Summary
Overview
Work History
Education
Skills
Certification
PERSONAL DETAILS
Timeline
Generic

Sree Kakumana

Brisbane,QLD

Summary

With over 20 years of professional IT experience, I have built an extensive background spanning Software Development, Automation Engineering, Azure-based CI/CD and DevOps, and advanced Cybersecurity and Penetration Testing roles.

I bring deep expertise across Cybersecurity, Penetration Testing, Red Teaming, Threat Intelligence, Security Operations, and Infrastructure Hardening within large-scale government and enterprise environments. My career progression from software developer to automation and DevOps specialist, and finally to cybersecurity expert, enables me to bridge technical, operational, and governance layers effectively.

I have executed Black-Box, Grey-Box, and White-Box penetration tests, conducted detailed Vulnerability Assessments, and implemented SAST, DAST, and IAST methodologies within Azure DevOps and AWS CI/CD pipelines. My work focuses on securing Web, API, Cloud, and Mobile applications while embedding proactive cyber resilience through continuous monitoring and automation.

I hold globally recognised certifications including CISSP, SSCP, CEH, BTJA – Blue Team Certified Professional, Cyber Security Professional Certificate, AWS Certified Solutions Architect, UiPath RPA Developer, and ISTQB / ISEB Certified Tester.

I have successfully delivered critical cybersecurity and automation programs for the Queensland Police Service (QPS), Digital Transformation Agency (DTA), Australian Taxation Office (ATO), Auto & General Insurance, Bank of Queensland, and Department of Education & Training (DET). My goal is to ensure systems are secure, scalable, compliant, and resilient by design, while aligning technology transformation with strategic business and security objectives.

Overview

17
17
years of professional experience
1
1
Certification

Work History

Cybersecurity Analyst / Penetration Tester

Queensland Police Service (QPS)
06.2025 - 09.2025
  • Delivered comprehensive cybersecurity testing, vulnerability management, and operational security configuration for QPS’s critical frontline and governance systems, including ANPR, GRC, Q-Light, and PCC Mobility applications. This role involved close collaboration with the Security Operations Centre (SOC) to optimise detection, logging, and endpoint protection across Azure and on-prem environments.
  • Conducted penetration testing and vulnerability assessments across ANPR, GRC, and Q-Light platforms.
  • Collaborated with the Security Operations Team to review event logs, alerts, and threat intelligence from Splunk, SentinelOne, and Microsoft Sentinel.
  • Configured and fine-tuned Splunk dashboards, correlation searches, and alert rules to enhance threat visibility and response.
  • Validated Azure Sentinel incident detections and supported creation of analytical rules for SIEM efficiency.
  • Managed and reviewed Azure Active Directory groups and role-based access controls (RBAC) to ensure adherence to least-privilage and segregation-of-duties principles.
  • Reviewed, created, and enforced Group Policy Objects (GPOs) for workstation and server security baselines.
  • Performed firewall rule audits and validated network segmentation policies across critical zones.
  • Reviewed and implemented antivirus exclusions and configuration baselines across QPS systems.
  • Conducted endpoint validation for SentinelOne and Windows Defender configurations, ensuring EDR and AV coverage.
  • Supported incident detection and response activities, validating SIEM alerts and tuning event correlation.
  • Conducted infrastructure and network penetration testing using Burp Suite, Nmap, OWASP ZAP, and Metasploit.
  • Documented findings and produced Security Certification Reports with CVSS scoring and remediation guidance.
  • Worked with infrastructure, application, and SOC teams to ensure vulnerability closure and compliance validation.
  • Delivered post-testing review documentation and go-live cybersecurity assurance reports for executive approval.
  • Project: Tech Refresh Phase II — Automatic Number Plate Recognition (ANPR), GRC Systems, Q-Light, PCC NICE and Mobility

Lead Penetration Tester

Digital Transformation Agency (DTA – Canberra)
03.2025 - 05.2025
  • Led comprehensive penetration and vulnerability testing of Microsoft Azure-hosted government applications in line with ASD Essential Eight and ISM frameworks.
  • Conducted authenticated and unauthenticated penetration testing of Azure cloud apps.
  • Simulated realistic attack vectors using Burp Suite Pro, Nmap, SQLite, OWASP ZAP, and custom payloads.
  • Assessed Azure App Services, Key Vaults, and SQL Databases for misconfigurations and exposure.
  • Delivered technical and executive security reports with CVSS scoring and mitigation plans.
  • Advised DevSecOps teams on secure configuration and compliance alignment.
  • Project: Web Application & Cloud Security Assessment

