Engineering Leader · Bengaluru, India

Kamal
Bisht

24+ years building quality, security, and platform engineering functions in cybersecurity — from kernel drivers to cloud-native microservices, from threat modelling to AI governance.

PMP CEH ISO 42001 LA IIT Delhi M.Tech SentinelOne · McAfee · FireEye
24+
Years experience
$616M
Acquisition (Attivo)
20+
Engineers led
70%
Manual test reduction
View Animated Presentation FinAgent — AI Investment Research
Who I am

The signal in the noise.

My career has a single throughline: measurement-first thinking applied to complex security systems. It started at IIT Delhi, where my M.Tech. project used GSOM neural networks to statistically prove that malicious network traffic is inherently separable from normal traffic — an early exercise in finding signal in noise that shaped everything that followed.

Across McAfee, FireEye, Attivo Networks, and SentinelOne, I've built quality engineering functions from scratch, owned release management, run AppSec programmes, and driven cloud-native migrations. I've shipped kernel-level security products, built efficacy labs running millions of malware samples, and led the architectural shift from monolith to true cloud-native SaaS.

I think about quality not as a gate at the end of development, but as a layered discipline spanning infrastructure, security, automation, and delivery velocity. The frameworks I build outlast me.

Today I'm focused at the intersection of AI governance and cybersecurity — ISO 42001 Lead Auditor certified, exploring multi-agent AI systems, and applying LLM-based approaches to dynamic test generation and automation failure analysis.

Current focus
AI/LLM engineering · Multi-agent systems · ISO 42001 audit · Post-quantum cryptography
Domain expertise
Endpoint security · Deception / ITDR · Identity protection · Kernel / driver QA · Cloud-native SaaS
Leadership style
Build teams from zero · Own across functions · Framework-first · Culture of continuous improvement
Contact
kamalbisht@yahoo.com · +91-9845229450
Career history

Where I've built.

Consulting Services
Defined product vision and multi-phase roadmap of a Unified Cyber & AI Command Centre for startup named DigiFortex Technologies (Dec 2025-March 2026). Platform converges SOC, GRC, AI Governance, Exposure Management, and cryptographic validation into a telemetry-driven, AI-native risk ecosystem. Implemented VPN governance architecture, Action1-based endpoint management, and initiated FIPS 140-3 Level 2 lab for post-quantum cryptography services.
Product vision AI governance GRC FIPS 140-3 Post-quantum crypto
Director — Quality, AppSec & Release Engineering $616.5M Acquisition
Attivo Networks → SentinelOne
Jan 2017 – Oct 2025
Among the first 30 employees. Built QA department from zero — hired and mentored 20+ engineers across four groups. Simultaneously owned Quality, AppSec, IT, and Release Management. Drove the full cloud-native migration: Kafka telemetry pipeline, OCSF normalisation, ECS microservices, ClickHouse, KCP. Led deception technology (lateral movement detection) and ITDR domains covering Active Directory, Azure Entra ID, Okta, Duo, Ping, and 27+ integrations. Reduced manual testing 70%, production defects 35%, and release cycle time 25%.
Deception / ITDR Kafka ECS microservices SAST/DAST Release management Active Directory Python
Engineering QA Manager
FireEye Cybersecurity (now Trellix)
Feb 2016 – Dec 2016
Managed enterprise endpoint projects: exploit detection, kernel services, and next-generation platform initiatives. Built efficacy lab infrastructure running millions of malware samples for content detection validation — Elasticsearch-backed pipeline with Python automation.
Exploit detection Efficacy lab Elasticsearch Python
Engineering QA Manager $7.68B Intel Acquisition
McAfee (An Intel Company)
Jun 2003 – Jan 2016
Around 15 years across AV/anti-spam, Host IPS (kernel drivers, TDI/WFP, ELAM), and McAfee Labs common driver SDK — shared across 25 products. Founded Security Club; drove systematic threat modelling across all India-managed products; built Security Champions programme absorbed into McAfee's global scheme. Built sanity lab covering all 25 products as a release gate. Championed cross-functional collaboration; 25% release cycle improvement.
Kernel drivers Threat modelling TDI / WFP / ELAM Ruby on Rails Coverity Security champions
Software Engineer
i2 Technologies
Feb 2002 – May 2003
End-to-end automation engineer for supply chain management (SCM/SRM) solutions — the role that revealed how QA provides a solution-level vantage point no other function does.
Perl TCL/Tk Automation
Expertise

What I bring.

