Post Job Free
Sign in

Cyber Security in United states

Location:
Denton, TX
Posted:
May 08, 2025

Contact this candidate

Resume:

Venkat krishna

Sr. Cyber / Sr. Security Engineer

Phone: +1-908-***-****

Email: ******************@*****.***

Professional summary:

Over 10 years of industry experience as a Cyber Security professional, specializing in penetration testing and Cyber Security practices.

Proficient in the latest tools and technologies, staying up to date with the rapidly evolving Cyber Security landscape.

Expertise in OWASP Top 10, SIEM implementation, and THREAT CLASSIFICATION methodologies.

Extensive hands-on experience in conducting vulnerability assessments of both internet-facing assets and internal systems using advanced tools such as Burp Suite, IBM Appscan, Nessus, Live HTTP headers, Metasploit, Ettercap, Wireshark, SQLmap, OWASP ZAP Proxy, Nmap, and HP Fortify.

Strong knowledge of Cloud Technologies, particularly AWS, and experience in securing cloud environments.

Deep understanding of network protocols, including TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, etc.

Actively involved in the secure SAST/DAST process and environment, ensuring the identification and resolution of security vulnerabilities.

Proficient in utilizing Splunk SIEM, monitoring and analyzing SSH logs in Splunk ESM to detect and escalate potential brute force attempts on Red Hat servers hosted in Azure cloud.

Conducted risk assessments for applications, adapting them to reflect regulatory and business changes, as well as the impact of audit findings, compliance testing, and regulatory exams.

Skilled in supporting and deploying Web Application Firewalls (WAF), collaborating closely with security architecture teams, vendors, and internal stakeholders.

Experienced in developing, maintaining, testing, and troubleshooting WAF policies and rule sets globally, using Splunk and other SIEM tools for strategy planning.

Collaborated with Information Security teams to fine-tune SAST/DAST tools and processes, ensuring optimal performance and accuracy.

Monitored SIEM feeds to proactively identify and investigate potential enterprise threats, taking prompt action to mitigate incidents.

Develop and implement comprehensive cybersecurity strategies to protect the organization's IT infrastructure, networks, databases, and web applications.

Provided remediation guidance to developers based on identified security issues, promoting secure coding practices.

Lead the security assessment of embedded systems, IoT devices, and firmware to identify vulnerabilities and weaknesses.

Conducted penetration tests and vulnerability assessments to evaluate the security posture of embedded systems and recommend remediation measures.

Hands-on technical experience with testing of web applications in Java or .NET, Experience with audits, e.g. A-123, SOC 1/2, FISCAM. Radius and Kerberos Server experience. API testing using Postman.

Conducted secure code reviews using static code analyzers such as HP Fortify, Checkmarx, and Veracode.

Proficient in validating false positives and effectively reporting security issues.

Implemented free and Open-Source software vulnerability assessment processes, establishing governance and centralized repositories for developers, utilizing tools like Black Duck, SonarQube, and Snyk.

Skilled in gathering requirements from stakeholders, devising and planning security measures, and demonstrating strong technical understanding of vulnerabilities.

Exceptional team player with strong initiative, continuously learning and adapting to new concepts and technologies.

Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010.

Extensive knowledge on configuring and troubleshooting STP, PVST, RSTP, MSTP, VLAN, Inter-VLAN routing, Trunking (802.1q & ISL), Port channels (LACP & PAgP).

Designed and implemented comprehensive cloud security strategies for clients, leveraging cloud security platforms like CASB, SASE, and CSPM to ensure the confidentiality, integrity, and availability of cloud-based assets.

Led the design and implementation of secure network architectures, including LAN, WAN, and cloud-based networks, ensuring robust security and high availability.

Implemented and managed Azure Defender, Azure Security Center, and Sentinel One to enhance cloud security posture and threat detection capabilities.

Lead the design and implementation of endpoint security strategies for clients, ensuring comprehensive protection against malware, ransomware, and advanced persistent threats.

Collaborate with clients to assess their existing endpoint security posture and recommend tailored solutions to address vulnerabilities and gaps.

Led the integration and management of Hardware Security Modules (HSMs) within embedded systems and IoT devices to protect sensitive data and cryptographic operations.

