Risk Management Cyber Security

Varshin Bodla Email: *****************@*****.***

Mobile: 217-***-**** LinkedIn: https://www.linkedin.com/in/b-varshin/

SUMMARY:

* *****’ experience in IT Security focusing on Cyber Security, cloud architecture, Policy compliance, Risk management, Vulnerability Management.

Hands on experience in risk management and threat management.

Extensive experience performing security audits using SD Elements, cloud native tools and CSPM tools like Prisma Cloud.

Experienced in identifying vulnerabilities, evaluating risk, and driving the remediation effort.

Proficient in identifying and assessing security risks through a comprehensive understanding of cybersecurity frameworks, threat landscapes, and industry best practices.

Good experience in performing the Security Risk Assessments on application environments deployed in GCP, AWS, Azure and OCI.

Experienced in reviewing SAST, DAST, IAST, and various vulnerability management reports.

Skilled in Project Management Guidelines.

Assisted in developing and enforcing policies related to IRS Pub 1075, focusing on data protection, secure access controls

Experience in performing security audits to comply with industry standard frameworks like NIST 800-53, PCI-DSS, HIPAA, CIS etc.

Knowle in the governance and risk management of IT infrastructure, F.A.C. 60GG standards to mitigate threats and vulnerabilities.

Capable of working in fast-paced organizational environments and handling security risk assessments for multiple projects.

Familiar with Microsoft Office Suite, including Excel for data analysis and reporting, Word for documentation, and PowerPoint for creating professional presentations.

TECHNICAL SKILLS:

Network Protocols

TCP/IP, DNS, DHCP, NAT/PAT, SNMP, VLAN’s and IPSEC-VPN.

Security Best Practices

NIST, CIS, Microsoft Cyber Security, Fortinet.

Security Frameworks

COBIT, ISO 27000 series, PCI-DSS, NIST SP 800 Series

Monitoring Tools

Splunk, ArcSight

Security Scanning Tools

Qualys VM, Qualys MSB, Qualys Container Security, Nessus.

App Scanning Tools

Qualys WAS, Veracode, Checkmarx, Nessus IQ

GRC Tools

RSA Archer.

Pen testing Tools

Burp Site Professional, OpenVAS, Nmap, Nessus, Maltego.

Security Services

Email Filtering, Anti-Phishing Services, UTM.

CSPM Tools

Prisma Cloud, Qualys Total Cloud, Orca, Wiz.

Cloud Platforms

Microsoft Azure, Google Cloud Platform (GCP), AWS and OCI.

Programming Languages

Python, Java, SQL, JavaScript, C/C++, PowerShell, PHP

PROFESSIONAL EXPERIENCE:

Information Security Analyst July 2023 – present

Citizens Bank

Dallas, TX

Description: Led the efforts in administering, maintaining, and enhancing the security platforms to protect Citizens Bank’s sensitive information. Focused on optimizing the institution’s cybersecurity infrastructure to mitigate risks and improve system performance.

Assisted in administering, programming, maintaining, and supporting various departmental and enterprise-wide security platforms.

Conducted system performance evaluations, monitored patch management, and performed security evaluations.

Collaborated with cybersecurity engineers to support security incident response activities.

Analyzed user needs across various computer environments and made recommendations for security solutions.

Collaborated with cross-functional teams to develop and enforce security policies aligned with IRS Pub 1075, ensuring the secure processing and storage of tax information.

Assisted in full lifecycle management of complex projects supporting enterprise systems.

Developed new methods to improve service processes, performance, and functionality by examining existing systems management tools and processes.

Monitored the operation of server systems on a scheduled basis and ensured optimal security configurations.

Conducted regular backups and recovery operations, maintaining the integrity and availability of critical data.

Assisted in developing and maintaining server system standards and ensuring compliance with institutional policies, standards, and guidelines.

Security Consultant March 2022 - June 2023

Hyatt Hotels

Dallas, TX

Project: Securing Student Information System (SIS)

Description: Played a key role in designing and securing Hyatt's multi-cloud infrastructure. Leveraged advanced cloud security practices and tools to ensure that the hotel chain’s sensitive data was well-protected across AWS, Azure, and GCP environments.

Participated in designing and implementing security infrastructure across multiple public cloud environments (AWS, Azure, GCP).

Assisted in developing and enforcing security policies, procedures, and controls.

