Cyber Security Engineer
Resume:
Dinesh Yalavarthi
Sr. Cyber Security Engineer/Analyst
Phone: 707-***-**** Email: ****************.*@*****.*** Location: Charlotte, NC
https://www.linkedin.com/in/dinesh-y-904558263
SUMMARY:
Around 8+ years of experience as Cyber Security Engineer and Vulnerability Management Engineer.
•Experience with Risk Assessment on systems, applications, and Active Directory.
•Experience with Windows/Linux OS, Database Policy Compliance, and configuration with CIS.
•Experience with IT - Governance (GRC) risk tool Digital Manager 360 (Modulo) and reporting tool Nexpose.
•Experience in Incident Response and proficient In using MS Defender, Secure Works Taegis, MS Sentinel.
•I have good experience in Vulnerability Scanner Nexpose and Insight VM dashboard.
•I seek to utilize these skills in improving the security posture of information systems and networks by detecting threats and vulnerabilities in target systems, and applications by conducting systems, network testing.
•Responsible for managing all aspects of the Vulnerability Risk Management Program including vulnerability identification, analysis, remediation coordination and reporting.
•Experience with VM identification, analysis, metrics, as well as processes enabling proper governance, risk and compliance (GRC).
•Progressive experience in Enterprise Vulnerability Management, Risk Assessment, penetration testing, generating reports, SQL Injection XSS and major hacking protection techniques.
•Experienced in detecting, analyzing, and addressing cyber-crime incidents, Indicators of Compromise (IoCs). We take regular intel from MS_ISAC and work on IoCs.
•Experience in testing using various tools like Burp Suite, DirBuster, NMap, OpenVAS, Nexpose, Nessus, Metasploit and Jira. knowledge on OWASP Top 10 based Vulnerability assessment of web applications.
•Coordinate with dev team to report vulnerabilities by explaining the exploitation and the impact of the issue Reporting the identified issues in the industry standard framework.
•Domain knowledge in Retail, Banking and Financial Services, Health Care.
•Knowledge in detecting vulnerabilities over authentication, authorization, input validation, session management.
•Set up advanced systems to spot unusual transaction patterns and insider threats using machine learning, making it easier to stay ahead of emerging cybercrime trends.
•Managed security needs in IBM Doors, ensuring compliance with ISO 27001 and NIST 800-53, and worked with teams to ensure smooth integration.
•Performed IAM gap analysis and evaluated authentication controls for PCI DSS compliance, working with audit teams and ensuring proper regulatory documentation.
•Tracked and validated cross-domain cybersecurity needs in IBM Doors, with a focus on access control, data filtering, and sanitization.
•Built strong security setups using Zero Trust principles, top-notch encryption (AES-256), and secure APIs to protect sensitive financial data and improve overall security.
•Managed KRIs and KPIs to align risk strategies with business goals and improve remediation efforts.
•Collaborated on issue resolution, product updates, and business transformation to strengthen risk practices.
•Involved in Security Development Life Cycle (SDLC) to ensure security controls are in place.
•Leveraged Symantec PAM to track and audit privileged user activities, integrating with security tools for proactive threat detection and streamlined incident investigation.
•Aligning password policies, enforcing MFA, auditing, and improving credential management strengthens access controls, reduces data leakage risks, and supports DLP efforts.
•Addressed PCI DSS audit gaps, collaborated on remediation actions, and strengthened DLP by enforcing least privilege, conducting access reviews, and ensuring compliance through timely security improvements.
•Ability to develop and maintain metrics and reports on vulnerability findings and remediation compliance.
•Knowledge on STIG Validation in support of DISA, CIS and proactive vulnerability detection.
•Collaborated with project teams to develop and manage timelines, identify project risks, and maintain documentation in line with Lean and Agile practices.
•Applied knowledge of TCP/IP networking principles when configuring firewalls, intrusion prevention systems (IPS), and monitoring network traffic to identify potential threats.
•Participated in disaster recovery exercises, collaborating with teams to test backup and restoration processes for key security assets and infrastructure.
•Having good Knowledge on Jira, Root Kit, IP Spoofing, Virtual Box, Software Hardening concepts and SIEM.
•Good Knowledge of HTTP, HTTPS, Web application firewalls, checking logs, SSL and TLS.
•Skilled in creating detailed threat analysis, providing actionable recommendations, and enhancing organizational awareness of evolving attack methods and vulnerabilities to minimize exposure to cyber-crime.
•Worked closely with law enforcement and groups like FS-ISAC to shut down fraud networks, take down malicious sites, and stop phishing campaigns in their tracks.
•Good team player and ability to learn the concepts effectively and efficiently.
•Ability to work in large and small teams as well as independently.
