Security Analyst

Phanisree Bandi

Name: Phanisree Bandi

****.********@*****.***

+1-216-***-****

Role: Security Analyst – Vulnerability Scanning

Current Employer: Gunnison Consulting Group

Employment Status: Full-time employee

Security Clearance: Public Trust

Security Clearance Status: Active

Role: Security Analyst – Vulnerability Scanning

Total Work

Experience: 8 years

Expertise: Information Vulnerability Management/Assessment, Penetrating testing

Experience in

Expertise: Vulnerability Management

Availability: 100%

Relevant Skills and Experience

Information Security, Penetration testing, Web Application security with OWASP top 10.

Tenable Security Center, Nessus, Burp Suite, NMAP.

Vulnerability Management/Assessment.

Technical Knowledge, Skills, and Specialization Areas

Experience/ Years

Experience Relevant to Proposed Role on Project

Vulnerability Scanning,

Tenable Security Center, Burp Suite, Nessus.

4

Performing Continuous Identification and Vulnerability Analysis using the Tenable Security Center.

Vulnerability Scanning.

4

Responsible for identifying emerging vulnerabilities, the technical controls that exist in the environment to

mitigate the risk posed by the vulnerabilities.

Education and Certifications

Dates

Degree or Certification

Issuing Authority

05/20/2006

Bachelors in Computer Science Engineering

JNTU

05/27/2023

Certified Ethical Hacker or CEH

EC Council

Selected Work History

Dates: 11/28/22 – Present

Company: Gunnison Consulting Group, Inc.

Security Analyst

Responsible for conducting Vulnerability Assessments on AOUSC Assets.

Responsible to conduct Annual, Adhoc Vulnerability scans on AOUSC Hosts and applications.

Generate Basic Risk Reports and perform remediation scans on AOUSC assets.

Responsible to provide remediation techniques for AOUSC stakeholders on discovered vulnerabilities.

Dates: 09/2019 – 11/22

Company: Blue Cross Blue Shield

Information Security Analyst

·Develop processes and implement tools and techniques to perform ongoing security assessments of the

environment.

·Identify and resolve any false positive findings in assessment results.

·Analyze Vulnerability Assessment results and engage with technology partners and business units in order to resolve identified vulnerabilities.

·Performing Continuous Identification and Vulnerability Analysis using the Tenable Security Center.

·Documents all vulnerabilities and assists the respective technical teams in their resolution.

·Developed remediation plans and security procedures. Assisted in the rapid execution of information security.

·Initiatives by maintaining an appropriate level of prioritization, focus and persistence in an environment of significant change and growth.

·Keep current with vulnerabilities, attacks and countermeasures as well as devoting time to research and development activities.

Dates: 01/2017 – 09/2019

Company: TCS

Security Analyst

Responsible for identifying emerging vulnerabilities, the technical controls that exist in the environment to mitigate the risk posed by the vulnerabilities.

Responsible for guiding the technical team in relevant actions for remediating the vulnerabilities.

Solid and demonstrable comprehension of end-to-end Vulnerability Management to include industry

standards such as CVE, CPE and CVSS.

Governance and oversight of vulnerability management activities to develop solutions to address control gaps.

Performing scans to identify vulnerabilities or confirm compliance to security standards.

Configure and run automated vulnerability scanning tools, prioritize remediation and track false positives.

Responsible for assessment of threats and vulnerabilities based on enterprise vulnerability management framework.

Dates: 04/2016 – 12/2016

Company: SIEMENS

Associate Cyber Security Analyst

Responsible for identifying, classifying, planning mitigations and tracking results for detected cyber security vulnerabilities.

Worked with program manager to develop and maintain a vulnerability intelligence process that monitors for emerging systems vulnerabilities.

Collect necessary data, develop and deliver a monthly Cyber Vulnerability Metrics report.

Develop and deliver documentation supporting cyber indications and warnings.

Responsible for developing cyber threat analysis for known threats.

Responsible for documentation and delivering reporting activities related to cyber threat situational

awareness.

Performed complex security related testing, created test cases, performed manual and automated tests,

reporting on problems encountered and documented test results for follow-up.

Dates: 08/2015 – 04/2016

Company: GENPACT

Automation Tester

Develop QA test scenarios and projects.

Develop, Assemble and run test case builds.

Design test cases and execute all types of testing like functional, end-to-end and integration.

Develop detailed testing approaches and plans for specific test areas.

Participate in peer reviews of test cases, test plans and automation scripting.

Performed all aspects of automated testing for client engagements.

Assisted Application developers and technical support staff in identifying and resolving defects.

Performed root cause analysis to identify and recommend test scope and test approach improvements.

Contact this candidate