Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

SRIKANTH POTLA

Dallas,TX

Summary

Over 7+ years of IT Professional Experience comprising of Linux and System Administration with a major focus on AWS, Continuous Integration/Deployment, Configuration Management, Build and Release Management and Virtualization technologies which also includes Troubleshooting Performance issues. Experienced in all phases of the software development life cycle (SDLC) with specific focus on the build and release of quality software. Experienced in Waterfall, Agile/Scrum, Lean and most recently Continuous Integration (CI) and Continuous Deployment (CD) practices. In-depth understanding of the principles and best practices of Software Configuration Management (SCM) in Agile, SCRUM to Stash Migration, Waterfall methodologies. Wrote Templates for AWS infrastructure as a code using Terraform to build staging and production environments. Experienced in Infrastructure as Code (IaC), Terraform Enterprise and Terraform Cloud deployments. Experienced with integrating Wiz with different cloud environments to enable continuous workload scanning. Experienced in writing Sentinel policies and automated policy tests. Worked with global security teams performing application and IT infrastructure security assessments. An efficient team player in challenging and creative environment with excellent capacity to adapt new technologies and skills. Possess strong technical aptitude with strong analytical, work ethic, problem solving and communication skills. Worked with Devops Integrating Security tooling in CI/CD Pipeline with Checkmarx and Snyk for Static Code analysis and identify Vulnerabilities in Library Dependencies. Wrote Python CLI tools for AWS Security reporting and AWS lambda scripts for monitoring and alerts. Worked with Ansible Playbooks, Terraform for Cloud deployment. Assisted developers with configuring Snyk dependency vulnerability scanner and integrating into Team Services workflow process. Utilized Snyk to analyze, review and approve opensource dependencies or provide remediation for dependencies with vulnerabilities, configured Qualys to perform vulnerability scans on multiple systems. Integrated SAST security testing with the pipeline using various tools for testing vulnerabilities. Developed Application Security program (DAST, SAST, IAST) at the enterprise level to identify, report and remediate security vulnerabilities from applications deployed in DEV, PRE-PROD and PROD environments. Produced Python script to query Twistlock for detailed vulnerability information for distribution to Application Teams. Integrated Twistlock scans into pipelines to verify container security. Architected, deployed, and optimized the Container security tool, Twistlock in AWS. Experience in writing Ansible scripts, Shell, Perl, Python, and YAML scripting. Created Python Scripts to Automate AWS services, include web servers, ELB, Cloud front Distribution, database, EC2 and database security groups, S3 bucket and application configuration, this Script creates stacks, single servers or joins web servers to stacks. Wrote python scripts for implementing Lambda functions. Automation of security processes including, DevSecOps, Continuous Integration (CI) and Continuous Delivery (CD) of security operations. Experience in providing highly available and fault tolerant applications utilizing orchestration technologies like Kubernetes on Google Cloud Platform. Implemented multi-tier application provisioning in AWS, OpenShift cloud and integrating it with Chef/Puppet. Experience in managing the security groups on AWS, focusing on high-availability, fault tolerance, and auto-scaling using Terraform templates, along with Continuous Integration and Continuous Deployment with AWS Lambda and AWS Code Pipeline. Extensively worked with Scheduling, deploying, managing container replicas onto a node cluster using KUBERNETES and experienced in creating KUBERNETES clusters work with frameworks running on the same cluster resources. Experience in monitoring System/Application Logs of server using Splunk to detect Prod issues.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Information Security Senior Advisor

Anthem Inc
05.2020 - Current
  • Provide solutions to implement continuous integration & continuous deployment solutions for large sized project
  • Developing Jenkinsfile for CICD pipeline to automate build and deploy application in different environments
  • Developed and automated infrastructure for various security services such as Prisma Cloud, Twistlock, and SecurityHub in AWS using CloudFormation + Terraform
  • Write new Sentinel policies, and automated Policy tests, to enforce InfoSec (Information Security team) guidelines to govern development teams' IAC code across the enterprise
  • Documented system configurations, Instance, and AMI build practices, backup procedures, troubleshooting guides, and keep infrastructure and architecture drawings current with changes
  • Responsible for supporting Infrastructure as code (IAC) to engineers across the enterprise, including but not limited to specialized knowledge of HashiCorp's Terraformsyntax and Terraform Enterprise Platform
  • Deployed outposts in AWS, Azure for Wiz deployment
  • Crerated pipelines in JenkinsCore for automated outpost, connector creations for Wiz
  • Experienced with developing a shared pipeline library for container image scanning using Wiz CLI in JenkinsCore pipelines
  • Supporting client on AWS environment with build and managing enterprise - scale DevOps platforms, including code repositories, application build automation tool, Maven and testing tooling, automated deployment tooling, CICD pipeline (using Jenkins), containerization technologies (Docker & Kubernetes), monitoring and general automation of infrastructure provisioning (CloudFormation & Terraform), and configuration management functions (Ansible)

