Sathish Kumar

• Lead the Cyber Defense practice with a strategic focus on securing National Critical Infrastructure (NCI) across both IT and OT environments.
• Oversee 24/7 IT/OT Security Operations Center (SOC) operations, ensuring real-time threat detection, incident response, and coordinated remediation.
• Drive the IT and OT Vulnerability Management program, including asset discovery, risk-based prioritization, remediation strategies, and compliance reporting.
• Manage and execute advanced penetration testing and red teaming exercises, simulating real-world adversaries to uncover exploitable gaps and improve cyber resilience.
• Provide end-to-end cybersecurity services and consultation to critical sectors, aligning security controls with operational and regulatory requirements.
• Collaborate with engineering, automation, and threat intelligence teams to evolve detection capabilities, improve response efficiency, and enhance overall security posture.
• Champion process maturity by integrating people, technology, and threat-informed defense strategies to protect complex cyber-physical systems.

Leadership & Team Enablement Key Projects & Technical Innovations

• Lead and coordinate Red Team engagements, emulating real-world adversaries to uncover critical weaknesses and validate detection/response capabilities.
• Lead the enterprise-wide IT/OT Vulnerability Management function, driving risk reduction initiatives across infrastructure, cloud, applications, and ICS/SCADA systems.
• Collaborate with the SOC team to enhance detection efficacy by building and integrating custom alert rules and providing expert support during complex incident investigations.
• Conduct black-box and white-box penetration testing across mobile apps, web applications, internal infrastructure, and cloud environments (Azure, AWS) to identify and mitigate security flaws.
• Engage closely with developers and product owners to prioritize remediation, validate fixes, and support secure deployment pipelines.
• Perform root cause analysis (RCA) on security incidents to identify systemic issues and integrate preventive measures across the organization.
• Champion DevSecOps and Shift-Left security practices by embedding automated security tests into CI/CD pipelines and integrating with development workflows.
• Fine-tune and maintain scanning tools like Tenable Nessus, Qualys, Nozomi and Acunetix, optimizing scan profiles, validating results, and reducing false positives.
• Provide hands-on technical mentorship and strategic guidance to the vulnerability and application security teams.
• Standardize vulnerability lifecycle processes, enforce SLAs, and ensure business-aligned remediation strategies.
• Rogue Host Detection Framework: Integrated Active Directory, Microsoft Defender ATP, Carbon Black, and CMDB data to proactively detect unauthorized devices in real-time.
• Unified Vulnerability Management Dashboard: Built a solution aggregating scanner data to visualize vulnerabilities by asset custodian, location, and criticality.
• Assessment Automation Platform: Automated the end-to-end process of VA and web application scan requests, reducing SLA from 7 days to a few hours.
• BAAR Portal: Developed the Business Application Assurance Review portal to reconcile application-level identities with IGA data, detecting orphaned, leaver, and non-compliant accounts.
• Continuous Asset Discovery System: Engineered a custom asset inventory tool for real-time device identification across segmented networks.
• Delivered multiple automation solutions to streamline reporting, approvals, and compliance workflows.

Responsibilities:

• Lead Red Team Engagements.
• Assist SOC in adding custom detections rules and provide support in incident management.
• Conduct Black Box and White Box Penetration testing on their infrastructure, Mobile Application, Web Application and Cloud Infrastructure to find security vulnerabilities.
• Work Closely with Developers and product owners to prioritize, develop and deploy fixes for the identified vulnerabilities across different applications.
• Perform Root Cause analysis for security Incidents across the organization.
• Design and develop scripts to add as part of CI/CD pipelines to automate security testing.
• Implement Shift Left approach for security in SDLC.
• Fine tune scanner settings and troubleshoot false positives in Nessus and Acunetix.
• Lead the team and provide guidance where ever required in all technical aspects.

Design and Development:

• Developed a rogue host detection framework and system by integrating AD, MDATP, Carbon Black and CMDB.
• Developed Unified Vulnerability Management dashboard with PowerBi and Python by integrating data from different scanners and data sources to get overview of the whole organization landscape by mapping location, custodian and vulnerability status.
• Designed and developed automation solution to handle Vulnerability Assessment and Web Application scanning request submission to report delivery which have reduced the SLA from 7 Days to Few Hours.
  
• Designed and developed Business Application Assurance Review (BAAR) Portal to allow the application team to reconcile the application user data with IGA identities to identify leaver’s accounts and non-compliance accounts in the application and also provide reporting.
  
• Designed and developed Certification Tool to confirm if users still required to retain their local admin permissions.
  