TECHNICAL SKILLS:
•SIEM : MS Sentinel, Splunk
•IDS/IPS : Cisco Meraki, McAfee Vulnerability management solutions, Nessus
•EDR / EPP : Sentinel One, Secure Works Taegis
•Cloud Security : MS Defender
•Threat intelligence : Burp Suite, OpenVAS, Qualys guard
•NGFW/ WAF / Firewall : Palo Alto
•WAF : A10, Mod security
•Network Analysis : Wireshark, Bro/Zeek
•VA/PT tools : Burp Suite, OpenVAS, Qualys guard
•Log Management : Syslog, Splunk Cloud & IDM, ELK/EFK Stack
•Monitoring tools : Zabbix, Ops Ramp
•Programming Language : Python, C#, PowerShell
•Scripting Languages : PHP, HTML, CSS,
Education:
Bachelors of Computer Science, 2015, Osmania University.
WORK EXPERIENCE:
Client: Bank of America - Raleigh, NC Sep 2022 - Present
Sr. Cyber Security Engineer/Analyst
Responsibilities:
Experience with tools such as Rapid7 Nexpose and Insight VM vulnerability scanner.
Generate the reports on a daily basis and execute the daily tasks. Managing and adapting the scan schedule.
Managing permissions and access to the product. Performing authenticated and unauthenticated vulnerability scanning.
Used Tanium for patch management.
Worked in the IR team and handled the queue in service now for the tickets.
Worked extensively on Defender as EDR and Secure works TAEGIS XDR for triaging alerts.
Worked on the Defender Cloud Discovery
Research, analyze and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices (such as firewalls, routers, anti-virus products, proxies, and operating systems)
Assisting teams with vulnerability resolution, including providing assistance researching vulnerabilities solutions and addressing false positives to reduce system workloads, performing confirmation scans when appropriate, meeting regularly with remediation team, and building reports to provide teams with necessary data. Assisting teams with tracking remediation approaches within Insight VM or Excel.
Experience with vulnerability management metrics as per Organization standards.
Used Armis for IOT discovery.
Created custom detection rules in Defender.
Created automations in Secure works Taegis for alerts.
Used Entra ID for IAM, developed and enforced fine-grained access control policies using role-based access control (RBAC) and conditional access policies to secure critical organizational resources.
Experience with Firewall Rule Requests (Ports, Protocols and Services)
Handled Baseline Configurations, vulnerability exceptions and Compliance exceptions. Update, create and adjust custom policies, standards, and procedures. Manages Policy Compliance scans to configure the settings.
Utilized Microsoft Defender's cloud discovery to identify unsanctioned applications (Shadow IT) and enforce data loss prevention (DLP) policies across cloud services.
Managed and documented sensitive data management applications and handling processes by utilizing Varonis DatAdvantage to analyze shared data locations and create alerting functionality with Varonis DatAlert.
Assist with routine compliance and audit functions to ensure regulatory scanning requirements are satisfied.
Perform vulnerability, configuration, and compliance scan with Nexpose to detect deficiencies and validate compliance of information systems configuration with organization's policies and standards such as Center for Internet Security (CIS) Benchmarks.
Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using the QRadar SIEM
Analyze vulnerabilities to determine remediation measures and rule out false positive using resources
Assist in the planning of remediation strategies. Work with client to provide advice Remediation, Scanning and projects.
Coordinate with team members to provide guidance related to requirements
Experience with SAI Digital Manager 360 (Modulo) to do the risk assessment of systems and applications. Assist in the implementation of Risk Management Framework (RMF), through the required government policy and participate fully in documentation process
Performed security analyses to validate established risk on systems and applications.
Document Assessment result and Authorized technical activities and coordinate system security plan (SSP)
Strong knowledge of threats and vulnerabilities associated with cloud and on-premises network security
Creation of technically detailed reports on the status of the SIEM to include metrics on items such as number of loggings sources, log collection rate, and server performance
Examined alerts from QRadar security monitoring tools, monitored, investigated, and reported incidents of suspicious activity. Analyzed security breaches to determine the root cause of problems
Identified potential risks, such as virus and malware attacks, and hacking, conducted initial research based on analytic experienced.
Assisted with implementation of counter measures, as well as mitigating controls. Provided and developed the forensic capability to enhance response to the investigation
Assist with designing and documenting work processes within the SOC and act as a point of escalation for other Engineers (Associate SIEM Engineer & SIEM Engineer) and provide guidance and mentoring
Client: NextNav - (Remote) Sep 2020 – Aug 2022
Sr. Cyber Security Engineer
Responsibilities:
•Security Engineer for Proof Point Email Gateway Security.
•Managing the enterprise infrastructure of the System Security team, such as configuration of File Integrity Monitoring systems, Data Loss Prevention (DLP) toolsets, enterprise Antivirus solutions, and endpoint encryption.
•Experienced with DLP, Proofpoint, Trend Micro, and IBM QRadar Enterprise SIEM security tools to monitor network environment
•Worked on tools like Information security and Group Policy, Symantec Data Loss Prevention, Symantec End- Point Protection Manager, Symantec Endpoint Encryption, Windows Server Update service, Bluecoat Proxy, Syslogs, GFI.
•Oversee Vulnerability assessment/penetration testing of scoped systems and applications to identify system vulnerabilities.
