Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Kartheek Devarapalli

Dublin,OH

Summary

  • Accomplished IT Security professional with around 6+ years of work experience assisting organizations successfully complete enterprise-wide security projects.
  • Experience in IT Security design & planning operations in Threat Detections, SIEM, Vulnerability Assessment, Incident Response
  • Experience in conducting vulnerability assessments and penetration testing (application and/or infrastructure) using various tools like Burp Suite, Qualys, Rapid 7, Nessus and articulating security issues to technical and non-technical audience.
  • Simulate how an attacker would exploit the vulnerabilities identified during the dynamic analysis phase.
  • Broad knowledge of hardware, software, and networking technologies to provide a powerful combination of analysis, implementation, and support. Worked in a team & individually on Projects successfully. A good team player, Inquisitive, good in basic concepts and an excellent team player.
  • Vulnerability Assessment of various web / mobile applications used in the organization using Qualys, Burp.
  • Coordinate with dev team to ensure closure of reported vulnerabilities by explaining the ease of exploitation and the impact of the issue.

Overview

10
10
years of professional experience
1
1
Certification

Work History

Information Security Engineer

American Honda Motors, BrainTree Solutions Inc
05.2018 - Current
  • Working in 24/7 Security Operations Center with continuous monitoring and interpretation of threats using SIEM (ExaBeam, Splunk ES) and IDS (Fortinet, PaloAlto)
  • Developed and enforced security programs and processes related to risk and compliance, vulnerability management, incident response and secure application design
  • Analyzed customer business services and configurations
  • Managed change requests and oversaw change management from managed security service side
  • Interaction with major cloud provider (AWS, Azure) APIs to provision cloud infrastructure, and to provision and monitor cloud infrastructure
  • Conducting risk assessments, threat modeling and information security reviews on multiple applications and platforms
  • Coordinate dynamic and static application vulnerability scans with application teams
  • Monitor compliance with information security policies and procedures
  • Detection and Remediation of threats on Workstations and Servers using CrowdStrike Falcon EDR, Microsoft Defender 365
  • Continuous monitoring of cloud resources (AWS, Azure) to detect and prevent misconfigurations, vulnerabilities and multiple security threats (Identity based, Policy violations etc.)
  • Worked on developing custom IOA rules, ML exclusion and custom policies to monitor identity-based threats and other security threats using CrowdStrike Falcon
  • Resolved compromised environment from malicious worm by partnering with customer to leverage SIEM data, identifying specific host, monitoring activity to remediate malware, and ensuring mitigation was successful and malware had not spread
  • Conducting or managing incident response and investigating targeted threats such as Advanced Persistent Threat
  • Perform static and dynamic malware analysis to understand nature of malware
  • Provided incident management pinpointing issues on firewalls that led to site outages and engaging proper support staff for both customer and SOC to resolve
  • Functioned as primary focal point for customer regarding vulnerability scanning, reviewing results, organizing findings into spreadsheet, facilitating recurring calls to disseminate and prioritize findings, providing recommendations to mitigate, and continuing to follow-up
  • Offered recommendations to add additional services or data feeds into customer SIEM, explaining benefits of Security posture and offering enhanced data correlation to identify threats
  • As SOC Escalation Engineer, I have performed troubleshooting and remediating of customer IPS and IDS systems that had ceased producing logs
  • Staged and approved customer-requested changes to managed-device policies
  • Provided senior-level support to other SOC analysts for daily duties
  • Observed gap in service coverage, creating new role to focus on issues, clearing-up backlog, and keeping up with new tickets of tickets that sustained accuracy to provide proper Security alerting
  • Performed risk and vulnerability assessments and provided results and recommendations to senior management.
  • Performed and reviewed technical security assessments of Software to identify points of vulnerability and non-compliance with established information security standards and recommend mitigation strategies.
  • Created detailed process documentation for various supported technologies, as separate team established to handle new role after few years, facilitating training to other SOC analysts as well as to new-device management team
  • Developed security metrics and technical analysis to give insight into performance and trends.
  • Addressed change requests for customers, both staging and approving work, verifying accurate policy changes were being implemented
  • Provided analysis of network and host-based IDS/IPS data, recommending tuning where appropriate to deliver more unobstructed view of notable activity
  • Produced monthly reporting and vulnerability scanning data, calling out potential malicious activity and making recommendations for remediation
  • Liaised with third parties to respond to security events and understand threat landscape.
  • Worked with customer to remediate problem and verify site was secure in advance of public disclosure of vulnerability, maintaining positive consumer reputation
  • Identified tool used by SOC analysts for research that was out of date and lacked some desired features, learning PHP, performing complete rewrite and update to maintain and query SQL-based catalogue of IDS signatures for multiple platforms and adding additional features to enhance functionality.
  • Developed, implemented and documented security programs and policies and monitored compliance across departments.

