Sumit Kumar, CISA, CISSP

DevOps Engineer

Bengaluru, Karnataka, India12 yrs 11 mos experience
Most Likely To SwitchHighly Stable

Key Highlights

  • Over 13 years of experience in Cybersecurity and Cloud Security.
  • Expertise in major compliance frameworks like ISO 27001 and GDPR.
  • Proven track record in leading security architecture initiatives.
Stackforce AI infers this person is a Cybersecurity Architect with expertise in compliance and risk management across multiple industries.

Contact

LinkedIn

Skills

Core Skills

Cloud SecurityCyber SecurityCompliance AuditsInformation SecurityVulnerability Management

Other Skills

Risk ManagementIT General ControlInformation Security AuditsPCI DSSISO 27001Vulnerability AssessmentLog File MonitoringSystem Integrity CheckingPenetration TestingSecurity AuditsLinuxSSAE 16Computer ForensicsCOBITBusiness Continuity

About

Sumit Kumar is a seasoned Cybersecurity & Cloud Security Architect with 13+ years of industry experience, primarily focused on Product Security, DevSecOps, Cloud Security, and Information Security Audits. His expertise spans across major compliance frameworks and standards including ISO 27001, GDPR, PCI DSS, SOC 1/SOC 2/SSAE 16/SAS 70 (Type I & II), SOX 404, ITGC, HIPAA, and ISO 22301 (BCP/DRP). He brings a strong background in Information Risk Governance, Audit Support, and Security Program Implementation across diverse industries such as Financial Services, Healthcare, Technology, Media, Government, and Non-Profit sectors. Sumit is known for his effective communication skills, team leadership, and the ability to quickly grasp and implement new technologies. He actively engages in continuous learning and holds several globally recognized certifications: • Certified Ethical Hacker (v8) • AWS Certified Security - Specialty • CISA (Certified Information Systems Auditor) • ISO 27001 Lead Auditor • Qualys Certified Specialist - Vulnerability Management • Certified Lead Implementer Professional (CLIP) – BS 10012:2017 (GDPR) He has a growing interest in Privacy & Data Protection and continues to expand his expertise in this domain. Specialties: • Cloud Security & Audits • Product Security & DevSecOps • Compliance & Regulatory Audits (ISO, GDPR, PCI DSS, SOX, HIPAA, etc.) • Risk Management & Governance • ITGC & SOX 404 Audit Support • Vulnerability Management (VAPT, OWASP Top 10) • Business Continuity Planning (BCP) & Disaster Recovery (DR) • IT Forensics & Fraud Detection Industries Served: • Financial Services • Healthcare • Technology & Telecommunications • Media • Government (Federal, State, Local) • Non-Profit Disclaimer: The views, thoughts, and opinions expressed here are solely my own and do not represent those of my employer or affiliated organizations.

Experience

12 yrs 11 mos
Total Experience
--
Average Tenure
9 yrs 10 mos
Current Experience

Jpmorgan chase & co.

Cyber Security Architect

Aug 2016Present · 9 yrs 10 mos · Hyderabad Area, India

  • JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The Firm is a leader in investment banking, financial services for consumers and small businesses, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at www.jpmorganchase.com.
Cyber SecurityCloud SecurityRisk ManagementCompliance Audits

Grant thornton llp

Associate Information Security Consultant

May 2015Jul 2016 · 1 yr 2 mos · Bangalore

  • Performed IT General Control audit support, information systems security audits and Special Attestation Reviews: SSAE16 - SOC1 & SOC2, for design effectiveness and operating efficiency (Type I & II) for various engagements.
  • Performed IT General Controls review in the areas of Physical access, Logical access and Change management for several leading companies.
  • Performed PCI DSS ROC review.
  • Drafted ISMS Policies based on ISO 27001:2013
  • Performed Network/OS/DB Review
IT General ControlInformation Security AuditsPCI DSSISO 27001Compliance AuditsInformation Security

Confidential

Security Professional

May 2013Apr 2015 · 1 yr 11 mos · New Delhi Area, India

  • PCI DSS GAP ASSESSMENT & REMEDIATION
  • Project : Assisting Audit team during PCI DSS Gap assessment and final onsite audit
  • The project is aimed at implementing the OSSEC HIDS at several clients for Log File Monitoring and Analysis and System Integrity Checking.
  • Assisted in Writing Scripts to retrieve various system configuration information Like password policy, account policy, audit policy.
  • Assisted auditing team in Verifying the vulnerability assessment reports
PCI DSSVulnerability AssessmentLog File MonitoringSystem Integrity CheckingCompliance AuditsVulnerability Management

Education

Cochin University of Science and Technology

Bachelor's Degree — Information Technology

Hacking School

Ethical hacking

Jawahar Navodaya Vidyalaya - JNV

High School — Computer Science

Stackforce found 100+ more professionals with Cloud Security & Cyber Security

Explore similar profiles based on matching skills and experience

Jason Martin

Jason Martin

VP FDE

at Databricks

San Francisco, United States33 yrs 5 mos exp
Professional ServicesConsulting
Howard Kelly

Howard Kelly

Founder & Director | Cyber Security, Technology, Data & AI

at Meliora

Hong Kong, Hong Kong SAR13 yrs 7 mos exp
Cyber SecurityRisk Management
Harshprit Singh

Harshprit Singh

Professional Services Consulting Specialist

at UltraViolet Cyber

Bengaluru, India7 mos exp
Ethical Hacking
Pratik G.

Pratik G.

Security Engineer

at eGain Corporation

Sunnyvale, United States5 yrs 1 mo exp
Cloud Security ArchitectureIAM Governance & Access ControlRisk Assessment & ManagementThreat & Vulnerability ManagementSecurity Controls Implementation & Validation
vishal sharma

vishal sharma

Product Security Engineer

at Newt Global

Bengaluru, India3 yrs 7 mos exp
Application SecurityVulnerability Assessment
Pavan Birlangi

Pavan Birlangi

SDE Intern

at Linux Socials

Bengaluru, India0 mo exp
Databases
B R Raghav

B R Raghav

Software Developer

at Tata Consultancy Services

Bengaluru, India2 yrs 9 mos exp
JavaSpring Boot
Jelit K Raju

Jelit K Raju

Software Developer

at bet365

United Kingdom7 yrs 6 mos exp
GolangMicroservicesJavaSQL