Summary
Overview
Work History
Education
Skills
Websites
Certification
Awards
Timeline
Generic

Srinivasa Rao Elluri

Pilot Point,USA

Summary

Project Manager and Security Architect with over 15 years of expertise in security testing, vulnerability management, and governance within telecom and banking sectors. Demonstrated success in leading cross-functional teams, implementing enterprise security frameworks, and achieving compliance with GDPR, ISO 27001, and PCI DSS. Holds certifications in CEH, ITIL Foundation, and AWS Solutions Architect, with a proven record in cloud security and penetration testing. Experienced in mentoring teams and driving quality improvements to enhance security postures across various environments.

Overview

17
17
years of professional experience
1
1
Certification

Work History

Project Manager - Security Testing/Vulnerability management & Governance

Virgin Media O2
09.2021 - 04.2025
  • Responsible for selection of Static & Dynamic Security Testing scanners. Also responsible for creation of Pen Testing Strategy, Vendor selection, schedule and execution.
  • Reviewing the Pen Test Reports. Verifying the severity scores based on CVE & CWE frameworks, NIST and OWASP. Conducting root cause analysis against identified vulnerabilities and prioritize the vulnerabilities remediation.
  • Led security governance for enterprise-scale cloud transformation projects in telecom.
  • Point of contact for all the SMIP cybersecurity projects including development of project Threat modeling, Managing Project Risk Register & Tracking the defect remediation status and updating the plans and status to Senior Leader Ship Team.
  • Hands-on experience with .Net & Python.
  • Responsible for running Weekly stakeholders’ meetings, including vendors, SLT, and the CISO to provide updates.
  • Conducted Structural Code Quality & Architecture Reviews and implemented Quality Gates for cloud security and On Premises.
  • Evaluated more than 100+ vendor application security risk before onboarding them into corporate landscape.
  • Mentored junior staff members in best practices for quality management, contributing to overall team growth and development.
  • Investigated customer complaints and performed corrective actions to resolve quality issues.
  • Excellent exposure in Web based vulnerability assessment& scanning Tools based on OWASP Top 10, NIST and SANS Top 25.
  • Hands-on experience on privacy, incident response, governance, risk and compliance, enterprise security strategies and architecture. Understanding & implementation knowledge in ISO 27001, CIS, PCI DSS, NIST, ITIL, COBIT.
  • Hands-on experience with Static and Dynamic scanners & vulnerability management tools (Web Inspect, Qualys Scan, HP Fortify, CAST, Veracode).
  • Responsible for Data Center DR plan & executions. Handled Annual Disaster Recovery activities for all the private cloud Production Environments, reduced execution efforts 40% by implementing automation.
  • Validated & implemented GDPR & Telecom Security Act (TSA) Regulatory requirements. Responsible for conducting Pen testing & prioritization of defects across all the platforms.
  • Having ability to initiate/manage cross-functional teams and multi-disciplinary projects & Vendor management.
  • Extensive hands-on experience with Test Data Management tools in TDM tools (Grid Tools Data maker, Oracle Enterprise Manager).
  • Trained more than 20 team members on functional & non-functional & Test Data Management, Security Testing, Usability Testing.
  • Validating application architecture, application benchmarking with industry and domain specific, based on Performance, Security, Robustness, Transferability, Changeability and Maintainability Index parameters.
  • Implementation of Usability Testing & Test Data Generation & Management.
  • Solid background in .Net Development configuring websites and security hardening.
  • Involved in the full SDLC. A proactive team player with good knowledge of Agile & Waterfall methodologies, with experience in requirements gathering, development, testing, and production support.
  • Established robust quality documentation systems that ensured traceability throughout the entire production lifecycle.
  • Reduced defects in products by conducting thorough inspections and identifying areas for improvement.
  • Designed and enforced security governance frameworks for enterprise cloud migration.
  • Managed cross-functional teams and multi-million-dollar projects under regulatory compliance (GDPR, TSA).
  • Interfaced with CISOs and senior stakeholders to communicate risk and remediation.

