Project Manager Financial Services

Srinivasa Rao Elluri

940-***-**** ******************@*****.*** Pilot Point, TX 76258

www.linkedin.com/in/srinivasa-rao-elluri-1459054b

SUMMARY

Accomplished Project Manager and Security Architect with 15+ years of experience in security testing, vulnerability management, and governance across telecom and banking industries. Proven ability to lead cross-functional teams, implement enterprise security frameworks, and ensure regulatory compliance (GDPR, ISO 27001, PCI DSS). Certified (CEH), ITIL Foundation and AWS Solutions Architect with a strong track record in cloud security, penetration testing, and performance optimization. Proficient in cloud platforms and skilled in mentoring teams, driving quality improvements, and enhancing security postures across diverse environments.

TECHNICAL SKILLS

Cloud platforms: AWS, Azure, GCP

Version control: Git, SVN, GitHub

Database management: Oracle, MySQL, DynamoDB, MongoDB

Scripting languages: Python, Shell scripts BASH

Web development: HTML, CSS, JavaScript, JSP

Software development: C#.Net, VB.Net, Visual Basic 6.0, Java

Containerization and orchestration: Docker, Kubernetes

Agile methodologies: Agile, Waterfall

Testing frameworks: Junit, SonarQube

Security tools: Veracode, Fortify, Nessus

Network protocols: TCP/IP, HTTP, DNS

Project management tools: JIRA, Confluence

Web servers: IIS, Apache, Tomcat, WebSphere

EXPERIENCE SUMMARY - KEY ACHIEVEMENTS

Project Manager - Security Testing/Vulnerability management & Governance - Virgin Media O2, September 2021-April 2025

Responsible for selection of Static & Dynamic Security Testing scanners. Also responsible for creation of Pen Testing Strategy, Vendor selection, schedule and execution.

Reviewing the Pen Test Reports. Verifying the severity scores based on CVE & CWE frameworks, NIST and OWASP. Conducting root cause analysis against identified vulnerabilities and prioritize the vulnerabilities remediation.

Led security governance for enterprise-scale cloud transformation projects in telecom

Point of contact for all the SMIP cybersecurity projects including development of project Threat modeling, Managing Project Risk Register & Tracking the defect remediation status and updating the plans and status to Senior Leader Ship Team.

Hands-on experience with .Net & Python.

Responsible for running Weekly stakeholders’ meetings, including vendors, SLT, and the CISO to provide updates.

Conducted Structural Code Quality & Architecture Reviews and implemented Quality Gates for cloud security and On Premises.

Mentored junior staff members in best practices for quality management, contributing to overall team growth and development.

Investigated customer complaints and performed corrective actions to resolve quality issues.

Excellent exposure in Web based vulnerability assessment& scanning Tools based on OWASP Top 10, NIST and SANS Top 25.

Hands-on experience on privacy, incident response, governance, risk and compliance, enterprise security strategies and architecture. Understanding & implementation knowledge in ISO 27001, CIS, PCI DSS, NIST, ITIL, COBIT.

Hands-on experience with Static and Dynamic scanners & vulnerability management tools (Web Inspect, Qualys Scan, HP Fortify, CAST, Veracode).

Responsible for Data Center DR plan & executions. Handled Annual Disaster Recovery activities for all the private cloud Production Environments, reduced execution efforts 40% by implementing automation.

Validated & implemented GDPR & Telecom Security Act (TSA) Regulatory requirements. Responsible for conducting Pen testing & prioritization of defects across all the platforms.

Having ability to initiate/manage cross-functional teams and multi-disciplinary projects & Vendor management.

Extensive hands-on experience with Test Data Management tools in TDM tools (Grid Tools Data maker, Oracle Enterprise Manager).

Trained more than 20 team members on functional & non-functional & Test Data Management, Security Testing, Usability Testing.

Validating application architecture, application benchmarking with industry and domain specific, based on Performance, Security, Robustness, Transferability, Changeability and Maintainability Index parameters.

Implementation of Usability Testing & Test Data Generation & Management.

Solid background in .Net Development configuring websites and security hardening.

Involved in the full SDLC. A proactive team player with good knowledge of Agile & Waterfall methodologies, with experience in requirements gathering, development, testing, and production support.

Established robust quality documentation systems that ensured traceability throughout the entire production lifecycle.

Reduced defects in products by conducting thorough inspections and identifying areas for improvement.

Leadership & Governance Highlights

Designed and enforced security governance frameworks for enterprise cloud migration.

Managed cross-functional teams and multi-million-dollar projects under regulatory compliance (GDPR, TSA).

Interfaced with CISOs and senior stakeholders to communicate risk and remediation.

Apps Security & Governance Manager, Virgin Media O2, August 2017-September 2021

Profound knowledge of the cloud platforms and services offered by Telco cloud & Azure cloud platforms and services.

Make sure that Telecom Security Act (TSA) controls are implemented as per the requirement.

Led security frame works, Managed interactions with development teams, evaluated architecture validations, design specifications.

Researching and evaluating new cloud security technologies, tools, and practices to enhance the security posture of the organization.

Have daily meetings and workshops with the development team to ensure that the basic needs of a build are satisfied before moving forward with design and project integration.

Identify potential risks and exposures and provide strategic guidance for the transfer of cloud workloads, infrastructure, business units, business processes, and external suppliers for information security risks.

