Summary
Overview
Work History
Education
Skills
Websites
Certification
Accomplishments
Timeline
Generic

Nagi Reddy Mamilla

Irving,TX

Summary

Dynamic Security Engineering professional with over 8 years of specialized experience in Vulnerability Management, Network Security, Firewall Management, and security architecture. Expertise in administering enterprise-scale firewall platforms, including Palo Alto NGFW, Check Point, Cisco ASA/Firepower, and F5 BIG-IP within regulated environments. Recognized as a Tenable Subject Matter Expert, optimizing vulnerability programs through security automation, API integrations, and risk-based prioritization. Proficient in VPN technologies, PKI infrastructure, SIEM integration, and DevSecOps, delivering scalable security solutions that align with business objectives through innovative automation and intelligent workflows.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Network Security Engineer – Vulnerability Management Specialist

Oncor Electric Delivery
01.2022 - Current
  • Served as Tenable Subject Matter Expert (SME) for enterprise deployment covering 20,000+ assets, managing platform architecture, upgrades, scan policies, repositories, dashboards, and complex troubleshooting
  • Engineered credentialed scanning infrastructure integrated with CYBERARK for secure credential management; reduced credential failures by 85% through systematic troubleshooting and process optimization
  • Architected custom API integrations between Tenable and JIRA Insight, enabling automated vulnerability ingestion, ticket creation, and patch workflow orchestration across IT and application teams
  • Developed automation framework using Shell scripting and Python for SNMP monitoring, service health checks, and executive reporting, reducing manual effort by 60%
  • Implemented AI-driven vulnerability prioritization leveraging risk-based scoring, threat intelligence, and business context to focus remediation on critical exposures
  • Designed custom scan policies, plugins, and detection feeds to improve accuracy and coverage; reduced false positives by 40% through continuous tuning
  • Delivered technical mentorship to junior engineers on security tools, vulnerability management methodologies, and automation best practices
  • Managed Patch Management Board operations by coordinating with IT and security teams to track patch deployment status, exceptions, and remediation timelines; delivered status reports to stakeholders and leadership while identifying process gaps and implementing continuous improvement initiatives to enhance security posture and operational efficiency

Network Security Engineer

Oncor Electric Delivery
06.2020 - 12.2021
  • Administered 10+ Palo Alto NGFWs and centralized management via Panorama supporting 20,000+ endpoints.
  • Tuned security profiles including URL Filtering, and App-ID blocking 50K+ malicious URLs monthly.
  • Performed PAN-OS upgrades and firewall migrations with zero or negligible downtime maintaining 99.9% uptime.
  • Configured HA (Active/Passive) for redundancy.
  • Troubleshot application access issues, misconfigured rules, VPN connectivity, HA failover events and traffic anomalies using traffic logs, and packet captures. Successfully resolved 95% of issues within 2 hours.
  • Managed and supported 50+ Cisco ASA and Firepower Threat Defense (FTD) firewalls using FMC.
  • Designed and maintained 500+ ACLs, NAT, VPNs and security policies, including 20+ Site-to-Site and AnyConnect VPNs supporting 500+ concurrent sessions.
  • Performed firmware upgrades, failover configuration, and completed 12+ ASA to FTD migrations over 6 months.

Network Security Engineer

Entergy
05.2018 - 05.2020
  • Administered and supported 50+ Check Point NGFW (R80/R81) firewalls in enterprise environments.
  • Designed, implemented, and maintained 1000+ security policies, NAT rules, and access controls following least-privilege principles.
  • Configured and managed 20+ Site-to-Site and Remote Access VPNs ensuring secure connectivity.
  • Monitored firewall traffic and security events using SmartConsole, SmartView, and SmartLog.
  • Tuned and managed security blades including IPS, Anti-Bot, Anti-Virus, URL Filtering, and Application Control.
  • Performed firewall upgrades, patching, and migrations with minimal or zero downtime maintaining 99.9% uptime.
  • Managed High Availability clusters (Active/Standby, Active/Active) for firewalls and load balancers.
  • Configured and administered F5 BIG-IP (LTM, SSL offload, iRules) for secure application delivery.
  • Implemented and managed 500+ SSL/TLS certificates over 100+ applications and PKI infrastructure (certificate issuance, renewal, revocation, and trust chains).
  • Conducted rulebase reviews and cleanup, reducing attack surface and improving compliance.
  • Integrated Check Point firewalls and F5 with SIEM (Splunk/QRadar), Active Directory, and MFA.
  • Supported security and network compliance initiatives for PCI-DSS, SOX, and ISO 27001.

Network Security Engineer

IPROGRAM LLC
09.2017 - 08.2018
  • .Provided L1/L2 support for 10+ Check Point and 20+ Cisco ASA firewall platforms, resolving technical issues and maintaining 99.9% uptime.
  • Designed and implemented DMZ architectures and VPN configurations to secure remote access and partner connectivity.
  • Performed syslog analysis and created network architecture diagrams using Visio for documentation and change management.

Education

Master's Degree - Electrical & Electronics Engineering

University of Missouri-Kansas City
Kansas City, MO
05-2016

Bachelor's Degree - Electrical, Electronics & Communications Engineering

Jawaharlal Nehru Technological University Hyderabad
Hyderabad, India
05-2014

Skills

  • Vulnerability Management: Tenable (Nessus, Tenablesc, Tenable One), credentialed scanning, risk-based prioritization, application and container security
  • Security Architecture: Network security design, DMZ architecture, secure application design, risk assessments
  • Network Security: Palo Alto NGFW, Panorama, Cisco ASA, Firepower Threat Defense (FTD), FMC, Check Point NGFW (R80/R81), F5 BIG-IP, VPN (Site-to-Site, Remote Access, AnyConnect), IPS
  • PKI & Certificates: SSL/TLS certificate management, PKI infrastructure, certificate issuance, renewal, revocation, trust chains
  • SIEM & Detection: QRadar, Splunk, correlation rules, threat detection, log management, security monitoring, Active Directory integration, MFA
  • Cloud & DevSecOps: AWS, Azure, CI/CD pipeline integration, infrastructure as code, container scanning
  • Automation & Integration: Python, Shell scripting, REST APIs, JIRA API, SNMP, workflow automation
  • Identity & Access: CyberArk, LDAP integration, credential management
  • Compliance: PCI-DSS, SOX, ISO 27001
  • Tools & Platforms: Dynatrace, JIRA Insight, Visio, Git, Linux, Windows Server

Websites

Certification

AWS Certified Cloud Practitioner

AWS Certified Security – Specialty

Accomplishments

    Won the Spirit of Innovation Award 2025 for our project "Automation of analysis and ticket creation process for Vulnerability Management"

Timeline

Network Security Engineer – Vulnerability Management Specialist

Oncor Electric Delivery
01.2022 - Current

Network Security Engineer

Oncor Electric Delivery
06.2020 - 12.2021

Network Security Engineer

Entergy
05.2018 - 05.2020

Network Security Engineer

IPROGRAM LLC
09.2017 - 08.2018

Master's Degree - Electrical & Electronics Engineering

University of Missouri-Kansas City

Bachelor's Degree - Electrical, Electronics & Communications Engineering

Jawaharlal Nehru Technological University Hyderabad
Nagi Reddy Mamilla