Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
Generic

Vasanthi Gondesi

Austin,TX

Summary

Cybersecurity Analyst with 8+ years of experience in enhancing enterprise security through innovative threat detection and risk management strategies. Expert in regulatory compliance and incident response across diverse industries, including telecom, energy, and finance. Proficient in implementing advanced security frameworks and tools, committed to safeguarding sensitive data and driving forward-thinking security solutions for high-profile clients.

Information security professional with solid expertise in safeguarding data and mitigating risks. Skilled in threat analysis, vulnerability assessment, and incident response. Strong focus on team collaboration and results, adapting seamlessly to changing needs. Known for reliability and strategic approach to maintaining robust security measures.

Overview

8
8
years of professional experience
1
1
Certification

Work History

INFORMATION SECURITY ANALYST

Black Box Network Services
06.2022 - Current
  • Ensure global compliance with PCI DSS, GLBA, SOX, FFIEC, enhancing audit readiness.
  • Deploy and configure security tools, aligning architecture with industry standards.
  • Lead incident response, reducing data exposure recurrence through root cause analysis.
  • Conduct risk assessments, recommending strategies to improve risk posture.
  • Facilitate security training, reducing social engineering risks through employee education.
  • Conducted comprehensive risk assessments, identifying critical vulnerabilities and implementing remediation strategies that strengthened overall security posture.
  • Developed and implemented security monitoring processes, ensuring compliance with PCI DSS and reducing audit preparation time through streamlined documentation.
  • Facilitated security awareness training sessions, fostering a strong security culture and empowering staff to recognize and respond to potential threats.
  • Conducted internal audits to identify areas of improvement within the organization''s information security program.
  • Collaborated with IT teams to ensure seamless integration of security measures into existing infrastructure.
  • Improved incident response times by creating and maintaining detailed incident response procedures.
  • Analyzed network traffic and system logs to detect malicious activities.
  • Developed plans to safeguard computer files against modification, destruction, or disclosure.
  • Encrypted data and erected firewalls to protect confidential information.
  • Administered and monitored firewalls, intrusion detection systems and anti-virus software to detect risks.
  • Increased organizational resilience with the development of comprehensive disaster recovery plans.
  • Optimized resource allocation by prioritizing identified risks based on their potential impact on business operations.
  • Supported legal teams in investigations involving cybercrime or data breaches, providing crucial technical expertise.
  • Reduced vulnerabilities by performing thorough penetration testing on a regular basis.
  • Streamlined threat monitoring processes for quicker identification of potential risks.
  • Conducted security audits to identify vulnerabilities.
  • Enhanced system protection by designing and deploying intrusion detection systems.
  • Boosted cybersecurity awareness among employees through effective training sessions and workshops.
  • Assessed vendor security during procurement processes, ensuring compliance with company policies and industry best practices.
  • Performed risk analyses to identify appropriate security countermeasures.

SECURITY ANALYST

BPX Energy
06.2020 - 05.2022
  • Developed IT compliance programs, ensuring alignment with SOX and NIST frameworks.
  • Collaborated on audit preparations, enhancing compliance processes and reducing gaps.
  • Conducted gap assessments, updating security plans to maintain robust security posture.
  • Identified and resolved SOX/SOC control issues, improving audit outcomes.
  • Maintained intrusion detection systems, boosting threat detection and response.
  • Executed in-depth risk analyses on cloud and on-prem systems, identifying critical security gaps and driving effective mitigation strategies.
  • Maintained meticulous documentation of compliance procedures, ensuring alignment with regulatory standards and facilitating smooth audit processes.
  • Fostered a culture of security awareness through training sessions, empowering staff to recognize and respond to potential threats effectively.
  • Executed comprehensive risk analyses on cloud and on-prem systems, enabling targeted security enhancements and substantial improvements in threat mitigation.
  • Maintained up-to-date knowledge of emerging threats by attending professional development events and staying informed on industry trends.
  • Analyzed log files for anomalies, identifying potential intrusions or malicious activity before significant damage occurred.
  • Developed and maintained detailed documentation on security processes, facilitating knowledge transfer and ensuring consistency in procedures.
  • Managed access controls for sensitive information systems, safeguarding data integrity and confidentiality.
  • Developed customized security policies and protocols, ensuring compliance with industry standards and best practices.
  • Participated in tabletop exercises simulating cyberattacks, leading to better preparedness for real-world incidents.
  • Enhanced network security by implementing intrusion detection systems and monitoring potential threats.
  • Reduced incident response times by establishing streamlined protocol for identifying and mitigating security breaches.
  • Optimized security software performance, tailoring configurations to meet unique needs of organization.
  • Strengthened network security by implementing advanced firewall configurations, reducing vulnerability to cyber-attacks.
  • Conducted regular system audits to ensure compliance with industry best practices, leading to fortified security posture.
  • Coordinated with external auditors during security certifications, showcasing organization's commitment to maintaining high security standards.
  • Enhanced data integrity and confidentiality by designing and applying comprehensive encryption strategies.
  • Led cybersecurity awareness training sessions, increasing employee understanding of potential security threats and preventive measures.
  • Customized security awareness materials to address specific vulnerabilities within organization, enhancing employee vigilance.
  • Collaborated with IT department to ensure seamless integration of security measures with existing infrastructure, enhancing overall system robustness.
  • Conducted detailed risk assessments for new software implementations, ensuring alignment with security standards before deployment.
  • Analyzed and reported on security trends within industry, guiding strategic planning and investment in new security technologies.
  • Encrypted data and erected firewalls to protect confidential information.
  • Played key role in negotiation of contracts with security service providers, ensuring cost-effective solutions without compromising on quality.