Apps Security & Governance Manager

Virgin Media O2
08.2017 - 09.2021
  • Profound knowledge of the cloud platforms and services offered by Telco cloud & Azure cloud platforms and services.
  • Make sure that Telecom Security Act (TSA) controls are implemented as per the requirement.
  • Led security frame works, Managed interactions with development teams, evaluated architecture validations, design specifications.
  • Researching and evaluating new cloud security technologies, tools, and practices to enhance the security posture of the organization.
  • Have daily meetings and workshops with the development team to ensure that the basic needs of a build are satisfied before moving forward with design and project integration.
  • Identify potential risks and exposures and provide strategic guidance for the transfer of cloud workloads, infrastructure, business units, business processes, and external suppliers for information security risks.
  • Balance the needs of the business with security considerations, then make risk-based proposals to progress.
  • Conducted regular audits to ensure adherence to established protocols, maintaining consistency across the organization.
  • Facilitated communication between departments regarding quality concerns, fostering collaboration towards shared goals.

Security Architect

UBS Bank
10.2014 - 08.2017
  • Designing reliable and flexible security architecture as per business needs. Evaluate the effectiveness' of security controls in the Cloud/On-Premises.
  • Collaborate with external teams and in-house development departments to offer advice and oversight on penetration testing and vulnerability scans.
  • Defining Pen Testing Framework, Security Automation and Pen Testing Methodologies, RACI Matrix, Bench Marking based on industry standards.
  • Give guidance and suggestions to development and operational teams to deal with security vulnerabilities and discover possible new security solutions in cloud settings.
  • Mapping identified vulnerabilities to architecture/design flaws wherever applicable.
  • Providing comprehensive evaluation of overall application security posture.
  • Including Corporate Information Security in the design and execution of the entire enterprise cloud framework.
  • Responsible for Implementation of Evidence Based Testing across all the UBS Banks locations in the globe.
  • Conduct security architecture reviews of planned cloud migration initiatives across the organization and produce high quality Threat models for cloud environments clearly articulating risks.
  • Facilitate technical discussions, acting as a mentor in both official and unofficial capacities to exchange information among Information Security and technology teams.

Security Consultant

Lloyds Bank
03.2011 - 10.2014
  • Interaction with various project teams in understanding the business issues, requirements, doing exhaustive analysis and providing end-to-end solutioning.
  • Create security frameworks for systems based on their technology stack, business criticality. Identifying resources for conducting the Pen Testing.
  • Conducting weekly review meetings to discuss the Identifying security gaps and provide recommendation to development team in results read out call.
  • Technology tailored checks lists & guidelines preparation for development teams.
  • Preparation of project execution plan, schedule and resourcing details.
  • Develops cloud-native architectures incorporating necessary security measures in accordance with business needs.
  • Mapping identified vulnerabilities to architecture/design flaws wherever applicable.
  • Conducting architecture reviews & look for chances to enhance existing solutions consistently.
  • Develop application specific bench marking based on Performance, Security, Transferability, Changeability, Robustness parameters & Based on CAST Appmarq study.
  • Evaluated new technologies and methodologies for potential implementation within the organization's quality assurance program, staying ahead of industry trends.
  • Customer centric checklist prepared to record the application pain points, which needs to be addressed.

Sr. Manager

Cadenza Solutions
07.2010 - 03.2011
  • Extensively worked with a Business Analyst to translate business requirement into technical requirements.
  • Efforts allocation and finalization.
  • Creation of new packages based on the relevant tree structure and bug fixing.
  • Responsible for all the UAT activities.
  • Creation of Micro sites using .Net Nuke based on project requirement.
  • Managed Databases and Dedicate servers.
  • Procured appropriate software, hardware, server space, and third-party applications.
  • Coordinating with API, Gateway Vendors for new Configurations, bug fixing etc., for PartyManao website.
  • Day-to-day interaction with team members, finalizing the production/test site release dates.
  • Involved in reviewing/creating the process documents, before it is baselined.

IT Specialist

Alvarado, USA
09.2009 - 06.2010
  • Responsible for customizing the customer Direct application based on the client's requirement.
  • Accountable for resolving issues logged by the customers.
  • AMC/Warranty Extensions for various projects which were attached to the Customers.
  • Interactions with Customer Support Executives regarding the changes required by Customers as mentioned in the calls.
  • Accountable for support and Customer User creations.
  • Resolving issues which were sent to the login support mail account.
  • Accountable for bug fixing and applying relevant patches.
  • Created Views and Indexes to increase performance.
  • Unit testing, System testing and Integration testing.
  • Designed and developed standards for application development include C# and ASP.NET.
  • Designed and developed the web forms using ASP.NET/C#.

