Haritha Peddi
Fort Worth,TX
Summary
Software Engineer with strong SOC roots and over 4 years of hands-on experience monitoring, investigating, and responding to real-world threats in enterprise environments using Splunk, QRadar, threat intelligence platforms, and incident response workflows. I bring a “build it right” mindset from tuning detections, cutting false positives, and automating repeatable work with scripts and playbooks, which carries over directly into writing clean, testable code, and building reliable systems. I work well across teams to strengthen platforms and controls in AWS and Azure environments, including Kubernetes RBAC, and I care a lot about observability and resilience. To move faster without sacrificing quality, I use generative AI heavily, primarily with Claude Code and Anthropic models. I build repeatable agent-style workflows, such as commands, agents, skills, and sub-agents, that help turn a feature idea into working code, tests, and documentation, with consistent review and validation steps.
Overview
6
6
years of professional experience
Work History
Software Engineer
Freelance
01.2026 - Current
- Developed alert triage web application to ingest alerts via webhooks and track resolution timelines.
- Created React console for managing queues, filters, incident details, and reporting on MTTA and MTTR.
- Built scheduled drift monitoring service to detect risky configuration changes across IAM and RBAC.
- Designed lightweight React UI for triaging drift, assigning ownership, and tracking closure with evidence trail.
- Implemented REST APIs utilizing C#, ASP.NET Core, EF Core, and PostgreSQL with role-based access control.
- Leveraged generative AI to accelerate feature delivery by applying structured prompting, context management, and iterative refinement for design and implementation.
- Used AI-assisted workflows for refactoring, debugging, and test creation; established prompt templates, and validation steps to improve output consistency and reduce rework essentially reducing turnaround time by ~80%
Security Engineer
UnitedHealth Group
12.2023 - 12.2025
- Led 24/7 monitoring of enterprise-wide security events using Splunk, QRadar, and Palo Alto firewalls, reducing incident triage time by 30% through faster detection and escalation.
- Automated SOC playbooks in Cortex XSOAR, reducing average response time by 25% and eliminating manual steps in phishing, malware, and endpoint containment workflows.
- Conducted proactive threat hunting using CrowdStrike Falcon and SentinelOne, detecting lateral movement via abnormal process injection and initiating endpoint quarantine procedures to prevent spread.
- Secured multi-cloud environments (AWS & Azure) by implementing Kubernetes RBAC, IAM audits, encryption enforcement, and centralized logging pipelines, reducing misconfigurations and improving compliance posture.
- Led vulnerability assessments using Tenable and Qualys, achieving 95% SLA compliance on critical CVEs by coordinating remediation with IT and application teams.
- Integrated ThreatConnect and Anomali intelligence feeds into SIEM pipelines, enriching IOCs and improving detection of APT behaviors such as credential dumping and lateral movement while reducing false negatives.
- Collaborated with compliance teams to ensure HIPAA, SOX, and internal audit readiness, maintaining audit trails, incident logs, and control evidence — resulting in zero audit findings.
SOC Analyst
Hexaware Technologies
, India
12.2020 - 07.2022
- Revamped 40+ SIEM detection rules in Splunk and IBM QRadar, reducing false positives by 20% through tuning logic for privilege misuse, port scanning, and phishing behavior.
- Investigated 100+ incidents involving phishing, malware, and insider threats using email headers, endpoint logs, and network telemetry, cutting MTTR by 30% through structured escalation workflows.
- Integrated AWS services (CloudTrail, GuardDuty, WAF) into SIEM pipelines to enhance cloud threat visibility, remediating 95% of critical misconfigurations and reducing unauthorized access.
- Developed Cortex XSOAR playbooks for phishing, brute-force, and insider threat use cases, automating response sequences like IOC lookups and host isolation, decreasing triage time by 40%.
- Embedded ThreatConnect and OpenDXL into correlation logic to detect APT tactics like T1021 (lateral movement) and T1071 (C2 channels), enriching alerts with actionable IOCs.
- Analyzed network traffic with Zeek and Suricata, uncovering data exfiltration via DNS tunneling and mitigating DDoS attacks through real-time coordination with firewalls and NOC teams.
- Aligned incident protocols with ISO 27001 and CIS Controls by working cross-functionally with Cloud Security, GRC, and Compliance teams, improving audit readiness and reducing control drift.
- India
SOC Analyst
Adons Softech
, India
01.2020 - 11.2020
- Built log ingestion pipelines and dashboards using Splunk and ELK Stack, improving visibility into suspicious login attempts, access anomalies, and firewall activity across enterprise networks.
- Developed and tested SIEM detection rules for brute-force attacks and unauthorized port access, enhancing early warning systems and reducing alert fatigue from false positives.
- Performed triage of security alerts, leveraging known IOCs and escalating validated threats per runbook-defined procedures.
- Integrated open-source threat intel feeds (e.g., AlienVault OTX) into correlation workflows, enriching detection context and reducing noise in low-confidence alerts.
- Scanned internal environments using OpenVAS, interpreted CVE findings, and co-developed patch recommendation reports that improved remediation SLAs and audit readiness.
- India
Education
Master of Science - Cyber Security & Information
Trine University
Angola, Indiana, IN05-2024
Bachelor of Science - Mechanical Engineering
Vidya Jyothi Institution of Technology
07-2021
Skills
Software Engineering
- C#, React
- Rest API design, API security measures
- Object-oriented programming, SDLC, and coding standards
- Debugging, performance profiling
- Testing and deployment
Generative AI
- Prompt engineering
- Context management (requirements → design → code continuity, incremental refinement, prompt chaining)
- AI-assisted code generation and review (test generation, refactoring, debugging, documentation)
- Quality guardrails (validation steps, edge-case prompting, consistency checks)
Automation & Scripting
- Python, Bash, and Shell
- Workflow automation (playbooks), CI/CD automation (Jenkins)
- API tooling: Postman
Databases
- MySQL, Azure SQL, PostgreSQL
Cloud & Security
- Cloud security and monitoring (AWS, Azure), centralized logging
- SIEM: Splunk, IBM QRadar
- Vulnerability assessment and remediation: Nessus, OWASP ZAP
- Threat detection and response, incident response
- Threat modeling and frameworks: STRIDE, OWASP Top 10, MITRE ATT&CK, NIST, and CIS Controls
- Network/security tools: Wireshark, Nmap, Burp Suite, Metasploit, Snort, and Suricata
- Networking fundamentals: VLANs, IPSec, NAT, routing (EIGRP, OSPF, BGP)
Professional
- Team collaboration, effective communication
- Process improvement, attention to detail, and deadline-driven
Timeline
Software Engineer
Freelance
01.2026 - Current
Security Engineer
UnitedHealth Group
12.2023 - 12.2025
SOC Analyst
Hexaware Technologies
12.2020 - 07.2022
SOC Analyst
Adons Softech
01.2020 - 11.2020
Master of Science - Cyber Security & Information
Trine University
Bachelor of Science - Mechanical Engineering
Vidya Jyothi Institution of Technology