Collaborated with VECTOR, ETAS, and other vendor BSW components to enhance the security posture of embedded systems.

Spearheaded the implementation and management of Illumio's micro-segmentation solution to enhance network security.

Developed a Python-based tool for automating the initial steps of incident response, including log analysis, malware scanning, and user account checks, reducing incident response time by 50%.

Implemented and managed GRC tools such as [Specific GRC Tool Names] to assess and mitigate security risks, ensuring compliance with [Relevant Industry Standards/Regulations].

Collaborated closely with development and operations teams to integrate security into Continuous Integration/Continuous Deployment (CI/CD) systems, enabling automated security testing and validation of code changes.

Possesses excellent communication, analytical, troubleshooting, customer service, and problem-solving skills, excelling in mission-critical environments that require advanced decision-making.

Technical Skills:

Security Tools

WAF (Web Application Firewall), OWASP ZAP Proxy, Paros Proxy, Splunk SIEM, IBM Appscan, Metasploit, AWS, HP Web Inspect, SQLMAP, Dirbuster, Wireshark, QualysGuard, Nexus IQ Server, Snyk.

Network Auditing Tools

Nmap, Nessus

SAST and DAST Tools

IBM AppScan Enterprise (ASE), HP WebInspect, QualysGuard, Burp Suite Pro, HP Fortify, Checkmarx, Veracode, Nmap, Hping3.

Programming Languages

Java.

Databases

MySQL, Oracle, MSSQL.

Scripting Languages

HTML, JS.

Operating System

Kali Linux, GNU/Linux, Windows.

Norton Healthcare (Remote) Oct 22 - Present

Sr. Cyber Security Engineer

Responsibilities:

Analyze, troubleshoot, and investigate security-related information systems anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts.

Monitor and analyze the output and performance of network and host-based security platforms, including vulnerability scanning systems and tools (such as Nessus, Nexpose), network-based Intrusion Detection/Prevention Systems (IDS/IPS), host-based Intrusion Detection/Prevention Systems (HIDS/HIPS), File Integrity Monitoring (FIM) software, Security Information & Event Management (SIEM) platforms (such as Splunk, QRadar, McAfee/Nitro), Data Loss Prevention (DLP) solutions, log indexing and correlation tools, anti-virus and anti-spyware logs and events, and web proxy and filtering systems.

Spearheaded the development and implementation of a comprehensive information security program, ensuring alignment with business goals and regulatory requirements.

Execute routine and ad-hoc vulnerability scans and other tests to verify system security settings and configurations using tools like Nessus, Nmap, Nexpose, and HP WebInspect.

Ensure proper assessment, containment, mitigation, and documentation of security incidents.

Perform Penetration Testing using tools like Veracode.

Successfully led the organization through PCI DSS assessments, resulting in full compliance and the establishment of a secure payment card data environment.

Review Veracode reports for CRLF and Java Source Security Controls, as well as Cross-Site Scripting vulnerabilities.

Implemented and managed a robust cybersecurity risk assessment program, identifying vulnerabilities and threats to the organization's IT systems and networks.

Developed and maintained risk management frameworks, policies, and procedures to ensure compliance with industry standards and regulations.

Conducted regular risk assessments and vulnerability analyses, providing actionable recommendations for risk mitigation and remediation.

Create custom Web Application Firewall (WAF) policies to block newly observed threats and reduce manual work.

Designed and implemented a scalable security information and event management (SIEM) system using Python, Elasticsearch, and Logstash, processing and correlating log data from various sources for comprehensive threat analysis.

Conducted regular security assessments and vulnerability scans to identify and remediate potential security weaknesses.

Collaborated with internal audit teams to develop and maintain comprehensive risk assessment processes.

Drafted and enforced security policies, procedures, and guidelines to ensure a secure operating environment.

Designed and implemented complex network architectures, including LAN, WAN, and cloud-based networks, utilizing technologies such as MPLS, BGP, OSPF, VLANs, and SD-WAN.

Design and configure secure processing systems, ensuring the integration of encryption, authentication, and access control mechanisms.

Responsible for monitoring and, providing analysis in a 24x7x365 Security Operation Center (SOC) using Splunk SIEM, IDS/IPS tools.

