Cybersecurity Engineer Risk Management

Yenigalla Srinath

947-***-**** ️ ***********@*****.***

Senior Cybersecurity Engineer

Professional Summary

Compliance-driven Cybersecurity Engineer with 6+ years of experience supporting security initiatives in healthcare, manufacturing, and critical infrastructure. Demonstrated success working across highly regulated industries, aligning systems with HIPAA, FISMA, NIST CSF, and CJIS Security Policy v5.9+. Strong background in audit remediation, technical writing, and risk management in both IT and OT environments. Skilled communicator with experience bridging technical controls and policy in high-stakes environments.

Key Skills & Tools Security Tools: Nexpose, InsightVM, Nessus, OpenVAS, Burp Suite, HP Fortify, WebInspect, AppScan, Kali Linux, Metasploit

Risk & Compliance: SAI Digital Manager 360 (Modulo), RSA Archer, NIST, PCI DSS, CIS, ISO, FISMA, DISA STIG, HIPAA, CJIS

Network & OS: TCP/IP, IDS/IPS, Active Directory, Windows, Linux

Programming & Scripting: Java, SQL, Bash

Platforms: SIEM (Splunk), SCCM, AWS, Azure

Professional Experience

Senior Information Security Analyst – Boeing July 2023 – Present

Secured industrial control systems (ICS) and OT assets through targeted vulnerability scanning, configuration hardening, and compliance auditing using Rapid7 Nexpose and InsightVM.

Applied NIST Cybersecurity Framework (CSF) and DISA STIG benchmarks to OT and SCADA environments, ensuring audit readiness and risk reduction.

Led control evaluations and supported development of Corrective Action Plans (CAPs) to address OT/IT vulnerabilities found during internal and external audits.

Communicated technical remediation strategies to leadership and risk management teams, facilitating transparency and compliance tracking.

Supported incident response planning and containment involving OT infrastructure.

Ensured SCADA system security configurations met CIS and DISA STIG benchmarks.

Sr. Cyber Security Engineer – General Motors, MI July 2020 – June 2023

Supported incident response efforts across 8+ security incidents involving OT/IT systems.

Implemented EDR solutions to enhance threat detection and response capabilities.

Designed email security tools and conducted phishing simulations, reducing phishing success rates by 15%.

Provided technical security guidance to over 500 stakeholders, improving awareness and compliance.

Cyber Security Engineer – Anthem, Virginia Beach Jan 2018 – June 2020

Performed vulnerability assessments and hardening of systems using Nessus, Nmap, and CIS benchmarks.

Interpreted and implemented HIPAA 45 CFR §§160/162/164 and supported internal audits and risk assessments aligned with federal and Texas Health and Safety Code §181 compliance.

Assisted GRC teams with development of policies and procedures, control mapping, and ATO documentation for compliance with FISMA, NIST 800-53, and internal audit frameworks.

Conducted compliance validations and risk analysis for healthcare systems, providing actionable reporting to stakeholders and auditors.

Participated in secure SDLC and reviewed security for cloud (AWS/Azure) environments.

Education Master of Science, Computer Science – Silicon Valley University 2016

Bachelor of Technology, Computer Science – JNTUH, India 2014

Certifications CompTIA Security+ -in progress

GICSP (Global Industrial Cyber Security Professional) – In Progress

CISSP – Planned

Availability Available for onsite roles in San Antonio, TX. Green card holder – Eligible for Security Clearance.

Contact this candidate