Cybersecurity Analyst / Penetration Tester

Queensland Police Service (QPS)
06.2023 - 02.2025
  • The Tech Refresh Program modernised QPS’s mission-critical SAS, Mobility, PCC NICE, and PCC Inform systems. Responsibilities included leading penetration testing, Red Team operations, and system hardening across hybrid cloud environments to improve resilience and compliance.
  • Planned, scoped, and executed penetration testing across QPS infrastructure and applications.
  • Authored and reviewed Penetration Testing Scoping Documents, Test Plans, and Technical Information Guides (TIGs).
  • Scheduled and coordinated testing cycles across pre-production and production environments.
  • Performed Red Team operations and coordinated with Purple Team to validate detections via Splunk SIEM.
  • Conducted Web, API, and Network penetration testing using Burp Suite Pro, OWASP ZAP, Nmap, SQLite, and Metasploit.
  • Validated Azure AD, AWS IAM, and Group Policy configurations for least-privilage compliance.
  • Project: Tech Refresh Program — SAS, Mobility, PCC NICE, and PCC Inform

Security Tester / Senior Test Analyst

Department of Education & Training (DET International)
03.2016 - 12.2016
  • Defined security and test strategies for EQI web portal and eForms.
  • Executed SAST / DAST testing for SharePoint and SAP integrations.
  • Delivered risk-based reports and compliance recommendations.
  • Project: EQI Web Enhancement & Online Application Security

Security Test Analyst

Bank of Queensland (BOQ)
10.2014 - 12.2015
  • Conducted vulnerability scanning and regression testing for loan origination systems.
  • Automated end-to-end Selenium-C# test suites.
  • Liaised with vendors and business units for defect resolution and patch validation.
  • Project: Lending Platform Cyber Assurance

Automation Test Lead

Melbourne IT
09.2008 - 05.2014
  • Designed and implemented automation test frameworks using Selenium and QTP.
  • Led QA teams across Australia and offshore for full automation delivery.
  • Performed integration and regression testing for APIs and web services.
  • Implemented automation in Jenkins and TFS CI/CD pipelines.
  • Conducted security validation and vulnerability verification for web modules.
  • Oversaw data migration, performance testing, and validation automation.
  • Produced QA metrics, trend analysis, and test certification documentation.
  • Project: Integrated Web Services (IWS) and Oracle Financial Systems

Education

Master of Science - Information Technology

University of Ballarat
Melbourne

Bachelor of Science - Computer Applications

Osmania University
India

Skills

  • Security & Penetration Testing: Burp Suite Pro, Kali Linux, Metasploit, Nmap, OWASP ZAP, Nessus, Fortify, Wireshark, SQLite, Hydra
  • SIEM & EDR: Splunk Enterprise Security, Microsoft Sentinel, SentinelOne, Windows Defender for Endpoint, CrowdStrike
  • Cloud & DevSecOps: AWS, Azure, Terraform, CloudFormation, Bamboo, Jenkins, GitHub
  • Actions, Docker, Kubernetes, Azure DevOps
  • Programming / Scripting: Python, PowerShell, Bash, C#, JavaScript, SQL
  • Governance & Compliance: ISM, Essential Eight, OWASP Top 10, NIST 800-53, PSPF
  • Firewalls / Network Security: F5 BIG-IP, Palo Alto, Cisco ASA, VPN, SSL/TLS inspection, Wireshark
  • Operating Systems: Windows Server, Linux (Ubuntu / Red Hat), macOS
  • Threat intelligence
  • SIEM management
  • Log analysis
  • Penetration testing
  • Application security
  • Web application security
  • System hardening
  • Security architecture
  • Endpoint protection
  • Software deployment
  • Security auditing
  • Firewall management
  • SIEM tools
  • Cloud security
  • Threat hunting
  • Malware analysis
  • Threat modeling

Certification

  • Cybersecurity & Blue Team Certifications: CISSP, SSCP, CEH, BTJA – Blue Team Certified Professional, Cyber Security Professional Certificate, Network Defence Essentials, Ethical Hacking Essentials, Digital Forensics & Incident Response, Threat Hunting, OSINT, Cybersecurity Automation, Foundations of Cybersecurity, Connect and Protect: Networks & Network Security, Microsoft Operating Systems & Security
  • Cloud, Automation & Testing Certifications: AWS Certified Solutions Architect, AWS Cloud Solutions, UiPath RPA Developer Certification, RPA Developer, ISTQB / ISEB Certified Tester, Tools of Trade: Linux and SQL, Generative AI Essentials

PERSONAL DETAILS

  • Name: Sree Kakumana
  • Email: sree.kakumana@gmail.com
  • Mobile: 0433 211 410
  • Security Clearance: Baseline (AGSVA) – Active | NV1 Clearance: In Progress

Timeline

Cybersecurity Analyst / Penetration Tester

Queensland Police Service (QPS)
06.2025 - 09.2025

Lead Penetration Tester

Digital Transformation Agency (DTA – Canberra)
03.2025 - 05.2025

Cybersecurity Analyst / Penetration Tester

Queensland Police Service (QPS)
06.2023 - 02.2025

Security Tester / Senior Test Analyst

Department of Education & Training (DET International)
03.2016 - 12.2016

Security Test Analyst

Bank of Queensland (BOQ)
10.2014 - 12.2015

Automation Test Lead

Melbourne IT
09.2008 - 05.2014

Bachelor of Science - Computer Applications

Osmania University

Master of Science - Information Technology

University of Ballarat

Similar Profiles

CREATE PROFILE
Sree Kakumana