Deal with daily bot-mitigation, whitelisting, false-positive analysis, and investigation of abnormal traffic patterns.

Use Python scripts to simulate cyber-attacks, identify vulnerabilities, and assess the security posture of networks and applications.

Monitor and analyze logs and alerts to improve security policies in both the WAF and SIEM.

Slash security risks by fine-tuning web application policies, including blocking IPs and fine-tuning configurations.

Python frameworks like Django and Flask are used to build secure web applications. Python libraries such as Requests and BeautifulSoup facilitate web scraping and analysis, which are essential for web application security testing.

Upgrade WAF firmware versions to the latest, ensuring enhanced protection for all applications.

Organize Disaster Recovery Drills on the WAF level to ensure data security.

Utilize bash scripting to collect and analyze data from compromised devices.

Maintain security services and technologies, including SIEM configuration and incident response.

Install, configure, and administer Splunk Enterprise Server and Splunk Forwarder on Red Hat Linux and Windows servers.

Using Enterprise Security Helped SOC team to build investigative analyses to trace the dynamic activities associated with advanced threats.

Configure and maintain MPLS (Multiprotocol Label Switching) between satellite locations and the data center, including rule management for MPLS routers.

Work with SIEM platforms such as Rapid7 Nexpose, Forcepoint, Splunk, and others.

Administer CyberArk vault, including safe creation, LDAP integration, and policy and report creation in PVWA (Password Vault Web Access).

Execute, organize, and distribute recurring and ad-hoc reports for network and host-based security solutions.

Proficiently understand and address application-level vulnerabilities such as XSS, SQL Injection, CSRF, authentication bypass, weak cryptography, and authentication flaws.

Assist in maintaining relevant system and process documentation to ensure confidentiality, integrity, and availability of systems.

Created Python scripts to automate the compliance checks for various security standards, such as PCI DSS and GDPR, ensuring continuous compliance and generating compliance reports automatically.

Spearheaded the integration of cybersecurity best practices into CI/CD pipelines, ensuring the secure development, testing, and deployment of software applications.

Collaborated with development and operations teams to automate security testing within the CI/CD process, resulting reduction in vulnerabilities and faster release cycles.

Collaborated with cross-functional teams to design and enforce security controls within Illumio, protecting critical assets and preventing lateral movement of threats.

Actively participated in incident response activities, leveraging Illumio's capabilities to contain and mitigate security incidents effectively.

Establish and maintain strong working relationships with team members.

Employ various approaches to Grey and Black Box security testing.

Generate and present reports on security vulnerabilities to internal and external stakeholders.

Perform manual and dynamic penetration testing of web applications using tools like Burp Suite and IBM AppScan.

Implemented IBM Guardium data security platform to monitor, audit, and protect sensitive data, ensuring compliance with regulatory requirements and industry standards.

Conducted configuration reviews and policy tuning in Guardium, enhancing the accuracy of data discovery and classification, reducing false positives by 25%.

Collaborated with cross-functional teams to integrate Guardium into the organization's incident response and threat intelligence processes, enabling faster detection and remediation of security incidents.

Managed and maintained Tripwire's file integrity monitoring (FIM) solutions, ensuring the integrity of critical system files and configurations, detecting unauthorized changes promptly.

Conducted regular security assessments using Tripwire, identifying vulnerabilities and misconfigurations, and provided actionable recommendations to improve system security.

Led the implementation of Tripwire Enterprise Security Controls, enhancing the organization's ability to detect and respond to advanced threats and security incidents.

Collaborate with cross-functional teams to integrate security best practices into the development and deployment of web applications and mobile technologies.

Worked extensively with Python's socket and scapy libraries allow for network protocol analysis, packet manipulation, and network forensics.

Monitor cloud-based services and virtualized environments, ensuring the implementation of adequate security controls.

Palo Alto Prisma Cloud for Cloud Security Posture Management (CSPM) and Cloud Workload/Container Security. Implemented security policies, performed vulnerability assessments, and Hping3 ensured compliance with industry standards.

Implemented secure configurations for Azure and AWS services, addressing IaaS/PaaS security concerns and ensuring the secure deployment of cloud resources.