CLOUD SECURITY ENGINEER

State Farm Insurance
04.2019 - 05.2020
  • Integrated cloud security best practices into deployment automation processes, collaborating with clients and internal stakeholders to align cloud security strategies with business risk and regulatory compliance requirements.
  • Acted as a trusted advisor on cloud security strategies, guiding cross-functional teams in developing and continuously monitoring secure and compliant cloud structures.
  • Designed and implemented secure, scalable cloud infrastructure solutions across Azure, AWS, and GCP, reducing security misconfigurations and accelerating cloud adoption.
  • Developed and maintained Terraform-based Infrastructure as Code (IaC) with embedded security controls, enhancing infrastructure repeatability and compliance.
  • Partnered with DevOps teams to build secure CI/CD pipeline, integrating automated security checks, reducing deployment risk.
  • Assessed cloud environments against CIS Benchmarks, NIST, and HITRUST, identifying and remediating compliance gaps to meet regulatory requirements.
  • Monitored and responded to cloud infrastructure security incidents, improving mean time to detect (MTTD) and mean time to respond (MTTR).
  • Implemented multi-factor authentication systems for improved user access management in the cloud.
  • Conducted thorough vulnerability assessments for cloud applications, recommending necessary updates and patches to maintain a secure environment.
  • Facilitated smooth migrations of legacy systems to secure cloud platforms while minimizing potential risks during transitions.
  • Optimized network security by configuring firewalls, load balancers, and intrusion prevention systems within the cloud environment.
  • Enhanced cloud security by implementing robust encryption methods and access control techniques.
  • Collaborated with cross-functional teams to identify and remediate potential security risks within the cloud environment.
  • Delivered regular reports on the status of organizational cloud security measures to key stakeholders, facilitating informed decision-making processes regarding risk management and ongoing improvement initiatives.
  • Established comprehensive risk management policies, reducing exposure to cyber threats in the organization''s cloud infrastructure.
  • Ensured compliance with data privacy regulations such as GDPR by implementing stringent data protection measures across all aspects of the organization''s information system landscape in the cloud realm.
  • Utilized code and modern cloud-native deployment techniques to design, plan and integrate cloud computing and virtualization systems.
  • Identified, analyzed and resolved infrastructure vulnerabilities and application deployment issues.

INCIDENT RESPONSE ANALYST

COX Communications
02.2018 - 03.2019
  • Managed 24/7 Security Operations Center, enhancing system detection and response efficiency.
  • Configured network devices, optimized log pipelines, ensured regulatory compliance.
  • Implemented security tools like IDS/IPS, firewalls, VPNs, strengthening network defenses.
  • Collaborated with teams to improve SIEM rules, boosting threat visibility and response.
  • Conducted security assessments, identified gaps, recommended detection improvements.
  • Conducted comprehensive analysis of security incidents, enabling data-driven improvements and reducing the likelihood of future breaches.
  • Spearheaded the integration of advanced threat detection tools, lead to improved accuracy in identifying potential security risks.
  • Collaborated with cross-functional teams to identify opportunities for process improvement and increased efficiency.
  • Improved internal knowledge sharing by developing comprehensive documentation outlining standard operating procedures for various tasks.
  • Increased operational transparency by developing and implementing new reporting framework.
  • Improved decision-making processes, providing senior management with detailed analysis and actionable insights.
  • Supported creation of detailed, technical financial models to value potential acquisition targets.
  • Frequently inspected production area to verify proper equipment operation.
  • Maintained overall safe work environment with employee training programs and enforcement of safety procedures.
  • Collected, arranged, and input information into database system.
  • Generated reports detailing findings and recommendations.
  • Gathered, organized and input information into digital database.
  • Developed effective improvement plans in alignment with goals and specifications.
  • Conducted in-depth market analysis to identify trends, guiding strategy adjustments for competitive advantage.