Conducted security assessments and audits to ensure compliance with industry frameworks such as NIST CSF and Cloud Security Alliance CCM.

Utilized Terraform for provisioning, compliance, and management of cloud infrastructure.

Worked with cloud engineering and development teams to ensure secure architecture practices were followed.

Developed and implemented encryption strategies, including key management and rotation.

Managed and enforced security controls across a complex, multi-cloud environment, including IAM, encryption, networking, and logging.

Implemented security standards for various cloud services, such as Compute Engine, BigQuery, EC2, Lambda, Scale Sets, and Object storage.

Secured Kubernetes deployments by applying best practices and collaborating with development teams to ensure secure architecture practices.

Managed cloud risk through Cloud Security Posture Management (CSPM) and Cloud Detection and Response (CDR) tools.

ACADEMIC PROJECT October 2019-April 2021

Description: Focused on securing the Student Information System (SIS) of a large university by implementing a range of cybersecurity measures to protect student data from unauthorized access, breaches, and other potential cyber threats.

Securing a university's Student Information System (SIS) to protect sensitive data and ensure compliance with cybersecurity standards.

Implemented robust security measures, including firewalls, IDS/IPS, VPNs, and multi-factor authentication (MFA).

conducted comprehensive risk assessments, vulnerability scans, and penetration testing to identify and mitigate potential threats.

Roles included managing project activities, applying security configurations, encrypting data, monitoring network traffic, and developing an incident response plan.

Secured SIS with enhanced protection against cyber threats and detailed documentation demonstrating the effectiveness of our security controls.

ACHIEVEMENTS

Certification: Ethical Hacking - Microsoft (2018)

Objective: Conducted thorough vulnerability assessment and ethical hacking exercise to identify potential security weaknesses in an organization's network and applications, and recommend remediation actions to improve security posture.

Project Description:

Used ethical hacking tools such as Nmap and OpenVAS to gather network information, scan for open ports, and map the network topology. This allowed for identification of potential attack vectors, including unsecured protocols and vulnerable endpoints.

conducted vulnerability scanning using Nessus and Burp Suite to identify outdated software, misconfigurations, and vulnerabilities within the network and applications. The focus was on finding common issues like SQL injection, cross-site scripting, and weak encryption methods.

Attempted controlled exploitation of identified vulnerabilities using Metasploit, focusing on demonstrating how malicious actors could gain unauthorized access to sensitive data. All ethical hacking attempts were carefully documented and authorized by the system owners.

Compiled a detailed report outlining all vulnerabilities discovered during the assessment. Provided actionable recommendations for patching systems, improving firewall rules, and securing network configurations. Offered guidance on implementing stronger password policies and encryption mechanisms to mitigate future risks.

Tools/Technologies:

Nmap, Nessus, OpenVAS, Burp Suite, Metasploit, Wireshark

Certification Cyber security - Caterpillar (2018)

Objective: Implement a comprehensive cybersecurity framework to protect an organization's critical infrastructure, ensuring compliance with industry standards such as NIST and ISO 27001.

Project Description:

Used ethical hacking tools such as Nmap and OpenVAS to gather network information, scan for open ports, and map the network topology. This allowed for identification of potential attack vectors, including unsecured protocols and vulnerable endpoints.

Conducted a full risk assessment for Caterpillar's critical systems, identifying key assets that required protection. This included servers, databases, and internal applications handling sensitive data. Performed a threat analysis to prioritize risks based on their potential impact.

Developed and implemented a range of security controls based on the NIST Cybersecurity Framework. Controls included intrusion detection systems (IDS), firewalls, and endpoint security solutions to prevent unauthorized access and data breaches.

Created a detailed incident response plan to outline the steps to be taken in the event of a security breach. The plan included protocols for identifying the breach, containing the threat, eradicating the issue, and recovering from the attack while minimizing data loss and downtime.

Deployed monitoring tools like Splunk and Qualys to track network activity in real time and continuously scan for vulnerabilities. Ensured that all implemented security measures were following NIST, PCI-DSS, and ISO 27001 standards. Conducted regular audits to ensure ongoing compliance and optimal security practices.

Tools/Technologies:

Splunk, Qualys, Nessus, Snort IDS, Firewall Management Systems, NIST Framework, ISO 27001 Standards

Contact this candidate