⚙️
Quality Engineering
Automation frameworks (layered: infra → SDK → test) · CI/CD pipelines · Shift-left testing · Maturity models · LLM-as-judge · A/B testing · Golden datasets · Dynamic test generation
🛡️
Application Security
Threat modelling · SAST (SonarQube, Coverity) · DAST (RAPID7, Nessus) · BurpSuite · Credential leak scanning (GitHub Actions) · Security champions programmes
☁️
Cloud & Platform
Kafka · ECS microservices · ClickHouse · Elasticsearch / OpenSearch · Kubernetes (KCP/KOPS) · WebSocket · NLB/ALB · Feature flags · Shadow mode · Stateless service design
🤖
AI / ML Engineering
LLM integration · Multi-agent systems · Claude Code · NLP / GSOM neural networks · Dynamic test generation from production code · OpenSearch ML anomaly analysis · ISO 42001 audit
🔒
Security Domain
Endpoint security · Deception / lateral movement · ITDR (AD, Entra ID, Okta, Duo) · AV / anti-spam / anti-phishing · Kernel / driver QA (TDI, WFP, ELAM) · Dark web monitoring
👥
Engineering Leadership
Team building (20+ engineers) · Release management & branching strategy · Product vision & roadmap · Cross-functional ownership (QA + AppSec + IT) · OKR / KPI alignment · Startup to enterprise scale
Impact

What I've delivered.

01
Built QA from zero at a cybersecurity startup
First QA manager at Attivo Networks. Scaled to 20+ engineers across 4 groups. Built layered automation framework; reduced manual testing 70%, production defects 35%, release cycle time 25%.
02
cloud-native migration at SentinelOne scale
Involved in shift from monolith to true cloud-native SaaS: Kafka → OCSF normaliser → ECS microservices → ClickHouse. Removed session state, adopted NLB, feature flags, and shadow mode for zero-risk detection rollouts.
03
Founded Security Champions programme at McAfee India
Started Security interest group; drove threat modelling across all India products. Programme was absorbed into McAfee's global security scheme and created lasting security culture at site level.
04
Rescued a failing enterprise product
Took over a collapsed enterprise product, rewrote the statement of work, rebuilt the test environment, and recovered the release — extending its commercial value through watermark integrations for adjacent product sales.
05
Efficacy lab for millions of malware samples
At FireEye, built end-to-end efficacy infrastructure to run millions of malware sets for content detection validation — Elasticsearch-backed, Python-automated, with web crawlers for continuous sample acquisition.
06
Defined converged Cyber & AI Command Centre vision
At DigiFortex, built the full platform vision: SOC + GRC + AI Governance + Exposure Management + post-quantum cryptography validation — multi-tenancy, white-labelling, API-first, telemetry-driven.
Foundation

Where it started.

M.Tech., Computer Technology
Indian Institute of Technology (IIT) Delhi · 2000–2001
Thesis: GSOM neural network–based network intrusion detection system with statistical analysis proving malicious traffic is inherently separable from normal traffic — the origin of a measurement-first approach to security.
B.Tech., Electrical Engineering
G.B. Pant University, Pantnagar · 1996–2000
Project: Microcontroller-based radar firmware for DRDO Dehradun — hands-on embedded systems in a constrained environment, building an intuition for system design and optimisation that carries through to today.
Certifications
ISO 42001 Lead Auditor
TÜV SÜD — AI Management Systems
Project Management Professional (PMP)
Project Management Institute · 2007
Certified Ethical Hacker (CEH v3)
EC-Council
ISO 27001 · ISO 9001 · FedRAMP/FIPS
Awareness & involvement