Security Analyst

Cisco Systems, Trovetechs Inc
03.2017 - 12.2017
  • Manual penetration testing of the applications and APIs to identify the OWASP Top 10 vulnerabilities and SANS 25
  • White box pen testing on internet and intranet facing applications
  • OWASP Top 10 Issues identifications like SQL, CSRF, (CVSS) and XSS
  • Preparation of risk registry for the various projects on COBIT framework in the client
  • Completed vulnerability scans to identify at-risk systems and remediate issues.
  • Conducted security audits to identify vulnerabilities.
  • Monitored computer virus reports to determine when to update virus protection systems.
  • Outlined and maintained security patching schedule to efficiently address ongoing system issues.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Recommend improvements in security systems and procedures.
  • Monitored use of data files and regulated access to protect secure information.
  • Providing details of the issues identified and the remediation plan to the stake holders
  • Provide on-site system Auditing and Intrusion Detection on server and network-based devices
  • Verified the existing controls for least privilege, separation of duties and job rotation
  • Involved in a major merger activity of the company and provided insights in separation of different client data and securing PII
  • Identification of different vulnerabilities of applications by using proxies like Burp suite to validate the server-side validations
  • Identified issues on sessions management, Input validations, output encoding, Logging, Exceptions, Cookie attributes, encryption, Privilege escalations
  • Validation (authentication and verification) of customer enrollments
  • Security Monitoring of IDS/IPS products (e.g., Fortinet)

Junior Security Analyst

Freelancer
10.2013 - 11.2014
  • Vulnerability Assessment of various web applications used in organization using Qualys, Burp Suite
  • Coordinate with dev team to ensure closure of reported vulnerabilities by explaining ease of exploitation and impact of issue
  • Identifying Critical, High, Medium, Low vulnerabilities in applications based on OWASP Top 10 and SANS 25 and prioritizing them based on criticality
  • Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization, Auditing & logging
  • Monitors customer network host-based signatures captured within IDS /IPS
  • User ID reconciliation on quarterly basis
  • Update with new and latest vulnerabilities to ensure no such loopholes are present in existing system
  • Follow up and ensure closure of raised vulnerabilities by revalidating and ensuring 100% Closure
  • Worked on FILTERS which acts as security layers for users in order to show what are supposed to see depending on their role
  • STRIDE assessment of applications during design phase, identifying threats possible and providing security requirements.
  • Worked with other teams to enforce security of applications and systems.
  • Investigated and resolved incidents of unauthorized access to sensitive information.
  • Implemented security measures to reduce threats and damage related to cyber attacks.
  • Analyzed network traffic and system logs to detect malicious activities.
  • Conducted security audits to identify vulnerabilities.
  • Recommend improvements in security systems and procedures.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Skilled at working independently and collaboratively in a team environment.

