Aarthi Sundaram

*Responsible for security of internal and customer facing applications, company infrastructure, and connected 3rd party vendors.

*Ensure secure configuration and operation of cloud networks, load balancers and firewalls (Cloud armor, WAF, etc)

*Maintain contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats.

*Identify, evaluate, and conduct proof-of-concepts for new technologies, enabling secure development of core architectural components.

*Develop business relationships and integrate security activities with other departments to ensure successful implementation and support security project efforts.

*Automate processes and procedures to create a highly resilient security infrastructure.

*Implement and make recommendations based on threat assessments at the network, server, and endpoint levels.

*Own and manage our security vulnerability monitoring and intrusion detection systems. Ensure we are proactively fixing issues raised.

*Develop internal tooling for automatic deployment of security patches to our production infrastructure.

*Work closely with the applications and infrastructure engineering teams to ensure we are considering security when architecting and building new systems. Ensure that security solutions are architected with developer velocity and efficiency in mind. Identify and develop tools to aid this process.

• Responsible for scanning apple assets and review reports, trying to understand the vulnerabilities and help customers to remediation
• Includes 70% Network related, 30% Application related
• Understanding vulnerability and help customers with remediation.
• Customers: Internal Applications team
• Works on almost all vulnerability (40 plus vulnerabilities)
• Work on Open SSL, TLS,WAF
• General Vulnerability Management
• Network and Application Vulnerabilities Ex: Application level tools (Apache, Ruby, etc)
• Vulnerability management tools used: Qualys, Nexus.
• Performed risk and vulnerability assessments and provided results and recommendations to senior management.
• Represented company's technical security interests to partners to provide bi-directional flow of technical information and best practices in information security.
• Validated and verified system security requirements definitions and analyzed system security designs.

• Be part of a cross organizational team responsible for designing and promoting secure by default architecture and development practices.
• Work as part of the InfoSec, Operations and Engineering teams to craft and enforce security policy as relates to DevOps, infrastructure and Cloud Perimeter Solutions
• Works on Identity Access Management (AWS,Azure(Active Directory),GCP.
• Support integrating security concepts and checkpoints into the CI/CD pipeline and containerization process.
• Collaborate effectively with other teams including architects, Risk Management Compliance and product development teams to implement best practices, remediate vulnerabilities, educate employees, and keep the customer data safe.
• Automated the processes with the python and Shell scripting.
• Execute security operation control to respond to and mitigate security incidents.
• Analyze and harden existing infrastructure, automation and DevOps process.
• Worked in AWS,GCP cloud environments.

• Applied understanding of security practices and methodologies.
• Security controls, vulnerability management (OWASP TOP 10, NIST).
• Penetration testing and architecture including o Use of firewalls o Intrusion detection/prevention (IDS/IPS) encryption o Authentication.
• Automated the task using Python,Shell,Bash and linux .
• Assisted in the creation and continuous improvement of standard operating procedures used by the SIOC.
• Reported findings to management and made recommendations regarding security enhancements and improvements.
• Technologies IDS/IPS, Log Analysis (windows,linux,web servers,firewalls,WAF), Network Packet Analysis, TCP/IP stack,Authentication, Malware Analysis, Linux Management,, /SSH, IPv4/v6, Cryptography, Identity and Access Management (OWASP TOP 10, NIST).
• Conducted risk assessments, Malware Analysis Static and dynamic analysis of Malicious binaries), vulnerability analysis and security controls assessments for the environment.
• Worked directly with intrusion anti-virus software, content filtering and data encryption programs.
• Worked in AWS and GCP cloud environments (IAM, firewall, Access management)
• Strengthened communication skills through regular interactions with others.
• Paid attention to detail while completing assignments.
• Passionate about learning and committed to continual improvement.
• Organized and detail-oriented with a strong work ethic.

• Done some remarkable work on Authentication Malware Analysis, Linux Management, Encryption, Network communication tools (TCP/IP, Http/Https), IDS/IPS, Firewall, Antivirus software, User access Mangement.
• Performed Penetration Testing to identify system and Monitored systems and networks.
• Monitored systems to identify any irregular behavior.
• Working Knowledge of web architecture and Protocols (HTML HTTP, TLS/SSH, IPV4/V6, etc.,), OSI model.
• Installed or processed security products and procedures, appropriate software to improve notifications of intrusions, developed documentation scripts.
• Done Documentation Planning and Organize investigations into breaches Key Accomplishments.
• Created new, efficient ways to resolve current security issues.
• Planned and implemented information security strategies for an organization.
• Recommended improvements in technical, legal, and regulatory areas as they pertain to information security.
• Developed automation scripts to manage and track incidents.