Balance the needs of the business with security considerations, then make risk-based proposals to progress.

Conducted regular audits to ensure adherence to established protocols, maintaining consistency across the organization.

Facilitated communication between departments regarding quality concerns, fostering collaboration towards shared goals.

Security Architect, UBS Bank, October 2014-August 2017

Designing reliable and flexible security architecture as per business needs. Evaluate the effectiveness' of security controls in the Cloud/On-Premises.

Collaborate with external teams and in-house development departments to offer advice and oversight on penetration testing and vulnerability scans.

Defining Pen Testing Framework, Security Automation and Pen Testing Methodologies, RACI Matrix, Bench Marking based on industry standards.

Give guidance and suggestions to development and operational teams to deal with security vulnerabilities and discover possible new security solutions in cloud settings.

Mapping identified vulnerabilities to architecture/design flaws wherever applicable.

Providing comprehensive evaluation of overall application security posture.

Including Corporate Information Security in the design and execution of the entire enterprise cloud framework.

Responsible for Implementation of Evidence Based Testing across all the UBS Banks locations in the globe.

Conduct security architecture reviews of planned cloud migration initiatives across the organization and produce high quality Threat models for cloud environments clearly articulating risks.

Facilitate technical discussions, acting as a mentor in both official and unofficial capacities to exchange information among Information Security and technology teams.

Security Consultant, Lloyds Bank, March 2011-October 2014

Interaction with various project teams in understanding the business issues, requirements, doing exhaustive analysis and providing end-to-end solutioning.

Create security frameworks for systems based on their technology stack, business criticality. Identifying resources for conducting the Pen Testing.

Conducting weekly review meetings to discuss the Identifying security gaps and provide recommendation to development team in results read out call.

Technology tailored checks lists & guidelines preparation for development teams.

Preparation of project execution plan, schedule and resourcing details.

Develops cloud-native architectures incorporating necessary security measures in accordance with business needs.

Mapping identified vulnerabilities to architecture/design flaws wherever applicable.

Conducting architecture reviews & look for chances to enhance existing solutions consistently.

Develop application specific bench marking based on Performance, Security, Transferability, Changeability, Robustness parameters & Based on CAST Appmarq study.

Evaluated new technologies and methodologies for potential implementation within the organization's quality assurance program, staying ahead of industry trends.

Customer centric checklist prepared to record the application pain points, which needs to be addressed.

Sr. Manager, Cadenza Solutions, July 2010-March 2011

Extensively worked with a Business Analyst to translate business requirement into technical requirements.

Efforts allocation and finalization.

Creation of new packages based on the relevant tree structure and bug fixing.

Responsible for all the UAT activities.

Creation of Micro sites using .Net Nuke based on project requirement.

Managed Databases and Dedicate servers.

Procured appropriate software, hardware, server space, and third-party applications.

Coordinating with API, Gateway Vendors for new Configurations, bug fixing etc., for PartyManao website.

Day-to-day interaction with team members, finalizing the production/test site release dates.

Involved in reviewing/creating the process documents, before it is baselined.

IT Specialist, Alvarado, USA, September 2009-June 2010

Responsible for customizing the customer Direct application based on the client's requirement.

Accountable for resolving issues logged by the customers.

AMC/Warranty Extensions for various projects which were attached to the Customers.

Interactions with Customer Support Executives regarding the changes required by Customers as mentioned in the calls.

Accountable for support and Customer User creations.

Resolving issues which were sent to the login support mail account.

Accountable for bug fixing and applying relevant patches.

Created Views and Indexes to increase performance.

Unit testing, System testing and Integration testing.

Designed and developed standards for application development include C# and ASP.NET.

Designed and developed the web forms using ASP.NET/C#.

Software Engineer, 3i Infotech, April 2009-August 2009

Company Overview: Customer Direct Product

Responsible for customizing the customer Direct application based on the client's requirement.

Part of internal systems .Net Development team and responsible for developing new modules based on demand.

Accountable for bug fixing and applying relevant patches.

Created Views and Indexes to increase application performance.

Unit testing, System testing and Integration testing.

Designed and developed the web forms using ASP.NET/C#.

Customer Direct Product

Consultant, NCR Voyix, December 2007-March 2009

Actively involved in reviewing HLD and preparing the detailed low-level designs for: BESPOKE DEV FOR FUEL MGMT. SYSTEM.

Part of core Development Team of BOS Module. Developed core library functions which are required for database connections.

Developed stored procedures for all database manipulations.

Developed Crystal Reports pertaining to BOS Module.

Involved in Development of HOS websites.

Developed/reviewed Program Specifications (PS's) and Test Cases for the assigned tasks.

EDUCATION

Diploma in Advanced Software Technology (DAST)- CMC Ltd., Master of Computer Applications (MCA) -

Indira Gandhi National Open University, India

WEBSITES, PORTFOLIOS, PROFILES

www.linkedin.com/in/srinivasa-rao-elluri-1459054b

CERTIFICATIONS

ITIL Foundation

Certified Ethical Hacker (CEH)AWS Certified Solution Architect – Associate

AWARDS & RECOGNITIONS

DELL Silver Medal Winner

VMO2 SMIP Hero Award Winner

NTT DATA INDIA Bronze Medal Winner

UBS Bank Client Appreciation Winner

Appreciation from VMO2 CISO

NTT DATA UK Town Hall Award Winner

Contact this candidate