Software Engineer

3i Infotech
04.2009 - 08.2009
  • Company Overview: Customer Direct Product
  • Responsible for customizing the customer Direct application based on the client's requirement.
  • Part of internal systems .Net Development team and responsible for developing new modules based on demand.
  • Accountable for bug fixing and applying relevant patches.
  • Created Views and Indexes to increase application performance.
  • Unit testing, System testing and Integration testing.
  • Designed and developed the web forms using ASP.NET/C#.
  • Customer Direct Product

Consultant

NCR Voyix
12.2007 - 03.2009
  • Actively involved in reviewing HLD and preparing the detailed low-level designs for: BESPOKE DEV FOR FUEL MGMT. SYSTEM.
  • Part of core Development Team of BOS Module. Developed core library functions which are required for database connections.
  • Developed stored procedures for all database manipulations.
  • Developed Crystal Reports pertaining to BOS Module.
  • Involved in Development of HOS websites.
  • Developed/reviewed Program Specifications (PS's) and Test Cases for the assigned tasks.

Education

Diploma in Advanced Software Technology (DAST) - Information Technology

CMC Ltd.

Master of Computer Applications (MCA) -

Indira Gandhi National Open University
India

Skills

  • AWS and Azure
  • GCP
  • Version control systems
  • Oracle and MySQL
  • DynamoDB and MongoDB
  • Python programming
  • Shell scripting
  • Web development technologies
  • Java and C#Net
  • VBNet and Visual Basic 60
  • Containerization and orchestration
  • Agile methodologies
  • Waterfall project management
  • Testing frameworks
  • Static code analysis tools
  • Security assessment tools
  • Network protocols
  • Project management tools

Certification

  • ITIL Foundation
  • Certified Ethical Hacker (CEH)
  • AWS Certified Solution Architect – Associate

Awards

  • DELL Silver Medal Winner
  • VMO2 SMIP Hero Award Winner
  • NTT DATA INDIA Bronze Medal Winner
  • UBS Bank Client Appreciation Winner
  • Appreciation from VMO2 CISO
  • NTT DATA UK Town Hall Award Winner

Timeline

Project Manager - Security Testing/Vulnerability management & Governance

Virgin Media O2
09.2021 - 04.2025

Apps Security & Governance Manager

Virgin Media O2
08.2017 - 09.2021

Security Architect

UBS Bank
10.2014 - 08.2017

Security Consultant

Lloyds Bank
03.2011 - 10.2014

Sr. Manager

Cadenza Solutions
07.2010 - 03.2011

IT Specialist

Alvarado, USA
09.2009 - 06.2010

Software Engineer

3i Infotech
04.2009 - 08.2009

Consultant

NCR Voyix
12.2007 - 03.2009

Diploma in Advanced Software Technology (DAST) - Information Technology

CMC Ltd.

Master of Computer Applications (MCA) -

Indira Gandhi National Open University

Similar Profiles

  • Ifti Raja

    Ifti RajaIfti Raja

    Field Engineer at Virgin Media O2Field Engineer at Virgin Media O2

  • Alex Rotar

    Alex RotarAlex Rotar

    Senior Network Architect (Optical Transport) at Virgin Media O2Senior Network Architect (Optical Transport) at Virgin Media O2

  • BASSEY EYO

    BASSEY EYOBASSEY EYO

    Senior Digital Transformation Project Manager and Release Manager at Virgin Media O2Senior Digital Transformation Project Manager and Release Manager at Virgin Media O2

  • Paolo Viesti

    Paolo ViestiPaolo Viesti

    DIGITAL PERFORMANCE LEAD at Virgin Media O2DIGITAL PERFORMANCE LEAD at Virgin Media O2

  • HOLLY L. LEVIS

    HOLLY L. LEVISHOLLY L. LEVIS

    Administrative Assistant at GP West, Inc.Administrative Assistant at GP West, Inc.

CREATE PROFILE
Srinivasa Rao Elluri
Resume profile created at Resume-Now.com