• Developed a continuous asset discovery and inventory system to identify all the devices across different subnets.
• Developed various other automations using Power automate, SharePoint Online and Python.

• Vulnerability discovery and assessment (VAPT) on different categories such as Host, Mobile, Web Application and Cloud.
• Offering training programs related to Information Security for Developers.
  
• Work closely with developer's to fix the identified security problems.
• Implement Security tool-chain to DevOps life cycle.

Client: Oil & Gas Industry

Responsibilities:

• Conduct Black Box and White Box Penetration testing on their infrastructure and Mobile Application to find security vulnerabilities.
• Work closely with Developers and Product Owners to prioritize and deploy fixes for the identified vulnerabilities.
• Perform Source Code Review to find issues related to coding practices.

Client: Telecommunication Industry

Responsibilities:

• Conduct Black Box and White Box Penetration testing on their infrastructure, Mobile Application, Web Application and Cloud Infrastructure to find security vulnerabilities.
• Work Closely with Developers and product owners to prioritize, develop and deploy fixes for the identified vulnerabilities for each Release Cycles.
  
• Write automation scripts for OS hardening based on MBSS and CIS benchmarks.
• Perform checks on a hardened system to meet the MBSS requirements on Google Cloud Environment.
• Perform Root Cause analysis for security Incidents across the organization.
• Propose and implement tools to improve root cause analysis on applications issues.
• Manage and review security policies & incidents in Web Application Firewall.
• Design and develop scripts to add as part of CI/CD pipelines to automate security testing.
• Implement Shift Left approach for security in SDLC.
• Review Business Logic for potential security issues.

Design and Development:

• Developed various automation scripts to reduce time and efforts of DevOps engineers.
• Worked on building automation scripts to monitor and report issues in relevant Slack channels.
• Integrated sentry.io with the applications to monitor and assign issues to relevant developers based on their commit data.
• Developed monitoring scripts using various API's and OSINT techniques to monitor threats and data leaks related to the organization.

Achievements:

• Found several complex vulnerabilities in the client system which was hidden for around 2 years.
• Innovation Award Q1 2020 for innovative ideas and then making the idea a reality in Project.
• Ranked 5th in the world during the completion of Advanced Red Team Simulation Lab called Cybernetics from HackTheBox.

• Specialized in vulnerability research and exploit development across a wide range of assets including web applications, APIs, mobile apps (iOS/Android), cloud infrastructure, and hardware devices.
• Identified and reported numerous critical vulnerabilities in Fortune 500 companies, including authentication bypasses, remote code execution, privilege escalations, IDORs, and data exfiltration issues.
• Conducted deep-dive testing using black-box, grey-box, and white-box approaches, uncovering complex chained attack vectors in production systems.
• Regular contributor to coordinated disclosure programs with a strong track record of high-severity reports and public acknowledgments.
• Adept in reverse engineering firmware and binaries, identifying hardware-level flaws and undocumented interfaces in embedded devices.
• Recognized for multiple Hall of Fame listings, cash bounties, and impact-based rewards for responsibly disclosed vulnerabilities.
• Skilled in writing clear and actionable reports with reproduction steps, proof-of-concept (PoC) scripts, risk ratings, and mitigation guidance.

Responsibilities:

• Pen-test the products built in-house.
• Offering training programs related to Information Security.
• Mentor Students in various fields like cyber security, Internet of Things
• Build IoT Proof of Concepts.

Professional Experience:

Achievements:

• Trained more than 6000 students in Cyber Security, Internet of Things, Raspberry Pi at various occasions.
  
• Trained Police officials from Cyber Crime Unit to tackle cyber warfare and Criminals.
• Handled 2 Subjects(Internet of Things & Cyber Security) in academics.
• Techie-Expert Award of year 2017.
• Best IoT hacker at IoTnext 2107.
• World Rank 1 in the online CTF hackthebox (https://www.hackthebox.eu/profile/128)
• Rank 4 in Global Cyber Conference CTF.
  
• Rank 3 in Nullcon Hardware CTF 2018.
• Completed the Rastalabs (Red Teaming simulation from Hackthebox)
• Completed the Offshore (Red Teaming simulation from Hackthebox)
• Implemented Virtual Desktop Infrastructure for the organisation.
  

Design and Development:

• Implementation of virtual currency called kash using blockchain.
  
• Personal Assistant system in Smart Mirror.
  
• Remote Telemetry system for Sphata, a Health Care Industry, Bangalore.
  
• Developed a Bus tracking system.
  
• Industrial Automation.