Arun Kumar Redhu
Security Assistant Manager
Kuwait City
Summary
Vulnerability Assessment & Penetration Testing specialist with 10+ years’ hands-on experience across web applications, mobile (iOS/Android), APIs, thick-client apps, firewalls, and IT/OT environments. I scope and execute tests, exploit and validate findings, and deliver clear, risk-based remediation. Work aligns to OWASP, SANS and PTES, with results mapped to PCI DSS, ISO 27001 controls.
Overview
11
11
years of professional experience
5
5
years of post-secondary education
1
1
Certification
Work History
Assistant Manager
Deloitte
12.2024 - Current
- Conduct end-to-end vulnerability assessments and penetration testing across web applications, mobile apps (Android/iOS), APIs, and thick-client systems; deliver prioritized remediation aligned with OWASP Top 10.
- Execute internal/external network penetration tests using Nmap, Nessus, and Metasploit; validate exploitable paths/CVEs and coordinate risk-based fixes with platform teams.
- Run application and enterprise risk assessments; maintain risk registers and map treatment plans to ISO/IEC 27001 controls and organizational risk appetite.
Offensive Security Specialist
British Telecom
05.2021 - 11.2024
- Performing monthly ASV scans on 30+ PCI platforms
- Resolving issues found on platforms with clients
- Scoping Penetration test/Vulnerability Assessment
- PCI Infrastructure platforms PT/VA every quarter using tools like Nessus Professional
- Web Application/API penetration testing for clients using tools like Burp Suite Professional, Postman etc
- Scheduling PT/VA & ASV scans for every quarter.
Senior Security Analyst
Accenture
12.2020 - 04.2021
- Performing Web Application - Vulnerability Assessment & penetration testing
- Identifying critical, high, medium, low vulnerabilities in application based on OWASP top 10 and prioritizing them based on the criticality
- Preparing various Security Assessment Reports on identified vulnerabilities along with remediation procedures
- Capable of identifying flaws like Injection attacks SQLi, XSS
- IDOR, Security Misconfiguration, CSRF etc
- Have knowledge of most prominent Web Application penetration testing tools like Nessus, Acunetix, Nexpose, hping3
- Sqlmap, Dirbuster, Nmap, Burp Suite, Metasploit, Netcat, etc.
Security Consultant
Accenture
05.2018 - 11.2020
- Interacting with Client teams, Sales Team to understand & to flesh-out client RFP requirements to propose the Managed
- Security Solution
- Worked on identifying and working with cross function organization towards building multi-towered security solutions for clients based out of different regions including Americas, EMEA, and APAC
- Analyzing the data gathered, responding to the RFP/RFI and providing specifications according to which the solution is defined, managed, and delivered
- Providing Support in multiple activities such as Estimating effort and cost for the design/Build & RUN of a security specific solution, taking necessary approvals and sign off
- Rate card Financials: Provided a skill matrix and a total number of dedicated personnel to add staff to the client's existing team.
Linux Admin
Accenture
11.2014 - 04.2018
- Supporting 24
- 7 and weekend support whenever required
- Planning and scheduling Redhat servers for patching through
- Redhat Satellite (6.1)
- Provided L1/L2 support on User management
- Deploying new Virtual Machine as per client requirement on
- VMware platform
- Preparing RCA for production issue that impacts the business and meeting the SLA to resolving the issue
- Providing Technical support for internal users and resolving troubleshooting tickets
- Attending daily meeting with L3 for ongoing daily issues and weekly, monthly meeting with Customers
- Handling migration of Redhat Systems on VMware end
- Handling issue related to NFS, LVM and Server hung
- Coordinating with vendors for fixing the issue related to hardware and follow up with Redhat Global team for issue on OS end
- Handled ITSM processes like Change/Incident and Release mgmt..
Education
Bachelor of Technology - Electronics And Communications Engineering
BPIT, GGSIPU
New Delhi 07.2010 - 08.2014
High School Diploma -
Air Force Golden Jubilee Institute
New Delhi 05.2009 - 03.2010
Certification
Stanford Advanced Computer Security
Timeline
Assistant Manager
Deloitte
12.2024 - Current
Offensive Security Specialist
British Telecom
05.2021 - 11.2024
Senior Security Analyst
Accenture
12.2020 - 04.2021
Stanford Advanced Computer Security
11-2020
Security Consultant
Accenture
05.2018 - 11.2020
Linux Admin
Accenture
11.2014 - 04.2018
Bachelor of Technology - Electronics And Communications Engineering
BPIT, GGSIPU
07.2010 - 08.2014
High School Diploma -
Air Force Golden Jubilee Institute
05.2009 - 03.2010