Configured and fine-tuned Azure Security Center policies to ensure compliance with industry standards and organizational security requirements.

Developed and implemented security strategies, protocols, and best practices for embedded systems, ensuring compliance with industry standards and regulations

Conducted threat modeling exercises and risk assessments to identify potential threats and vulnerabilities in embedded systems.

use Python to create custom network monitoring and intrusion detection tools.

Managed the deployment of advanced security technologies, including firewalls, intrusion detection/prevention systems, VPNs, and secure email gateways.

Managed cloud security initiatives for multiple clients, implementing Cloud Security Service Edge (SASE) solutions to secure remote users and cloud applications.

Collaborate with clients to assess their existing endpoint security posture and recommend tailored solutions to address vulnerabilities and gaps.

Configure and deploy advanced endpoint protection tools, conduct regular updates, and manage endpoint security policies to ensure network real-time threat detection and prevention.

Monitor security alerts and incidents, analyze endpoint security event data, and respond promptly to mitigate security risks and breaches.

Leading a SOC team for cyber incidence and compliance towards PCI DSS, NIST framework.

Configure the IBM AppScan tool to meet individual scanning requirements.

Conduct security assessments of online applications to identify vulnerabilities in areas such as input and data validation, authentication, authorization, auditing, and logging.

Perform vulnerability assessments of various web applications using tools like Paros Proxy, Burp Suite, and HP WebInspect.

Modules / Tools Used: Nessus, Nexpose, Splunk,SOC, QRadar, McAfee/Nitro, Veracode, HP WebInspect, Burp Suite, IBM AppScan, Paros Proxy, HP Fortify, Splunk SIEM, CyberArk, Rapid7 Nexpose, Forcepoint.

Mizuho Bank, NYC Apr 19 - Aug 22

Sr. Cyber Security Engineer

Responsibilities:

●Perform application security testing for various types of applications, including web, API, mobile, and thick client.

●Conduct vulnerability assessments of web applications using tools like Acunetix scanner and eliminate false positives from the scanner reports.

●Developed a Python-based web application firewall (WAF) that automatically blocked malicious requests, reducing the attack surface and preventing SQL injection and cross-site scripting attacks.

●Perform Static Application Security Testing (SAST) and manual code reviews, as well as Dynamic Application Security Testing (DAST) using Veracode to identify security vulnerabilities. Prioritize vulnerabilities, create tickets in JIRA, and coordinate with developers to get them fixed.

●Perform Qualys WAS operations and manage internal Qualys WAS services and WhiteHat Security scans.

●Utilize industry-standard application security testing tools such as AppScan, Web Inspect, Acunetix, Checkmarx, and Veracode.

●Designed and implemented complex network solutions for clients, ensuring scalability, redundancy, and security.

●Assisted clients in deploying and configuring IBM Guardium, providing expertise in data discovery, classification, and real-time activity monitoring to protect sensitive data from insider threats and cyberattacks.

●Conducted vulnerability assessments and security audits, leveraging Tripwire's solutions to identify security weaknesses, non-compliance issues, and potential areas of exploitation.

●Collaborated with clients to develop customized security policies and configurations in Tripwire, ensuring alignment with industry best practices and regulatory requirements.

●Provided training and technical support to clients' IT teams, empowering them to effectively utilize Guardium and Tripwire solutions to enhance their cybersecurity posture.

●Conduct comprehensive PCI assessments for clients to evaluate their payment card data security posture, identify vulnerabilities, and provide recommendations for remediation.

●Collaborate with clients to develop and implement tailored security solutions, ensuring compliance with PCI DSS requirements and industry best practices.

●Perform vulnerability assessments and penetration testing to identify and mitigate security risks, resulting in a 25% decrease in potential exploits.

●Provide expert guidance to clients on PCI compliance strategies, leading to a 15% improvement in overall compliance levels.

●Implemented GRC solutions to automate compliance assessments, resulting in reduction in manual effort and improved accuracy.

●Conducted regular security audits, penetration testing, and vulnerability assessments to identify and mitigate security risks.

●Developed detailed network architectures, including LAN, WAN, Telnet,and cloud-based networks, ensuring scalability, redundancy, and security.