•Recognize, adopt, utilize and teach best practices in cloud security engineering
•Internal Network Vulnerability Assessments to enhance the Information Security culture of an organization through identifying, analyzing and reporting the gaps which may be used to threaten the CIA of information.
•Frameworks used ISO 27001 ISMS, PCI DSS, SSAE16, OWASP, SANS, Forcepoint.
•Monitored and researched Cyber Threats with a direct & indirect impact to the organization internally.
•Multi model Consulting on different frameworks & standards like ITIL, COBIT, SDI, CMMI & ISO 2000, ISO 9001.
•Security Consultant specializing in Data Loss Prevention and large infrastructure encryption.
•Develop reference architectures and proof of concept implementations of cloud security environments
•Responsible for architecting, implementing and supporting cloud-based infrastructure and its solutions.
•Manage all repeated threats to all systems and perform vulnerability tests.
•Responsible for the design, development, and implementation of new and innovative solutions to protect lucid sensitive data and strengthen data protection capabilities.
•Used Splunk Deployment Server to manage Splunk instances and analyzed security-based events, risks & reporting.
•Experienced with Handling Cloud environments (AWS and Azure)
•Simplified knowledge sharing by creating and maintaining detailed and comprehensive documentation and necessary diagrams.
•Assisted internal users of Splunk in designing & maintaining production-quality dashboard, assisted team to understand the use case of business and provided technical services to projects, user requests & data queries.
•Monitor the audit findings are followed up by the system owners for closure of any non-conformances. Following up with secondary audits to ensure the work is being completed
•Explain to all levels of the organization the purpose of an Information Security Management System (ISMS) and explain the processes involved in establishing, implementing, operating, and monitoring, reviewing, and improving ISMS as defined in ISO27001
Client: Real Page, INDIA Aug 2016 – Aug 2019
Information Security Analyst
Responsibilities:
•Build, maintain, and track system’s cybersecurity baselines via vulnerability compliance tool (Tenable Nessus), organization cybersecurity policies, guidance, and plans.
•Review, assess, create, and update enclave documentation in OneTrust tool and any Configuration Management (CM) system for the ISSM review and approval.
•Identify, collect, review, and maintain RMF (Risk Management Framework) required artifacts cybersecurity policies, guidance, and plans.
•Ensure accurate system documentation and configuration logs are maintained to reflect current and prior configuration baselines.
•Provide written evaluations portraying system progress on RMF compliance, organization cybersecurity guidance with one evaluation for each system per quarter.
•Conduct annual control validations (ACVs) for all systems, cybersecurity guidance for all systems in a similar manner, but in accordance with organization policies and schedule.
•Ensure the required Cybersecurity functional activities and actions during the systems’ O&S phase are conducted with Cybersecurity related laws and regulations.
•Improving Critical Infrastructure Cybersecurity and Resilience including policies, standards, special publications, instructions, and guidance from NIST, ISO, etc.
•Review system’s test plans and test results and if necessary, observe system testing for security control implementation of cybersecurity policies, guidance, and plans.
•Document all findings. Perform security impact analysis on any system change and appropriately prepare letters of assurance, security impact letters, and risk assessment letters to include exceptions, deviations, or waivers to cybersecurity requirements when applicable.
•Monitor and adhere to the system’s A&A schedule deadlines of the Program Office’s Cybersecurity Plan and organization schedule.
•Review annually and provide recommended updates to program cybersecurity policies and plans for cybersecurity guidance.
•Assist with the cybersecurity vulnerability management plan and risk assessment capability.
•Create and review vulnerability reports, track compliance with vulnerability management policies and procedures in accordance with established guidelines.
Client: Caterpillar, Chennai, INDIA July 2015 - July 2016
Security Analyst
Responsibilities:
•Experience with many of the following technologies/roles: Privileged Account Management, Two-Factor Authentication, Web filtering, Web Application Firewalls, Virtualized computing environments, Encryption-at-rest and encryption-in-transit, Vulnerability Management.
•Installation and configuration of networks and network devices such as web application firewalls, network firewalls, switches, checkpoint firewall, blue coat proxy and routers.
•Network Security configuration, audit, and management of Windows servers. Installation, configuration, audit, and management of security tools.
•Security configuration, audit, and management of applications and databases. Leading security incident investigations, including basic forensic analysis and reporting.
•Deploying, automating, maintaining and managing AWS cloud-based production system, to ensure the availability, performance, scalability and security of production systems.
•Implemented physical and procedural safeguards for information resources within the facility. Communicate effectively with senior management, peers, staff, and customers both inside and outside the corporation.
•Administered access to information resources and makes provisions for timely detection, reporting, and analysis of actual and attempted unauthorized access to information resources.
•Proposed and assisted with the acquisition of security hardware/software. Develops and maintains access control rules. Experience with VOIP systems.
•Maintains user lists, passwords, encryption keys, and other authentication and security-related information and databases.
•Experience in Palo Alto networks and firewall.
Contact this candidate