPE Development (VxWorks, C/C++)

  • Implementation of Standard and proprietary SNMP MIBs.
  • Design and Development of CPE webpages.
  • Developed CLI interface to interact with the CPE.
  • Development Configuration and Profile Management Module.
  • Store/retrieve, notify and backup/restore mechanism
  • Remote system upgrade/downgrade mechanism
  • Integration and testing EAP-TTLS.
  • Unit Testing and Integration testing for all features
  • Performed IOT of this product at the Plugfest-2008 in Taiwan organized by Wimax forum

Member Technical Staff

SemIndia systems Pvt Ltd, Information, Pvt Ltd
Bangalore
06.2004 - 10.2006

Projects: 5X , 4X-Reference & 4X-COMET

  • Evaluated different embedded databases such as polyhedra, extremeDb, etc for the purpose of cost optimization
  • Ported the existing database to extremeDb database.
  • Implemented homegrown Database, in order to overcome the royalty of the database.
  • Implemented standard SNMP MIBs.
  • Design and implementation of proprietary MIBs (configuration, connection, performance, and alarms).
  • Coordinating and guiding the EMS team in developing a TL1/SNMP based GUI for the product.

Education

M.Tech - EEE

NIT Trichy
Trichy
06.2002 - 06.2004

B.Tech -

JNTU Colleges of Engineering
Anantapur
07.1998 - 04.2002

Intermediate - M.P.C

Navodaya Co-Op Junior College
Guntur
04.1996 - 04.1998
RAVISHANKER KUSUMASecurity Architect