●Developed comprehensive network designs, ensuring high availability, fault tolerance, and disaster recovery capabilities.

●Configured and maintained network devices, including routers, switches, and load balancers, ensuring optimal performance and security.

●Implemented network protocols and technologies, such as BGP, OSPF, VLANs, and MPLS, to create reliable and efficient network infrastructures.

●Conduct manual web application assessments using Burp Suite Professional and OWASP ZAP.

●Manage project scope, planning, tracking, change control, and other aspects of the project.

●Manage incident response platforms and automation, including licensed modules like Tanium and RSA NetWitness/Splunk.

●Switching-related tasks included implementing VLANs, and VTP, and configuring and maintaining multi-VLAN environment and inter-VLAN routing on the Fast-Ethernet channel.

●Create test scenarios, design test cases, and use ALM tools for test case creation. Map test cases with identified defects in ALM and JIRA.

●Utilize JIRA for defect management.

●Played a pivotal role in establishing and leading the Security Operations Center (SOC) team, overseeing daily activities, coordinating incident response efforts, and ensuring effective threat mitigation.

●Worked with Security Operations Center (SOC) web application security log analysis and Malware Analysis, Phishing / Spam email Investigation, EDR tool (Titanium / Crowd Strike/Carbon black and other relevant tools.

●Conduct network security assessments of client infrastructure and hardware.

●Deliver detailed technical and executive summary reports to customers.

●Conducted threat modeling exercises and risk assessments to identify potential threats and vulnerabilities in embedded systems.

●Collaborated with cross-functional teams to design and implement network security solutions, integrating Azure Defender and Sentinel One into the organization's overall security framework.

●Advised clients on best practices for Azure security, including the implementation of Azure Defender and Sentinel One.

●Implemented CI/CD pipelines using tools such as Jenkins, GitLab CI, and Travis CI, automating the build, test, and deployment processes for multiple projects.

●Developed and delivered training sessions on Azure Defender and Sentinel One for clients' IT and security teams.

●Utilized Python frameworks such as Flask and Django to build secure, user-friendly dashboards for security analysts and executives, providing real-time visibility into the organization's security posture and incident response activities.

●Assisted in the evaluation and selection of cloud security platforms, including Cloud Workload Protection Platforms (CWPP) and Software-as-a-Service (SaaS) security solutions.

●Led the design and development of embedded security firmware for FOTA updates, ensuring secure and reliable remote updates.

●Conducted penetration testing and vulnerability assessments on embedded systems and FOTA mechanisms to identify and remediate vulnerabilities.

●Conducted code reviews and static code analysis to identify and remediate security vulnerabilities in embedded software.

●Collaborate with clients to assess their IT governance structures and align cybersecurity strategies with industry-leading frameworks, including COBIT, ITIL, ISO27001, and NIST Cybersecurity Framework.

●Stay current with the latest endpoint security trends, threats, and technologies to continuously improve service offerings and client outcomes.

●Work closely with the development team throughout the security issue resolution process.

●Conducted security assessments of HSMs to ensure compliance with industry standards and best practices, including FIPS 140-2.

●Python, along with libraries like TensorFlow and Scikit-Learn, is used to develop machine learning models for intrusion detection, malware analysis, and user behavior analytics.

●Designed and implemented micro-segmentation strategies using Illumio, enhancing network security for clients across various industries.

●Managed and maintained endpoint security solutions, including antivirus software, endpoint detection and response (EDR) tools, and email security gateways.

●Collaborated with cross-functional teams to design and implement secure key management solutions, utilizing HSMs for cryptographic operations.

●Perform confirmatory assessments to validate security fixes deployed by the development team.

●Participate in organizational activities, including assisting in recruitment drives to hire new talent for the Security Practice.

Tools used: Acunetix scanner, Veracode,SOC, Qualys WAS, AppScan, WebInspect, Burp Suite, OWASP ZAP, JIRA, Tanium, RSA NetWitness/Splunk, Checkmarx, ALM (Application Lifecycle Management).

Visa, TX May 17 – Mar 19

Cyber Security Engineer

Responsibilities:

●Perform information security research and conduct application security testing for client and internal applications.

●Implement and manage intrusion detection systems and network security solutions to proactively identify and mitigate security threats.

