Software Engineer Security Analyst

Dheeraj Kumar Vadlapudi

Email: ***********@*****.*** Phone: +1-980-***-**** LinkedIn: https://www.linkedin.com/in/dheerajvadlapudi SUMMARY

Detail-oriented and security-focused software engineer with experience in secure programming, penetration testing, and enterprise CRM development. Background includes hands-on teaching support for a graduate-level Secure Programming and Penetration Testing course, along with professional experience at Capgemini delivering Salesforce-based solutions for global clients. Proficient in developing secure applications, managing virtual lab environments, and integrating cybersecurity principles into both academic and real-world settings. Strong foundation in Python, C, and Java with a working knowledge of network protocols, identity management, and vulnerability assessment tools such as Metasploit and Burp Suite. Adept at collaborating in Agile teams, conducting code reviews, and applying secure coding standards to ensure software integrity and compliance. EDUCATION

University of North Carolina at Charlotte, Charlotte, NC Aug 2023 – May 2025 Masters in Cybersecurity

MVGR College of Engineering, India Jun 2018 – Jun 2022 Bachelor of Technology in Computer Science and Engineering WORK EXPERIENCE

Graduate Teaching Assistant

University of North Carolina at Charlotte Aug 2024 – May 2025

Assisted in delivering a graduate-level course focused on secure coding techniques, ethical hacking, and penetration testing methodologies.

Supported the professor in designing exam questions that tested real-world understanding of buffer overflows, input validation, web vulnerabilities (XSS, SQLi), and privilege escalation.

Helped students troubleshoot lab assignments involving Linux-based virtual environments, reverse engineering exercises.

Set up and maintain virtual lab infrastructure using tools like VMware, Ubuntu Linux, Parrot and BurpSuite, ensuring consistent access and environment stability for hands-on practice.

Guided students through practical exercises involving secure coding in Java, emphasizing concepts like secure memory management and safe input handling.

Acted as the first point of contact for technical issues, lab support, and conceptual clarification on topics like vulnerability scanning, OWASP Top 10, and system hardening.

Software Engineer

Capgemini, India Jun 2022 – Aug 2023

Worked on a large-scale enterprise CRM project for Stellantis, where responsibilities included designing, developing, and securing custom features within the Salesforce platform.

Built and optimized Lightning components, Apex classes, and secure workflows while following best practices for access control, data validation, and API security.

Collaborated with cross-functional teams and cybersecurity stakeholders to ensure sensitive data was protected via proper field-level security, encryption, and user role hierarchies.

Implemented and monitored secure REST API integrations between Salesforce and external systems, ensuring authentication via OAuth 2.0 and logging all access events.

Managed development tasks using Jira, contributed to daily Agile stand-ups, and participated in sprint retrospectives to improve development workflows and deployment readiness.

Participated in regular code reviews, emphasizing secure coding practices, and helped streamline deployments using Git and CI/CD pipelines.

Intern — Software Engineer

Capgemini, India Mar 2022 – May 2022

Supported Salesforce development efforts by assisting in writing test classes, debugging Apex triggers, and documenting secure workflows.

Worked under the mentorship of senior engineers to understand and apply secure coding principles within real-world enterprise applications.

Gained foundational experience in access control mechanisms, secure object modeling, and integration testing.

Contributed to team discussions around improving platform security and implementing basic network-layer protections as part of system hardening.

ACADEMIC PROJECTS

Digital Forensic Investigation of a Suspect’s Computer in a Robbery Case University of North Carolina at Charlotte

Conducted a full forensic analysis on a suspect’s Windows machine to aid a law enforcement investigation.

Utilized tools including Autopsy, FTK Imager, BelkaSoft, and Registry Explorer to extract and analyze Windows artifacts such as registry files, web history, prefetch data, and email communications.

Discovered digital evidence of planned criminal activity through communication artifacts and decrypted sensitive data related to stolen goods.

Compiled a forensic report with documented findings and validated hash values to maintain evidence integrity, contributing to case resolution.

Secure Network Configuration and Traffic Analysis Lab

Designed and implemented virtual network environments using VirtualBox and VMware, configuring routers, firewalls, and intrusion detection systems.

Simulated real-world scenarios including unauthorized access attempts and analyzed network behavior using tools like Wireshark and Nmap.

Applied access control policies, VLAN setups, and port security techniques to ensure segmentation and containment of threats within the virtual environment.

Evaluated configurations for security effectiveness and presented recommendations for hardening network defenses.

Identity and Access Management (IAM) Strategy Report

Researched and documented IAM models, including RBAC, ABAC, and MFA implementations, analyzing their relevance to enterprise infrastructure.

Evaluated security risks associated with weak identity controls and proposed policy improvements aligned with Zero Trust Architecture.

Delivered a detailed comparative report on identity solutions such as Okta, Azure AD, and Ping Identity, assessing their compatibility with cloud and hybrid networks. Python-Based Security Tools for Network and Log Analysis

Developed Python scripts for scanning open ports, monitoring log files, and analyzing HTTP traffic for anomalies.

Implemented parsing modules using regex, socket programming, and Scapy to identify unauthorized access attempts and DNS tunneling activity.

Built a basic log aggregation dashboard using Flask to visualize and monitor alerts from multiple endpoints.

Demonstrated how automation can assist in early detection of suspicious behavior in both Linux and Windows systems.

SKILLS AND CERTIFICATIONS

Programming Languages:

Python, C, Java, HTML, CSS, JavaScript, Apex, SOQL Cybersecurity & Networking:

Penetration Testing, Secure Coding Practices, Network Security, Identity and Access Management (IAM), Vulnerability Assessment, OWASP Top 10, Authentication Protocols, Security Principles, Information Security, Malware Analysis. Tools & Platforms:

Salesforce (Lightning, Apex), Jira, Git, Wireshark, Metasploit, Burp Suite, OWASP ZAP, Virtual Machines (VMware, VirtualBox), Kali Linux, Windows Subsystem for Linux (WSL)

Operating Systems:

Windows, Linux (Ubuntu, Kali)

Development & DevOps:

Agile Methodologies, CI/CD Pipelines, REST/SOAP API Integration, OAuth 2.0 Authentication, Code Review, Testing & Debugging Certifications

CompTIA Security+ (SY0-701), Apr 2025

Contact this candidate