Sankar Innamuri
Summary
Highly motivated and results-oriented IT Security professional with 6+ years of experience in securing IT infrastructure, cloud environments (AWS, Azure, GCP), and applications. Proven ability to identify, investigate, and respond to security threats and incidents. Skilled in log analysis, security automation (Python), penetration testing, and security best practices. Seeking to leverage expertise in SOC operations and offensive security to contribute to a robust cybersecurity posture.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Application Security Analyst
Amazon.com, Inc. or its affiliates
Dallas
07.2023 - Current
- Identified and remedied security vulnerabilities in the e-commerce platform's codebase by performing static code analysis using Checkmarx.
- Integrated Checkmarx and SonarQube into Jenkins CI/CD pipelines to ensure continuous security testing and early detection of vulnerabilities.
- Oversaw SOC operations, monitoring and responding to security incidents
- Lead training sessions for developers on secure coding practices and the importance of adhering to OWASP Top 10 guidelines.
- Participated in security incident response efforts, analyzing potential breaches and mitigating risks promptly.
- Developed automation scripts to streamline incident response processes, reducing the time to identify and mitigate threats by 30%
- Collaborated with teams to implement network security measures and EDR solutions
- Extensive experience in Information Security, Application Security, and Security Engineering
- Strong understanding of container services such as Docker and Kubernetes
- Maintained SOC documentation for knowledge-sharing and training purposes
- Created comprehensive security playbooks to standardize incident response procedures.
- Managed threat intelligence feeds and incorporated them into Qradar for proactive threat detection
- Conducted offensive security assessments to identify vulnerabilities in data protection strategies and implemented countermeasures
- Ensured compliance with data protection frameworks, focusing on PKI implementation
- Identified and mitigated a Distributed Denial of Service (DDoS) attack by analyzing traffic patterns with IDS/IPS tools.
Cyber Security Analyst
Wipro Technologies - Wells Fargo
India
01.2019 - 07.2021
- Conducted static code analysis using Fortify and Checkmarx to identify and fix vulnerabilities in banking applications. Regularly achieved a 30% reduction in critical vulnerabilities each quarter
- Ensured adherence to PCI DSS and GDPR through comprehensive security assessments.
- Maintained a 100% compliance rate during annual audits by implementing required security controls.
- Developed and implemented efficient and reusable Python code for cybersecurity engineering projects.
- implemented OWASP Top 10 guidelines into the development lifecycle, leading to a 30% reduction in critical vulnerabilities.
- Designed, tested, and maintained automation scripts and workflows within the SOAR platform.
- Analyzed security event data from the network (IDS Sensor, Firewall traffic)
- Established security gates using Checkmarx One to enforce code quality and security standards
- Reviewed, debugged, and resolved technical issues throughout the Software Development Life Cycle stages
- Ensured compliance with audit, regulatory, and legal requirements, aligning solutions with the cybersecurity strategy
- Utilized Jira to create, track, and manage security issues identified during code reviews and testing phases.
- Designed and implemented custom Jira workflows for managing security vulnerabilities, resulting in improved tracking and faster remediation of security issues.
- Monitored and analyzed network traffic and system logs to identify potential security threats
SOC Analyst
MasterCard
India
07.2016 - 11.2018
- Managed SOC operations with SIEM, Firewall, and EDR technologies (mention specific tools if applicable)
- Implemented Splunk SIEM and integrated data sources
- Analyzed logs, conducted threat hunting, and responded to security incidents using Splunk
- Established security best practices and protocols to mitigate data breaches
- Contributed to developing engineering specifications to ensure compliance with security, resilience, and dependability requirements and collaborated on security standards and risk analysis methodologies
- Assisted cybersecurity architects in designing and developing security solutions aligned with business goals and risk tolerance
- Validated current and future state architectural models to assess impact across cybersecurity technology systems
- Conducted regular reviews of firewall rule sets to optimize performance and security posture
- Performed application security penetration testing using various tools (mention specific tools if applicable).
Education
Master of Science in Cybersecurity and Information Assurance -
University of South Florida(USA)
05.2023
Skills
- SIEM Tools: QRadar, Nessus, Qualys, Splunk, Metasploit, and SOC
- Security and Threat Hunting: Burp Suite, OWASP ZAP MITRE ATT&CK Framework, Wireshark (IDS/IPS), App Sec testing (SAST, DAST, and IAST), SonarQube, Veracode IAST, Checkmarx One, Purple Team Exercises, and Cuckoo Sandbox
- Security Standards: OWASP Top 10, PCI DSS, and GDPR
- Penetration Testing Tools: Burp Suit, Metasploit, and SQL Map
- Scripting: Python, PowerShell, JavaScript, Detection Rule Development
- Network and Cloud Security: IP, DNS, TCP, CIS, and AWS
- Databases and Data Analysis: Tableau, Power BI, SQL, and Pandas
Certification
- Certified in Ethical Hacking (CEH), ECC03395761003, EC Council
- Azure cloud (Az-900)
- Pursuing Certified Information Systems Security Professional (CISSP)
Accomplishments
- Received recognition for successfully completing a penetration testing project for a reputed hotel in Dubai, identifying critical vulnerabilities in their network and significantly reducing the risk of a potential breach.
- Promoted to Practice Lead within two years from the Cybersecurity Analyst position, recognized as the best employee in the team.
Timeline
Application Security Analyst
Amazon.com, Inc. or its affiliates
07.2023 - Current
Cyber Security Analyst
Wipro Technologies - Wells Fargo
01.2019 - 07.2021
SOC Analyst
MasterCard
07.2016 - 11.2018
Master of Science in Cybersecurity and Information Assurance -
University of South Florida(USA)
Similar Profiles
Kimberly WilberKimberly Wilber
Sr Program Manager at Amazon.com, Inc. or its affiliatesSr Program Manager at Amazon.com, Inc. or its affiliates
Jacob LaurieJacob Laurie
Air Gateway Associate at Amazon.com, Inc. Or Its AffiliatesAir Gateway Associate at Amazon.com, Inc. Or Its Affiliates
Ebony R. GrilloEbony R. Grillo
Customer Service Representative at Amazon.com, Inc. or its affiliatesCustomer Service Representative at Amazon.com, Inc. or its affiliates
Damilola OyedepoDamilola Oyedepo
Application Security Analyst at KoraApplication Security Analyst at Kora
BAYO ADEYINABAYO ADEYINA
Application Security Analyst at Innova SolutionsApplication Security Analyst at Innova Solutions