Information Security Advisor

CNO Financial Services
09.2019 - 05.2020
  • Developed Application Security program (DAST and SAST) at the enterprise level to identify, report and remediate security vulnerabilities from applications deployed in DEV, PRE-PROD and PROD environments
  • Managed security assessments to ensure compliance to firm's security standards (i.e., OWASP Top 10, SANS25, NIST-800 and ISO)
  • Implemented file system security by applying hashing techniques for protecting data stored in files on the file servers
  • Worked extensively with software development teams to review the source code, triage the security vulnerabilities generated by Snyk, Checkmarx, Twistlock and eliminated false positives
  • Generated executive summary reports showing the security assessments results, recommendations and risk mitigation plans and presented them to the respective business sponsors and senior management
  • Worked with DevOps teams to automate security scanning into the build process
  • Created custom controls and securing all AWS services via Python boto3 lambdas and IAM roles using CloudFormation + Terraform
  • Worked on several Tier - 0 & Tier-1 cloud-native applications in AWS using services such as EC2, S3, Lambda and Glue Built and automated serverless infrastructure using Lambda
  • Developed and automated infrastructure for various security services such as Prisma Cloud, Twistlock, and SecurityHub in AWS using CloudFormation + Terraform
  • Built infrastructure and integration for environment monitoring services such as DataDog Built CI/CD pipelines with Jenkins and Gitlab Worked with GitOps development workflow and infrastructure as code (IAC) Vital role in the areas of design, operation, implementation, and maintenance of all security infrastructure Designed and lead implementation of security tools to improve monitoring and compliance
  • Drove extensive security awareness campaigns across the organization
  • Reviewed new technology projects for adherence to security policies and standards
  • Provided consulting and education to mitigate risks and develop compliance strategies
  • Implemented remediation with compliance for cloud infrastructure across the organization
  • Actively monitored new and emerging security and privacy related technologies, trends, issues, and solutions and assessing their applicability to confidential key business initiatives and business strategies
  • Identification and implementation of initiatives based on roadmaps
  • Technical writing of procedures, standards, and other security controls.

DevSecOps Engineer

LabCorp
12.2018 - 08.2019
  • Supporting engineering plans and schedules by providing CM/Release Engineering services to build, deploy, develop scripts, oversee branch, and merge strategies, and build automated tools as necessary to offer services to engineering team
  • Converted and automated builds using Maven and Ant
  • Scheduled automated nightly builds using Jenkins
  • Helped developers and other project teams to set views and environments
  • Created and applied Baselines and Labels for each Build Artifacts
  • Worked on Multiple AWS instances, set the security groups, Elastic Load Balancer and AMIs, Auto scaling to design cost effective, fault tolerant and highly available systems
  • Launched and configured The Amazon EC2 (AWS) Cloud Servers using AMI's (Linux/Ubuntu) and configuring the servers for specified applications
  • Configured RDS instances using Cloud formations and terraform
  • Automated AWS components like EC2 instances, Security groups, ELB, RDS, Lambda and IAM through AWS cloud Formation templates
  • Worked with Cloud Watch to setup Alarms and notify them using SNS
  • Migrated workloads from Jenkins, bitbucket to Gitlab enterprise
  • Implemented the architecture for container security solution, worked with multiple solutions (Twistlock, Aqua, Orca, Wiz and Sysdig) and sorted the best opt for Confidential at the organization level
  • Created and maintained container image scanning templates (Twistlock, Qualys and Trivvy) in GitLab
  • Packaged multiple applications into docker images to work seamlessly with application teams.