●Spearheaded the implementation and configuration of SPLUNK and Qradar, enabling real-time monitoring, analysis, and correlation of security events, leading to a 40% improvement in incident detection and response times.

●Conducted regular vulnerability assessments and security scans using Tripwire, identifying and remediating security gaps to enhance the organization's overall security posture.

●Configured Guardium policies and alerts to monitor database activities, detecting and mitigating unauthorized access attempts and data breaches in real-time.

●Utilized Tripwire's file integrity monitoring (FIM) capabilities to detect and alert on unauthorized changes to critical system files and configurations, preventing potential security incidents.

●Collaborated with cross-functional teams to integrate Guardium and Tripwire solutions into the incident response workflow, streamlining the identification and containment of security breaches.

●Managed and fine-tuned Bit9 and Tripwire security solutions, ensuring the integrity of critical system files and preventing unauthorized changes, reducing security breaches by 50%.

●Implemented Python's simplicity and readability expedite the development of security applications and tools. Oracle database security best practices, including encryption, access controls, and auditing mechanisms, enhancing data protection and compliance with regulatory requirements.

●Deployed DarkTrace's AI-powered threat detection technology, proactively identifying and mitigating sophisticated cyber threats, resulting in a 30% reduction in cybersecurity incidents.

●Led the organization's PCI DSS compliance initiatives, ensuring adherence to PCI DSS 3.2.1 and 4.0 standards, conducting regular assessments, and implementing necessary controls to maintain a secure payment card environment.

●Developed and enforced policies and procedures to comply with AX, CCPA/CPRA regulations, ensuring the organization's compliance with data privacy and protection laws.

●Profile applications to identify potential threats and develop targeted test cases.

●Prepare detailed reports documenting identified issues based on internal templates.

●Ensure effective communication between the project team and the customer, providing day-to-day direction to the team and regular project status updates.

●Conduct research and analysis of current and emerging threats targeting applications and infrastructure.

●Create Proof of Concept documentation for new security vulnerabilities.

●Stay up-to-date with the latest security trends, vulnerabilities, and best practices.

●Collaborate with development teams to provide security guidance and recommendations.

●Conduct code reviews and network security assessments to identify potential vulnerabilities.

●Perform threat modeling exercises to assess potential risks and develop mitigation strategies.

●Assist in the design and implementation of secure coding practices and standards.

●Participate in security incident response activities and provide technical support during investigations.

●Work closely with cross-functional teams to ensure security controls are implemented effectively.

●Develop and deliver security awareness training for employees to promote secure coding practices and awareness of common threats.

●Implemented and managed cybersecurity measures to ensure compliance with FRB and NY DFS regulations.

●Conducted regular security assessments and audits to identify vulnerabilities and recommend appropriate security solutions.

●Python is used to interact with security-related APIs, allowing cybersecurity professionals to automate interactions with various security tools, platforms, and services.

●Implemented API security policies and utilized AWS API Gateway to secure and monitor API endpoints, ensuring data integrity and confidentiality.

●Conduct comprehensive security assessments and gap analyses, providing tailored recommendations to enhance security postures and regulatory compliance.

●Worked closely with IT teams to implement patch management processes, ensuring timely updates and vulnerability remediation on all endpoints.

●Collaborated with incident response teams to analyze and mitigate security incidents related to embedded systems and FOTA updates.

●Detection/Prevention Systems (IDS/IPS), host-based Intrusion Detection/Prevention Systems (HIDS/HIPS),

●Collaborate with third-party vendors and conduct security assessments of their applications and systems.

High Radius, India Nov 15 – Feb 17

Cyber Security Consultant

Responsibilities:

●Develop and implement comprehensive cybersecurity strategies, policies, and procedures to protect systems and data from unauthorized access, threats, and vulnerabilities.

●Conduct regular vulnerability assessments and penetration tests to identify security weaknesses and recommend appropriate remediation actions.

●Monitor and analyze security logs, events, and alerts from various security tools and systems to detect and respond to potential security incidents.

●Investigate and respond to security incidents, including conducting incident forensics, root cause analysis, and implementing corrective actions.

●Design and implement network and system security measures, including firewalls, intrusion



Contact this candidate