Security Analyst Intern

Ide Technologies
03.2013 - 10.2013
  • Explanation of security requirements to design team in initial stages of SDLC to minimize the efforts to rework on issues identified during penetration tests
  • Perform threat modelling of applications to identify threats
  • Identify issues in web applications in various categories like Cryptography, Exception Management
  • In team, focus of work was to audit web / mobile application prior moving to production
  • Explanation of the security requirements to design team in initial stages of SDLC to minimize efforts to rework on issues identified during penetration tests
  • Risk assessment on web / mobile application by identifying issues and prioritizing them based on risk level
  • Providing remediation to developers based on issues identified
  • Revalidate the issues to ensure closure of vulnerabilities
  • Verify if the application has implemented basic security mechanisms like Job rotation, Privilege escalations and Defense in depth
  • Rockwell Automation Company 'Public' Rockwell Automation Company 'Public'
  • Recommend improvements in security systems and procedures.
  • Conducted security audits to identify vulnerabilities.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Self-motivated, with strong sense of personal responsibility.
  • Proved successful working within tight deadlines and fast-paced environment.
  • Passionate about learning and committed to continual improvement.
  • Excellent communication skills, both verbal and written.

Education

Master of Science - Computer And Information Systems Security

Campbellsville University
Campbellsville, KY
08.2021

Master of Science - Computer And Information Sciences

Southern Arkansas University Main
12.2016

Bachelor of Science - Computer Science

Bapatla Engineering College
India
04.2014

Skills

TECHNICAL SKILLS:

  • SIEM : QRadar, Splunk Enterprise Security, Symantec MSS, ExaBeam, SumoLogic
  • EDR: Crowd strike, MS 365 Defender, MacAfee ePO, Cylance, Carbon Black, Symantec Endpoint Protection (SEP)
  • Vulnerability/Network: Snort, Wireshark, Insight Vm Nexpose, Nessus, Qualys, IBM Appscan, Fortify Web Inspect, NMAP
  • Web/URL Filtering : Forcepoint, Barracuda, Cisco Umbrella, Palo Alto
  • Firewalls: Checkpoint, Palo Alto Next Gen, Cisco, FortiNet
  • Compliance: SOX (CoBIT) PCI, NIST SP 800-53,53A, HIPAA, HITRUST, MARS-E 20
  • VPN : Cisco AnyConnect, Palo Alto Global Protect, RSA SecurID
  • Email Security Tools: Defender for Office 365, Barracuda-spam firewall, Guava-E-mail Filtering Service, Proofpoint TRAP
  • MFA & SSO: Ping Identity (Ping-one, Ping-Federate), Okta
  • PAM : CyberArk, ForgeRock
  • Encryption: Blowfish, AES
  • Operating Systems: Linux (kali Linux, red hat Linux), Windows
  • Ticketing Systems: JIRA, Service Now, Hive
  • DLP : Digital Guardian, Mcafee
  • Forensic : AccessData FTK, Volatility

Certification

  • CEH (Certified Ethical Hacker)
  • Cylance Protect
  • CYSA+
  • SC-200: Microsoft Security Operations Analyst
  • CISSP (In Progress)

Timeline

Information Security Engineer

American Honda Motors, BrainTree Solutions Inc
05.2018 - Current

Security Analyst

Cisco Systems, Trovetechs Inc
03.2017 - 12.2017

Junior Security Analyst

Freelancer
10.2013 - 11.2014

Security Analyst Intern

Ide Technologies
03.2013 - 10.2013

Master of Science - Computer And Information Systems Security

Campbellsville University

Master of Science - Computer And Information Sciences

Southern Arkansas University Main

Bachelor of Science - Computer Science

Bapatla Engineering College

Similar Profiles

  • Sridhar Krishnaswamy

    Sridhar KrishnaswamySridhar Krishnaswamy

    Lead Integration Architect at On Assignment @American Honda MotorsLead Integration Architect at On Assignment @American Honda Motors

  • Loren Robb

    Loren RobbLoren Robb

    Senior Manager, Analytics at American Honda MotorsSenior Manager, Analytics at American Honda Motors

  • William Haupt

    William HauptWilliam Haupt

    NA at American Honda MotorsNA at American Honda Motors

  • Jake Shaw

    Jake ShawJake Shaw

    Exterior Plant Technician (Maintenance I) at Breezeline Cable and InternetExterior Plant Technician (Maintenance I) at Breezeline Cable and Internet

  • Oksana Krychun

    Oksana KrychunOksana Krychun

    Overnight Stocking Associate at Wal-Mart Stores, Inc.Overnight Stocking Associate at Wal-Mart Stores, Inc.

CREATE PROFILE
Kartheek Devarapalli