Application Security Engineer

Dish Network
01.2018 - 11.2018
  • Leading the POC, adoption and deployment of IAST - interactive application security for application security and threat modelling port and firewall rules, gathering technical information for prospective applications and recommending, code installation procedures
  • Passive AST Agent installation and automation with Puppet for the company wide applications and ensuring the vulnerabilities where address to conform with NIST standards and enforce compliance
  • SSO Integration for various applications
  • API security scanning and automated integration with Data Theorem and integration with Apigee
  • Designed and implemented a continuous build-test-deployment (CI/CD) system with multiple component pipelines using Jenkins to support weekly/Monthly releases and out-of-cycle releases based on business needs
  • Design extensive CloudFormation templates for provisioning AWS infrastructure using Jenkins for SAST, SCA, Container, DAST, IAC, Inspector, Infrastructure and Compliance scan applications
  • Created task definitions and services CloudFormation stacks for ECS Fargate container deployments for multiple Rest API's and invoked the container from AWS lambda functions
  • Experience with container-based deployments using Docker, working with Docker images, Docker Hub, and Docker-registries, ECR, EKS and Kubernetes
  • Writing builds (Maven) and deployment scripts (Shell) to automate build and deployment of the application
  • Create Jenkins CI CD pipelines for continuous build & deployment and integrated Junit and SonarQube plugins in Jenkins for automated testing and for Code quality check
  • Writing initiate, auth, verify, QueryScan test cases for Inspector, SAST, DAST, API security scanning solutions and deployment with Jenkins pipelines
  • Orchestration of containers and configuring task definitions in AWS ECS, for Dockerized applications and OWASP ZAP
  • Proffering solutions, Application security support and troubleshooting application specific code base errors in python, Java based applications, resolving context specific tickets for application security assessments and retests.

DevOps Engineer

Blue Cross Blue Shield
09.2016 - 12.2017
  • Role required Planning, deploying, monitoring, and maintaining Amazon AWS cloud infrastructure consisting of multiple EC2 nodes and Virtual Machine's as required in the environment
  • Strong hands-on on AWS cloud services like EC2, S3, RDS, ELB, and EBS for installing, configuring
  • Maintained the user accounts (IAM), RDS, Route 53, VPC, RDB, Dynamo DB, SES, SQS and SNS services in AWS cloud
  • Utilize Cloud Formation and Puppet by creating DevOps processes for consistent and reliable deployment methodology
  • Performed Build/Release/SCM engineer duties
  • Implemented Puppet Master, Puppet Console and Puppet Agents, Create Puppet modules and Classes
  • Performed code line GIT pushes (releases) to production and customer servers and developed and improved GIT push scripts
  • Involved in writing Python, Perl and shell scripts for compilation and deployment process
  • Automated the cloud deployments using chef, python (boto) and AWS Cloud Formation Templates
  • Working on SAST and DAST tools for secure code reviewing and to find potential vulnerabilities
  • Experience in writing ansible scripts
  • Worked on Virtualization of build and SCM environments
  • Building pipelines in Jenkins while also fully scripting the creation and provisioning of Jenkins
  • Scripting infrastructure and (Linux) machine provisioning from scratch using tools such as bash and the Ruby AWS-SDK
  • Collaborate in the automation of AWS infrastructure via terraform, ansible, and Jenkins - software and services configuration via chef cookbooks
  • Worked in DevOps group running Jenkins in a Docker container with EC2 slaves in Amazon AWS cloud configuration
  • Also gain familiarity with surrounding technologies like Kubernetes
  • Worked with the development team to generate deployment profiles (jar, war, ear) using ANT Scripts and Jenkins.

Education

Master's - Cybersecurity and Information Science

New England College
Henniker, New Hampshire

Master's - Computer Science Engineering

TEXAS A & M UNIVERSITY
KINGSVILLE, TEXAS

Bachelor of Technology - Electronics and Communication Engineering

JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY

Skills

  • Windows
  • Linux
  • Unix
  • Ubuntu
  • Red hat
  • CentOS
  • Python
  • Shell scripting
  • Bash
  • HTML
  • NodeJS
  • Yaml
  • Json
  • VPC
  • Route 53
  • LDAP
  • DNS
  • FTP
  • DHCP
  • SSH
  • TCP/IP
  • SFTP
  • Splunk
  • Data dog
  • Nagios
  • CloudWatch
  • JIRA
  • Remedy
  • Service Now
  • Ansible
  • Chef
  • Docker
  • Kubernetes
  • Terraform
  • Checkmarx
  • Snyk
  • Prisma Cloud Enterprise
  • Prisma Cloud Compute (Twistlock)
  • Hashicorp Vault
  • Wiz
  • Qualys Cloud Agent

Certification

  • AWS Developer Associate
  • Kubernetes Security Specialist

Timeline

Information Security Senior Advisor

Anthem Inc
05.2020 - Current

Information Security Advisor

CNO Financial Services
09.2019 - 05.2020

DevSecOps Engineer

LabCorp
12.2018 - 08.2019

Application Security Engineer

Dish Network
01.2018 - 11.2018

DevOps Engineer

Blue Cross Blue Shield
09.2016 - 12.2017

Master's - Cybersecurity and Information Science

New England College

Master's - Computer Science Engineering

TEXAS A & M UNIVERSITY

Bachelor of Technology - Electronics and Communication Engineering

JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY

Similar Profiles

CREATE PROFILE
SRIKANTH POTLA