Summary
Overview
Work History
Education
Skills
Certification
Timeline
background-images

Naga Sujitha Vummaneni

San Francisco,CA

Summary

Experienced technology professional with over 10 years of diverse expertise. Hands-on experience in Infrastructure and Cloud Security Automation to streamline and automate WAF, vulnerability management, threat detection, hunt and incident response workflows. Extensive background in implementing robust security frameworks aligned with MITRE ATT&CK and SOC. Adept at architecting, developing and deploying scalable, secure cloud projects with hands on experience in AWS, Azure and GCP. Brings a strong combination of technical expertise and leadership abilities, collaborating effectively with cross-functional teams, drawing on diverse perspectives to leverage automation.

Overview

12
12
years of professional experience
1
1
Certification

Work History

Sr Security Engineer

Ripple
07.2025 - Current
  • Developed and implemented cloud security policies to safeguard sensitive data across multiple platforms.
  • Conducted security assessments and audits to identify vulnerabilities in cloud infrastructure.
  • Collaborated with cross-functional teams to ensure compliance with industry regulations and standards.
  • Led incident response efforts, coordinating with stakeholders to mitigate security breaches effectively.
  • Designed and managed automated security monitoring systems for real-time threat detection.
  • Provided strategic recommendations to improve cloud security posture based on emerging threats and trends.

Information Security Engineer

BlackLine
06.2024 - 07.2025
  • Design and implement robust infrastructure automation solutions using Terraform, Launchpad, Python-ml, and Ansible, ensuring deployments of secure cloud environments across GCP, AWS and Azure.
  • Automate image factory processes by extracting and managing security artifacts from Qualys and Crowdstrike through API integrations facilitating real-time vulnerability management and threat detections and leverage AI.
  • Implement traffic management policies through Cloudflare, Route53, and NS1, allowing or blocking traffic as required to protect applications and data from potential threats.
  • Investigate and troubleshoot cloudflare edge server IPs traffic behind and not behind the restricted aegis Ips for each zone
  • Automate the installation and management of Crowdstrike and Qualys agents across cloud instances, ensuring continuous monitoring and compliance with security standards.
  • Managing the end-to-end lifecycle of PKI (ISO, SOC2, PCI-DSS), ensuring timely renewals and compliance, while also enabling secure authentication, encryption, and digital signing with continuous monitoring remediating 85% of potential vulnerabilities or misconfigurations
  • Overseeing the implementation and continuous optimization of Zero Trust security principles, including enforcing multi-factor authentication, adaptive access controls and user-entity behavior analytics.

Lead Information Security Engineer

Nike, Inc.
03.2021 - 06.2024
  • Developed multiple POC on Torq using various edge use cases including RBAC and SSO to inform product decisions and enhancements.
  • Designed, Developed and deployed a comprehensive WAF automation framework, leveraging tools like NMAP, DNS, IPWhois, and WAFW00F to continuously scan the organization's IP address and domains, identify open ports, honeypot hits, and potential redirects, leveraging AWS, EKS, lambda, IAM, docker, Jenkins, python multithreading and container hardening with 95% faster detection and response to security incidents, reducing the manual effort from 2 months to just 6 hours, and increasing the capacity to scan 10x more IP addresses compared to the previous manual process
  • Built an automation dashboard with a visibility of clusters health and maintenance in NewRelic using AWS glue crawlers.
  • Engineered end-to-end automated batch jobs to streamline critical security operations, including a 80% reduction in time spent on CrowdStrike host cleanup, 100% on-time Entrust and Panorama certificate renewals and revocations, and a 70% improvement in onboarding/offboarding IAM access control processes across multi-cloud environments
  • Spearheaded the integration of the Wiz API to automate the refinement and extraction of vulnerabilities, and leveraged Python, Terraform to triage, filter, and remediate 65% more vulnerabilities than the previous manual process
  • Established a high-performing, cross-functional security engineering team, fostering a culture of collaboration, continuous learning, and a shared commitment to achieving ambitious OKRs, resulting in a 50% increase in team productivity and a 70% reduction in security incidents
  • Served as a trusted advisor to senior leadership, providing strategic insights and recommendations to enhance the security posture, including the implementation of a Zero Trust architecture and the optimization of PKI management, contributing to a 30% improvement in security metrics

Sr. Build and Release Engineer

Administrative Office of the Courts | Vibrant Tech
06.2020 - 03.2021
  • Actively monitored the automated CI/CD processes in Azure DevOps, by creating templates, quickly identifying and resolving any build and release failures, resulting in a 85% increase in development team productivity and a 95% reduction in delivery delays.
  • Successfully set up a CI/CD pipeline that automates the deployment of all the repository .Net code base from the Github repository to Azure DevOps, improving the release process efficiency by 40% and reducing deployment failures by 30%.
  • Developed and executed automated scripts using a custom .NET framework in VSTS, simplifying workflows and reducing manual tasks by 55%.
  • Played a key role in configuring and maintaining server environments, including monitoring system health and performance, automating routine processes, scheduling necessary upgrades, and troubleshooting delivery issues, leading to a 20% improvement in system uptime and a 15% reduction in support tickets.

