Kiran Kumar — DevOps Manager

With over 17 years of hands-on experience, I specialize in driving impactful initiatives to enhance organizational security posture. My expertise spans Product Security, Security Operations, Cloud Security, IT Security, Incident Response, and compliance. I am dedicated to safeguarding organizational assets and contributing to strategic security initiatives.- Led initiatives in Product Security, focusing on Secure Product Lifecycle, Threat Modeling, Application Security, Infrastructure Security, API Security, Mobile Security, and Cloud Security.- Defined and elevated the security posture of products and organizational maturity level, incorporating recommendations from CIS Benchmarks across cloud platforms, DevSecOps tools, mobile applications, and server infrastructure.- Conducted comprehensive Application Security Assessments and Risk Analysis, addressing OWASP top 10 attacks and SANS 25 critical controls.- Managed IT-Security operations, leading to securing email & domain, Identity and Access Security, DLP, End-user device security, and establishment of comprehensive security policies and procedures.- Incorporated Zero Trust principles into business planning, enterprise architectures, and technology deployments to enhance security measures.- Oversaw Security Operations, ensuring security and integrity of organizational assets. Led efforts to build and optimize Threat Detection & Incident Response capabilities.- Established Product Security Incident Response Teams (PSIRT) for effective incident resolution and Root Cause Analysis.- Led Red Teams for penetration testing and vulnerability management, proactively identifying and mitigating security risks.- In-depth understanding of compliance standards such as PCI-DSS, SOX, ISMS ISO 27001, SOC 2, CSA STAR, NIST CSF etc., ensuring adherence to regulatory requirements.- Proficient in Python programming, developing tools for security assessments and automation.- Extensive expertise in Information/Product Security, Virtualization, Telecom, and financial domains.- Excellent verbal and written communication skills, capable of effectively conveying security strategies to stakeholders.- Strong leadership and organizational development skills, with a proven ability to motivate teams in a collaborative environment.- Possess strategic insight to develop and implement security strategies aligned with business objectives, ensuring proactive risk management.

Stackforce AI infers this person is a seasoned security engineer specializing in Product Security and IT Security operations.

Experience: 15 yrs 10 mos