CYBERSECURITY & SOC ANALYST INTERN

Cummins
07.2017 - 01.2018
  • Supported research and analysis of emerging threats, development of incident response playbooks, conduction of risk assessments, and collaboration with cross-functional teams to support organizational security objectives.
  • Collaborated with leadership to develop cybersecurity strategies aligned with NIST and ISO 27001 and enhance overall risk posture.
  • Monitored and analyzed real-time security alerts using SIEM tools, enabling early threat detection and rapid incident response.
  • Drove containment, eradication, and recovery efforts during security incidents, minimizing operational disruption and data loss.
  • Contributed to cross-functional risk assessments and vulnerability remediation, reducing exposure to high-impact threats.
  • Enhanced network security by monitoring systems for potential threats and vulnerabilities.
  • Reduced false alarms by fine-tuning intrusion detection system configurations based on historical analysis of incidents.
  • Identified root causes of security breaches through thorough investigation and analysis of log data.
  • Provided technical support during high-priority incidents, ensuring timely resolution with minimal impact on business operations.
  • Maintained accurate documentation of all SOC activities, facilitating knowledge sharing across the organization.
  • Improved incident management workflows through streamlined communication between SOC Analysts, IT departments, and other relevant parties.
  • Supported compliance initiatives by conducting regular audits of security controls and providing recommendations for improvement.
  • Promoted a culture of security awareness through regular training sessions, presentations, and workshops for employees at all levels.
  • Prepared comprehensive reports summarizing data analysis findings, informing key decision-makers of important trends and patterns.
  • Participated in planning and execution of community outreach programs, strengthening community relations.
  • Enabled more organized inventory system by cataloging company assets.
  • Helped meet changing demands by recommending improvements to business systems or procedures.
  • Cultivated positive relationships with vendors to deliver timely and cost-effective supply of services and materials.
  • Provided reporting for forecast analysis and ad-hoc reporting in support of decision-making.
  • Encrypted data and erected firewalls to protect confidential information.
  • Maintained overall safe work environment with employee training programs and enforcement of safety procedures.
  • Developed effective improvement plans in alignment with goals and specifications.

Education

MASTER IN COMPUTER SCIENCE -

University of Virginia
Charlottesville, VA
06.2016

Master of Science - Information Technology And Management

Campbellsville University
Campbellsville, KY
05-2017

Ph.D. - Doctorate in Information Assurance

University of Fairfax
Salem, VA
06-2026

Skills

  • Risk assessment
  • Threat intelligence
  • Security awareness training
  • Vulnerability assessment
  • Risk mitigation
  • Network security
  • SIEM management
  • Compliance management
  • Incident response
  • Critical thinking skills
  • Application security
  • Security architecture
  • Access control
  • Regulatory compliance
  • Privacy regulations
  • Wireshark software
  • Cybersecurity expertise
  • Penetration testing
  • Audit support
  • Developing security plans
  • Firewall administration
  • Data protection
  • Secure coding
  • Cloud security
  • Risk analysis & mitigation
  • Monitoring computer viruses
  • Linux server
  • Ethical hacking
  • Problem-solving
  • Security protocols
  • Compliance monitoring
  • Firewall management
  • IDS integration
  • Security needs assessment

Certification

  • SANS CYBER THREAT INTELLIGENCE SUMMIT & TRAINING 2024
  • CompTIA SECURITY+ CERTIFICATION Jan 2025 - 2028
  • CompTIA CYSA+ Certification Jul 2025 - Jul 2028

Timeline

INFORMATION SECURITY ANALYST

Black Box Network Services
06.2022 - Current

SECURITY ANALYST

BPX Energy
06.2020 - 05.2022

CLOUD SECURITY ENGINEER

State Farm Insurance
04.2019 - 05.2020

INCIDENT RESPONSE ANALYST

COX Communications
02.2018 - 03.2019

CYBERSECURITY & SOC ANALYST INTERN

Cummins
07.2017 - 01.2018

MASTER IN COMPUTER SCIENCE -

University of Virginia

Master of Science - Information Technology And Management

Campbellsville University

Ph.D. - Doctorate in Information Assurance

University of Fairfax

Similar Profiles

CREATE PROFILE