Sr. Infosec Engineer

EBay/StubHub Inc.
07.2018 - 05.2020
  • Led the incident response efforts, troubleshooting, developing and implementing comprehensive incident response plans and worked on AWS and PCF cloud micro services migrations.
  • Implemented Cloudflare DNS security policies and alerting to monitor the firewall traffic by implementing firewall rules in cloudflare to filter and control incoming traffic.
  • Coordinated with the NOC to ensure the security of network operations, providing guidance on security best practices and risk mitigation strategies.
  • Conducted regular assessments of applications and systems against the OWASP Top 10 vulnerabilities, managing the identification and remediation of CVEs, and prioritizing and addressing vulnerabilities based on risks and impact, resulting in a 80% decrease in the number of high-severity vulnerabilities across the organization.

Technical Lead

Google | HCL America
08.2016 - 07.2018
  • Spearheaded the development of robust mobile automation frameworks for both Android and iOS applications, ensuring our solutions were 20% more efficient and met the high standards expected for the Levi's Jacquard Jacket, resulting in a 35% reduction in manual testing efforts.
  • Managed all aspects of code activities across our application portfolio, including streamlining the requisitioning, delivery, packaging, and deployment processes, and worked on training the model to respond to appropriate gestures with machine learning and analyze analytics and telemetry through BigQuery improving the accuracy of gesture recognition by 45%.
  • Oversaw GCP cloud provisioning and leveraged Mobile Harness for continuous integration and deployments of multiple builds, providing the ability to reproduce the same issues under multiple scenarios to thoroughly test the behavior of the Jacquard app.
  • Developed and automated scripts using python specifically for battery testing, playing a critical role in validating the firmware for the Jacquard jacket, and created a continuous testing framework that integrated into our development cycle, enhancing product reliability by 30%.

Sr. Build and Release Engineer

Cisco Systems | GoldStone Technologies
08.2013 - 12.2014
  • Actively managed and maintained the SCM tool on a daily basis, ensuring its smooth operation and 99.9% availability for other teams, reducing the number of SCM-related incidents by 45%.
  • Made necessary modifications to the SCM database to optimize the software lifecycle process flow, including adjusting user permissions, access levels, and file attributes based on user requests, resulting in a 25% improvement in workflow efficiency.
  • Improved the SCM processes by developing and modifying UNIX shell and awk scripts, tailoring these enhancements to meet the needs of both users and management, providing valuable SCM data for analysis and decision-making, and leading to a 35% increase in the utilization of SCM insights for strategic planning.
  • Participated in the implementation and administration of continuous build and deployment tools, such as Hudson and Jenkins, ensuring seamless integration with the SCM system and a 20% reduction in build and deployment-related issues.

Education

MBA -

Cornell University
Ithaca, NY
05-2026

Master of Science - Computer Science

University of Toledo
Toledo, OH

Bachelor of Science - Computer Science

Jawaharlal Nehru Technological University
Hyderabad, India

Skills

  • Cloud - AWS, GCP, Azure, PCF, Ali Cloud
  • Programming/Scripting - Python, Powershell, Java, Bash
  • Security Tools - Qualys, Wiz, CrowdStrike, Zscalar, CloudFlare, SonarQube, Burp Suite, KeePass, Wireshark, Splunk, Nagios, Nmap, Rapid7, Microsoft O365, Abnormal, CoFense, Vulnerability Assessment, Information Governance IDS / IPS, PKI, Zero Trust
  • DevOps Tools - Jenkins, GitHub Actions, Launchpad, GitLab, EKS, AKS, GKS, Docker, Kubernetes, Docker Swarm, Azure DevOps, Terraform, Chef, Ansible

Certification

  • Advanced Computer Security, StanFord University - Dec 2018
  • AWS Certified Security, AWS - Jan 2024
  • Certified Information Security Manager (CISM), ISACA - Jan 2024
  • Organizational Leadership, Harvard School of Business - Oct 2023

Timeline

Sr Security Engineer

Ripple
07.2025 - Current

Information Security Engineer

BlackLine
06.2024 - 07.2025

Lead Information Security Engineer

Nike, Inc.
03.2021 - 06.2024

Sr. Build and Release Engineer

Administrative Office of the Courts | Vibrant Tech
06.2020 - 03.2021

Sr. Infosec Engineer

EBay/StubHub Inc.
07.2018 - 05.2020

Technical Lead

Google | HCL America
08.2016 - 07.2018

Sr. Build and Release Engineer

Cisco Systems | GoldStone Technologies
08.2013 - 12.2014

Master of Science - Computer Science

University of Toledo

Bachelor of Science - Computer Science

Jawaharlal Nehru Technological University

MBA -

Cornell University

Similar Profiles

CREATE PROFILE
Naga Sujitha Vummaneni