Kamaldeep Bhati — DevOps Engineer

I specialize in breaking applications, infrastructure, APIs, and cloud environments the same way real attackers do. 😎 With 5+ years of hands-on offensive security experience, I have worked across consulting, enterprise security, bug bounty, and security research environments conducting advanced penetration testing, vulnerability research, exploit validation, and security automation. My expertise spans: • AI Security • Web & API Penetration Testing • Android & iOS Security Testing • Cloud Security (AWS/Azure/GCP) • Active Directory & Network Testing • Thick Client • Wireless Security • Hardware/Firmware & IoT Security • Digital Forensics Mobile security is one of my strongest technical domains. I have extensive experience with Android and iOS reverse engineering, runtime manipulation, SSL pinning bypasses, API abuse testing, insecure storage analysis, and mobile exploit validation. I also built iOS Buster, a Mobile VAPT automation framework used to automate 30+ security test cases and generate detailed remediation-focused reports, helping streamline complex mobile security assessments. I actively participate in bug bounty programs across HackerOne, Synack, YesWeHack, Bugcrowd, and Intigriti, continuously sharpening my attacker mindset and staying current with emerging attack techniques. I also hold the OSCP+ certification and have been credited with a published CVE (CVE-2025-56676). I enjoy solving difficult security problems, building security automation, researching new attack vectors, and working on high-impact offensive security engagements. 👨🏻‍💻

Stackforce AI infers this person is a Cybersecurity Specialist with a focus on Offensive Security and Penetration Testing.

Location: Greater Toronto Area, Canada

Experience: 1 yr 4 mos

Skills

Penetration Testing
Cloud Security
Leadership
Cybersecurity
Api Security Testing
Web Application Security
Bug Bounty Hunting

Career Highlights

5+ years of offensive security experience.
Expertise in mobile security and penetration testing.
Contributed to automation tools for security assessments.

Work Experience

Red Sentry

Penetration Tester (10 mos)

Loyalist College

Cyber Club - Leader (1 yr 3 mos)

Synopsys Inc

Professional Services Consulting, Sr Consultant (1 yr 8 mos)

Security Services Associate (1 yr 4 mos)

VAPT Intern (4 mos)

Synack Red Team

Synack Red Team (3 yrs 3 mos)

InstaSafe

Security Analyst (2 mos)

Safe Security

Student Intern (2 mos)

Education

Postgraduate Degree at Loyalist College

Bachelor's of computer application at Jain (Deemed-to-be University)

High School (10+2) at Holy Child Public School, Faridabad, Haryana

Kamaldeep Bhati

DevOps Engineer

Greater Toronto Area, Canada1 yr 4 mos experience

Key Highlights

5+ years of offensive security experience.
Expertise in mobile security and penetration testing.
Contributed to automation tools for security assessments.

Stackforce AI infers this person is a Cybersecurity Specialist with a focus on Offensive Security and Penetration Testing.

Contact

Skills

Core Skills

Penetration TestingCloud SecurityLeadershipCybersecurityApi Security TestingWeb Application SecurityBug Bounty Hunting

Other Skills

Secure Code ReviewIoT PentestingHardware - Firmware PentestingRed TeamingActive DirectoryMobile SecurityDigital ForensicsThick Client Security TestingPurple TeamingNetwork SecurityWireless SecurityClient RelationsReporting & AnalysisTroubleshootingIOS Security Testing

About

Experience

1 yr 4 mos

Total Experience

Average Tenure

Current Experience

Red sentry

Penetration Tester

Aug 2025 – Present · 10 mos · Atlanta, Georgia, United States · Remote

Provided occasional support on penetration testing engagements, assisting with vulnerability discovery, validation, and documentation of security findings.

Secure Code ReviewIoT PentestingHardware - Firmware PentestingWeb Application SecurityAPI Security TestingCloud Security+8

Loyalist college

Cyber Club - Leader

Jan 2025 – Apr 2026 · 1 yr 3 mos · Belleville, Ontario, Canada · On-site

As the Leader of the Cybersecurity Club, I lead a diverse team of students passionate about cybersecurity, organizing initiatives and events that promote digital safety, raise awareness, and help members develop practical skills in security tools and best practices.

CybersecurityLeadership

Synopsys inc

3 roles

Professional Services Consulting, Sr Consultant

Promoted

Nov 2022 – Jul 2024 · 1 yr 8 mos

> Conducted 250+ penetration testing reports and 10+ report reviews, covering assessments across web apps, APIs, cloud (AWS, Azure, GCP), mobile (iOS & Android), thick clients, wireless, and network security.
> Performed comprehensive security assessments using manual and automated techniques to identify vulnerabilities and provide tailored remediation strategies.
> Utilized industry-standard tools (Burp Suite, Nmap, Nessus, Metasploit, etc.) and followed frameworks such as OWASP Top 10, PTES, and MITRE ATT&CK to ensure rigorous testing standards.
> Took ownership of mobile app assessment troubleshooting, resolving environment setup issues, certificate pinning, dynamic analysis problems, and toolchain errors.
> Contributed to the development of custom automation tools to streamline routine tasks, improve efficiency, and standardize testing and reporting processes.
> Handled client calls post-assessment to explain findings, provide remediation guidance, and assist with validating fixes for identified vulnerabilities.
> Delivered internal training sessions to onboard and upskill employees and interns on penetration testing tools, techniques, and engagement processes.
> Provided technical oversight and QA on security assessments to ensure accuracy, depth, and alignment with client expectations.
> Delivered clear, actionable technical reports and executive summaries, making complex vulnerabilities understandable for all stakeholders.
> Continuously researched emerging threats, tools, and AI-powered testing methodologies to stay ahead of the curve and enhance testing capabilities.