Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Vaishali Mahavratayajula

Summary

Experienced Security Consultant with a passion for building robust security automations and expertise in establishing security frameworks and assessments for Generative AI Applications. Adept at developing innovative solutions to complex security challenges with a strong focus on risk management and compliance. Skilled in leading teams and collaborating cross functional stakeholders to achieve organizational goals. Proven ability to implement and maintain effective security strategies, policies and procedures through various security champion programs.

Overview

10
10
years of professional experience
1
1
Certification

Work History

Security Engineer

Amazon
06.2022 - Current
  • Currently working on a Maturity model that defines application criticality based on business impact and helping dev teams in transition from L1 to L4 security maturity state. The model defines the application into Ring0,1,2,3 based on its functionality.
  • Developing, Implementing and maintaining security measures to protect GenAI Systems , data and Infrastructure. Providing design recommendations for all upcoming GenAI systems in Amazon, protecting Customer's accounts against authorization vulnerabilities,sensitive information disclosure,prompt injection, supply chain vulnerabilities and data poisoning.
  • Designed and implemented LLM that analyzes security incident/consultation tickets and categorize them into respective security areas reducing overhead for support engineers to respond repetitive tickets. Analyzing these tickets will enable Sr security engineers to resolve security issues across Amazon.
  • Hands on experience in building security maturity models and Controls for top mission critical applications that are responsible to provide global identity across Amazon.Reviewed. Conducted security evaluations that include but not limited to Threat model, manual code review, security testing for individual applications and long term engagements
  • Hands on experience in reviewing security reviews that include Threat model for complicated architectures, manual code review, conducting security testing, SAST and DAST scans, and Incident response management for most Red applications ( applications that process Critical, restrictive and sensitive data )
  • Responsible for lending security voice to convince leaders in development teams to migrate legacy applications, iincorporate security best practices in early phases of development and train developers as security champions
  • Building and developing automated queries that facilitates quick security reviews
  • Experience working with LLMS that generate test cases for security testing, analyze source code and identify potential security threats such as SQL Injection, XSS and buffer overflows.
  • Pursuing OSCP certification, participated in Hack the box labs, burp-suite challenges, and tryhackme challenges

Cyber Security Engineer

Visa Inc
01.2019 - 06.2024

Develop and automate comprehensive reports to proactively measure security threats including findings and assessments. Hands on expertise in intrusion detection systems , behavior analytics , perimeter security and log analysis Perform security audits of internal systems, applications, and
processes for compliance with security standards and policies Designing, integrating and documenting technical components
for seamless data extraction and analysis on big data platform
Expertise in technical and functional designs for Databases, Data Warehousing, Reporting, and Data Mining area.

Strong knowledge and experience with a range of big data hadoop components such as HDFS, Map Reduce, Pig, Hive, Sqoop, Flume, Zookeeper and two distributions (Cloudera &
Hortonworks) Hands on Hadoop Security frameworks like
(Kerberos, Sentry, Ranger, Knox) and Integration of Active Directory / LDAP with Hadoop cluster Hands on Hadoop Security frameworks like (Kerberos, Sentry, Ranger, Knox) and Integration of Active Directory / LDAP with Hadoop cluster

06/2018 – 01/2019
Senior security Assessment Specialist

Senior Security Specialist

Populous Group , Client: Visa
06.2018 - 01.2019
  • Performing data Analysis and generating daily reports using
    Tableau. Generating day to day reports that help in analyzing
    vulnerabilities. Good hands-on in writing MySQL and MSSQL
    scripts as per need.
  • Implemented high availability strategies and capacity planning ,
    installations, Performance tuning and debug.
  • Identifying security risks proactively and implement policies
    that mitigate risks Analyze Data, Perform aggregations, data formatting, writing Queries and management
  • Engineer security solutions, implement tools that promote
    these solutions, and coordinate plans to apply this technology

Data Analyst

HCL Technologies
02.2014 - 08.2016
  • Develop, maintain, and distribute standard project management deliverables for the successful launch of new
    products and services, including an implementation plan, project schedule, meeting minutes, risks assessment and
    contingencies.
  • Received Best Employee award for customer satisfaction from clients
  • Work with business and customer stakeholders to define product objectives and requirements.
  • Managed implementation and ongoing administration of
    MongoDB Greenplum, SQL infrastructure
  • Managed MongoDB scaling across data centers and in-depth understanding of MongoDB HA strategies, including replica set
    supporting business users on answering complex business questions via Tableau and ad-hoc SQL queries.
  • Involved in performance tuning of spark applications for fixing
    right batch interval time and memory tuning
  • Using the memory computing capabilities of spark using scala, performed advanced procedures like text analytics and
    processing.

Education

Master of Science - Information Security

Wilmington University
Delaware, United States
05.2018

Skills

  • Building Security Maturity models for enterprise ApplicationsHands on experience in assessing red applications, Manual code review, threat model, security testing
  • Expertise in tools NightWolf, ScouteSuite, Prowler, securing AWS infrsstructure
  • Expertise in Security Architecture, threat modelling complex architectures, Secure-by Default designs, Conducting security assessments and remediation strategies
  • Developing baseline security recommendations and guides in GenAI security for developers to adopt security in design stages
  • Experience in end point security, user behavior Analytics
  • Security compliance frameworks, Security Policies, SAS Risks, Leverage threat model analysis to build behavior based detections and security automations
  • Hands on experience implementing LLMs
  • Experience in python coding

Certification

  • (In Progress) Offensive Security certifications (OSCP )
  • Cloud era certified Hadoop Administrator
    (08/2015 – 01/2019)
  • VMware certified Professional - desktop virtualization
    (09/2015 – 01/2019)


Courses :

  • PG in AIML from Simply Learn ( Machine Learning, Natural Language Processing, Artificial Intelligence )
  • Stanford Advanced computer security program
    (02/2019 – 01/2019)
  • Stanford Center for Professional Development
    Using Cryptography, Writing Secure Code, Exploiting and Protecting
    Web Applications Mobile Security , Network Security , Emerging threats and Vulnerabilities. Cyber security and Executive strategy

Timeline

Security Engineer

Amazon
06.2022 - Current

Cyber Security Engineer

Visa Inc
01.2019 - 06.2024

Senior Security Specialist

Populous Group , Client: Visa
06.2018 - 01.2019

Data Analyst

HCL Technologies
02.2014 - 08.2016

Master of Science - Information Security

Wilmington University

Similar Profiles

CREATE PROFILE
Vaishali Mahavratayajula