HimalayasHimalayas logo
DM
Open to opportunities

Deepak Kumar Maurya

@deepakkumarmaurya

DevSecOps engineer securing cloud, CI/CD, and applications through proactive security automation and rigorous VAPT.

India
Message

What I'm looking for

I’m looking for a role where I can secure cloud infrastructure and CI/CD “shift-left” with automation—owning threat detection, WAF/Zero Trust controls, and leading VAPT—while collaborating closely with engineering to harden production continuously.

I’m a results-driven DevSecOps Engineer and Information Security Consultant with 5+ years of experience securing enterprise-grade products and infrastructure. At Lenskart Solutions, I own end-to-end security for AWS infrastructure, Cloudflare-based perimeter defense, CI/CD pipeline security, and vendor onboarding governance.

I bring deep expertise in Vulnerability Assessment & Penetration Testing (VAPT) across web applications, REST/GraphQL APIs, mobile (Android/iOS), network infrastructure, and thick client applications. I’m OSCP and CEH certified, with a proven track record of auditing 300+ systems and leading compliance and ethical hacking engagements across regulated industries.

On the DevSecOps side, I harden AWS using VPCs, Security Groups, IAM roles/policies, S3 bucket policies, KMS encryption, and CloudTrail audit logging. I implement least-privilege access controls and enforce MFA across AWS accounts, integrate threat detection via GuardDuty findings, and reduce risk through container image scanning, SAST/SCA integration, secret management, and OPA (Open Policy Agent) Conftest policies.

I also strengthen perimeter and application security with Cloudflare WAF, DNS & Domain Security, Zero Trust (ZTNA) access, rate limiting, and tuning to minimize false positives while maintaining strong threat coverage. I’ve led UIDAI compliance audits, delivered executive-grade security reports with CVSS scoring and remediation guidance, and earned “Star of the Quarter” for measurable client security outcomes.

Experience

Work history, roles, and key accomplishments

LL
Current

DevSecOps Engineer

Lenskart Solutions Private Limited

Oct 2024 - Present (1 year 7 months)

Owned end-to-end security of AWS infrastructure (VPC, IAM, KMS, S3, CloudTrail) and enforced least-privilege access across dev/staging/prod. Built Cloudflare perimeter defenses (WAF/Zero Trust) and CI/CD security gates (SAST/SCA, container scanning, secrets management), reducing cloud misconfigurations by 80% within 3 months.

AWS SecurityIAM & KMS HardeningCloudTrailCloudflare WAFSecrets ManagementContainer Image Scanning (Trivy Grype)
AL

Information Security Consultant

AKS IT Services Pvt. Ltd.

Mar 2021 - Sep 2024 (3 years 6 months)

Conducted VAPT for 300+ applications and endpoints, including web, REST/GraphQL APIs, mobile (Android/iOS), thick-client/desktop, and network infrastructure aligned to OWASP Top 10 and SANS Top 25. Led UIDAI compliance audits across healthcare, financial, and energy engagements and delivered security reports with CVSS scoring, PoC evidence, and step-by-step remediation; awarded Star of the Quarter

OWASP Top 10Thick Client Windows App TestingUIDAI Compliance Audits

Education

Degrees, certifications, and relevant coursework

GN

GNIT, Greater Noida

B.Tech, Computer Science

2017 - 2021

Earned a B.Tech in Computer Science at GNIT, Greater Noida from 2017 to 2021.

Tech stack

Software and tools used professionally

GitHub logo

GitHub

SonarQube logo

SonarQube

Kubernetes logo

Kubernetes

Cloudflare logo

Cloudflare

Jenkins logo

Jenkins

GitHub Actions logo

GitHub Actions

Gmail logo

Gmail

Terraform logo

Terraform

Wireshark logo

Wireshark

iOS logo

iOS

ZAP logo

ZAP

GraphQL logo

GraphQL

Checkmarx logo

Checkmarx

Cloudflare WAF logo

Cloudflare WAF

Zap logo

Zap

SQL logo

SQL

Burp Suite logo

Burp Suite

sqlmap logo

sqlmap

Nmap logo

Nmap

Metasploit logo

Metasploit

Trivy

Wiz logo

Wiz

Evidence logo

Evidence

OWASP ZAP logo

OWASP ZAP

Conftest logo

Conftest

Nuclei logo

Nuclei

Dynamic logo

Dynamic

Movement logo

Movement

Netskope logo

Netskope

Android logo

Android

Availability

Open to opportunities

Location

India

Authorized to work in

India

Website

ethicalhacs.com

Job categories

DevSecOps EngineerInformation Security ConsultantCloud Security EngineerApplication Security EngineerSecurity ConsultantLead DevSecOps EngineerDevOps Security EngineerSecurity DevOps Engineer

Skills

DevSecOpsAWS SecurityCSPM Cloud SecurityGuardDutyCloudTrailAWS OrganizationsService Control PoliciesCI CD Security AutomationContainer SecurityIaCSecrets ManagementCloudflare WAFSASTDASTSCASonarQubeCheckmarxTrivyWizNetskopeVAPT — Web ApplicationSQL InjectionXSSCSRFSSRF XXE (Union Blind OOB)Access Control (IDOR BOLA)AuthenticationDeserializationFile Upload Path TraversalHTTP Request SmugglingSubdomain TakeoverVAPT — API Security (OWASP API Top 10)BOLA BFLAMass AssignmentJWTParameter TamperingAPI Key Enumeration AbuseVAPT — MobileNetwork & Thick ClientSSL PinningReverse EngineeringPenetration TestingNessusLateral MovementOWASP Top 10UIDAI GuidelinesSecure SDLCData Encryption StandardsDocker KubernetesTerraformOPA ConftestBurp suiteTcpdumpMetasploitNikto NucleiSqlmapAmass SubfinderAndroidCloudflareConftestDynamicEvidenceGitHubGitHub ActionsGmailGraphQLJenkinsKubernetesMovementNmapNucleiOWASP ZAPSQLWiresharkZAPiOS

Interested in hiring Deepak Kumar?

You can contact Deepak Kumar and 90k+ other talented remote workers on Himalayas.

Message Deepak Kumar

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan