Hi, I’m
Tharun Kumar Vattam
Security Engineer
Charlotte,NC
Summary
Dynamic Cloud Security Engineer with a proven track record at Express Scripts, adept at automating vulnerability management and enhancing cloud monitoring. Expert in AWS and incident response, I reduced manual efforts by 60% while fostering collaboration across teams. Strong analytical skills complement my technical expertise in IAM and compliance frameworks.
Overview
5
years of professional experience
6
Certification
Work History
Express Scripts (Cigna/Evernorth)
Cloud Security Engineer
05.2024 - Current
Job overview
- Spearheading vulnerability management initiatives across AWS-hosted environments by integrating Qualys VM with custom detection and remediation automation pipelines.
- Developed AWS Lambda scripts and SSM workflows to automate patching and vulnerability scans, reducing manual effort by 60% and improving scan consistency across 300+ EC2 instances.
- Enhanced cloud monitoring visibility by designing CloudWatch dashboards and alarms, reducing response time to security incidents by 40%.
- Managed secure secrets rotation via AWS Secrets Manager and enforced fine-grained IAM policies across development and staging accounts.
- Conducted hardening assessments across Linux-based cloud workloads (Amazon Linux 2, Ubuntu 22.04) following CIS benchmarks and implemented corrective controls.
- Collaborated with audit and compliance teams to maintain ISO 27001 and HIPAA alignment through evidence gathering, remediation tracking, and quarterly audits.
- Tools: AWS (EC2, Lambda, CloudWatch, SSM, IAM, Secrets Manager), Qualys, Python, Bash, GitHub Actions
University of North Carolina at CharlotteCharlotte, NC
Linux Research Associate – Systems & Networking
08.2023 - 04.2024
Job overview
- Supported Tier 1 & 2 Linux system administration for 100+ lab and faculty systems, including RHEL and Ubuntu-based workstations.
- Migrated legacy Puppet automation to Ansible + AWX, reducing config drift and provisioning effort by over 40%.
- Administered endpoint patching via ManageEngine and WSUS, supporting improved compliance and timely vulnerability remediation.
- Automated system tasks (mounting, provisioning, updates, user adds) using Bash, PowerShell, and shell scripts.
- Supported AD-integrated user management, GPO policy rollout, and WSUS patch flow across academic and faculty systems.
- Authored SOPs for dual-boot imaging, VM setup (VMware/VirtualBox), and endpoint hardening for research systems.
- Tools: RHEL 7/8, Ubuntu 20.04, Ansible, WSUS, PowerShell, GitLab, ManageEngine, Zabbix, AWX, AD, GPO
HCLTech (Client: Cisco)Chennai
Security Engineer
01.2022 - 07.2023
Job overview
- Oversaw incident response operations for Cisco’s internal SOC, handling endpoint malware alerts, phishing cases, and cloud misconfigurations.
- Used Azure Sentinel and Microsoft Defender to triage security alerts, perform RCA, and escalate unresolved threats.
- Conducted vulnerability lifecycle reviews across hybrid infrastructure using Rapid7/Nessus, and managed remediation follow-up.
- Authored threat advisories for newly published CVEs and created playbooks for phishing triage and URL detonation workflows.
- Led access reviews and privileged identity policy enforcement using Azure AD and Identity Governance tools.
- Contributed to log correlation improvements in SIEM, reducing noise from false positives by 30% through tuning and custom KQL queries.
- Tools: Azure Sentinel, Microsoft Defender, Rapid7, KQL, Azure AD, IAM, CrowdStrike, EDR/XDR, ServiceNow
Appletech SolutionsBengaluru
Security Analyst Intern
08.2020 - 12.2021
Job overview
- Assisted in monitoring and managing a simulated SIEM (Elastic Stack) environment used by ECE students for blue team training.
- Participated in vulnerability analysis labs using OpenVAS and Nessus, and generated VAPT reports under mentorship.
- Built basic Bash scripts for automating Nmap scans and parsing log files across Linux-based lab servers.
- Supported setup and patching of Ubuntu/RHEL VMs used for university research in firewall testing and IDS (Snort) tuning.
- Collaborated with peers to publish an internal project on malware sandboxing and dynamic log forensics.
- Tools: ELK Stack, Nessus, Snort, OpenVAS, Nmap, Bash, Ubuntu, RHEL
Education
University of North Carolina at CharlotteCharlotte, NC, USA
Masters from Cybersecurity
12.2024
University Overview
GPA: 4.0/4.0
Rajeev Gandhi Memorial College of Engineering and TechnologyKurnool, India
Bachelor of Technology
04.2022
University Overview
GPA: 8.4/10
Skills
- Cloud Platforms: AWS (EC2, IAM, Lambda, CloudWatch, Systems Manager, Secrets Manager), Azure (Azure AD, Sentinel, Defender for Endpoint)
- Security & Vulnerability Management: IAM, Privileged Access Management (PAM), CIS Benchmarks, HIPAA, ISO 27001, Qualys, Nessus, Rapid7, OpenVAS
- SIEM, EDR & Incident Response: Azure Sentinel, Microsoft Defender, CrowdStrike, ELK Stack, Snort, KQL
- Configuration & Automation: Ansible, AWX, Red Hat Satellite, WSUS, GitHub Actions, Bash, PowerShell
- Operating Systems & Platforms: RHEL 7/8, Ubuntu 2004/2204, Amazon Linux 2, Windows Server, VMware vSphere, VirtualBox
- Scripting & Monitoring: Python, Bash, Zabbix, ManageEngine, GitLab, systemctl, journalctl
- Identity & Access Management: AWS IAM, Azure AD, Group Policy Objects (GPO), Access Reviews, Identity Governance
- Networking: Cisco Routing & Switching, SD-WAN, Azure Virtual Network, VPN, NAT, Firewalls
Certification
- CompTIA Security+
- Certified Ethical Hacker (CEH)
- AWS Certified Solutions Architect – Associate
- Azure Security Engineer Associate
- ELearnSecurity Junior Penetration Tester
- Cisco Certified Network Associate (CCNA)
Accomplishments
- SAC Lead (Student Activity Club) - Served as the Lead for 2 years, driving club initiatives, organizing events, and engaging 200+ students. Active member for 4 years.
- Secured 2nd place in the Capture the Flag challenges at the 2024 Cyber Security Symposium hosted by UNC Charlotte, outperforming 49 other participants and demonstrating expertise in threat detection and network forensics.
- Participated in BSides 2023 conference, gaining valuable cybersecurity insights and expanding professional network within the industry.
- Served as captain of the college basketball team, leading them to victory in 2 championship finals in inter-collegiate tournaments.
Availability
See my work availability
Not Available
Available
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Timeline
Cloud Security Engineer
Express Scripts (Cigna/Evernorth)
05.2024 - Current
Linux Research Associate – Systems & Networking
University of North Carolina at Charlotte
08.2023 - 04.2024
Security Engineer
HCLTech (Client: Cisco)
01.2022 - 07.2023
Security Analyst Intern
Appletech Solutions
08.2020 - 12.2021
University of North Carolina at Charlotte
Masters from Cybersecurity
Rajeev Gandhi Memorial College of Engineering and Technology
Bachelor of Technology
Similar Profiles
Dawn ValentinoDawn Valentino
Patient Advisor/Customer Service Representative at Cigna Express Scripts-Evernorth Health ServicesPatient Advisor/Customer Service Representative at Cigna Express Scripts-Evernorth Health Services
Steven BrowningSteven Browning
Technical Product Owner (IT Business Analyst) at Express Scripts/ Evernorth (Cigna)Technical Product Owner (IT Business Analyst) at Express Scripts/ Evernorth (Cigna)
Steve LowerySteve Lowery
Quality Assurance Analyst at EXPRESS SCRIPTS (Evernorth)Quality Assurance Analyst at EXPRESS SCRIPTS (Evernorth)
Alicia BrewtonAlicia Brewton
Health Insurance Agent at Ttec (TeleTech) - HealthCare SolutionsHealth Insurance Agent at Ttec (TeleTech) - HealthCare Solutions
Keyla CastroKeyla Castro
Immigration Legal Assistant at Marcela Rodriguez EsqImmigration Legal Assistant at Marcela Rodriguez Esq