Summary
Overview
Work History
Education
Skills
Accomplishments
Languages
Internships
Projects
Timeline
Generic

Krishna Reddy

Vancouver,BC

Summary

Focused and goal-oriented, Cyber Security professional, with over 5 Years of experience in IT Managed Services, SOC and Cloud Security. Conducts security risk assessments, evaluates security services and technologies, and reviews and documents information security policies and procedures as well as provides monitoring and oversight for alerts in the Cloud environment.

Overview

7
7
years of professional experience

Work History

Senior Engineer II

CoverGenius
11.2022 - Current
  • Experience with working on Endpoint Detection & Response using Carbon Black, CrowdStrike and Microsoft Defender.
  • Developed threat models in Carbon Black EDR and MS Defender to make sure EDR tools will flag any suspicious events.
  • Experience in working with IBM QRadar for collecting, processing and indexing network data in real time.
  • QRadar helped in remediating threats faster by providing data based on parameters like Event ID, Hostnames and others.
  • Experience in Vulnerability Management with Rapid7 tool to manage vulnerabilities found on servers and workstations.
  • As part of vulnerability Management, based on threat intel from vendor, we use CVE ID's to find vulnerabilities and plan for patching devices.
  • Experience with security administration work like managing both Azure Active Directory and On-prem AD. Created prod & non-prod accounts in AD as requested by the projects and managing access to the network shares.
  • Experience with Azure Sentinel for collection with data connectors, monitoring key metrics and better threat hunting.
  • Operational work like adding hash values and files to policy exclusions if values are legitimate and assigning endpoints to respective policies.
  • Experience with Microsoft Defender for managing security alerts and remediating them. As Sentinel and Defender are bidirectional, i make sure both tools are updated with threat models.
  • Experience with cloud-delivered firewall ( CISCO ) working on configuring Destination Lists, Security settings in Policy components.
  • Experience with code collaborations tools like GitHub and for API testing worked on Postman.
  • Experience with Single Sign On (SSO) using OKTA.
  • Develop and implement Risk Management Framework (RMF)-based policies and comprehensive cybersecurity processes to ensure robust security implementation across organization.
  • Conduct thorough assessments of cloud infrastructure against security best practices and compliance requirements, identifying vulnerabilities and coordinating remediation efforts to enhance cloud security posture.
    - Support engineering teams in adopting 'shift left' security culture by providing tools, training, and advice for securing web applications and integrating security testing (SAST/DAST) into development pipelines.
  • Design and enforce Mobile Device Management (MDM) policies for corporate devices, ensuring compliance with stringent security policies.
    - Manage provisioning, de-provisioning, and tracking of employee hardware, including oversight of Bring Your Own Device (BYOD) policies to align with information security standards.
  • Engage in technical design reviews, integration testing, and documentation to support security aspects of software and infrastructure projects.
  • Serve as key security point of contact for both current and prospective customers/partners, providing detailed information on security measures and compliance.
  • Conduct risk assessments for current and potential vendors to ensure they meet company’s security standards.
  • Coordinate and lead regular access reviews and security compliance audits to maintain and enhance organizational security measures.
  • Develop and deliver security training programs aimed at increasing employee awareness of phishing threats and promoting compliance with corporate policies.
  • Spearhead organization’s efforts in meeting various compliance frameworks, including SOC2, through coordinated audits, policy development, and adherence strategies.
  • Organize and oversee external security assessments such as annual penetration testing, ensuring continuous improvement in security practices.

Cyber Security Analyst

ZE Power
03.2022 - 10.2022
  • Worked on Sophos tool for Monitoring Alerts in Sophos End point protection
  • Ex
  • Sending response to user whose device encryption has suspended
  • Helping employees with BitLocker recovery key
  • Have good knowledge on FortiAnalyzer
  • In ZE power used FortiAnalyzer for Daily alert monitoring
  • Monitor traffic regularly by checking logs in FortiAnalyzer
  • Worked on Tenable for monthly and quarterly vulnerability scanning, In ZE power used to create target groups and create basic network scans for client IPs
  • Based on vulnerabilities work with IT Team to resolve high and critical vulnerabilities
  • Created scheduled scans
  • Have good understanding of how to create phishing campaigns by using Knowbe4
  • In ZE power use Knowbe4 is training platform used in organization
  • Have created training and phishing campaigns
  • Also worked on AD Audit+, in ZD power Used to check logon failure
  • Have worked on Internal Audits
  • Have created weekly Audits and Quarterly Audits for ZE clients
  • As part of quarterly audit worked on software Escrow process
  • Created policy exception forms for clients
  • Created incident report for Open relay spam attack
  • Worked with IT team to gather information about Incident
  • Worked on employee on-board and off boarding process
  • Also involved in change management process
  • As part of weekly Audit, have to create security report listing number phishing emails received by employees.

Security Operations Engineer

Capgemini Pvt Ltd.
03.2017 - 07.2019
  • Worked with AWS's native security tools like GuardDuty, Maice, SecurityHub, IAM analyzer, Inspector and Shield environments are secure
  • Automate security business processes like auto-remediation findings/alerts using event watch and Lambda
  • Monitor, track and analyze security events from many systems both within and outside AWS
  • Conduct incident response analysis using SIEM tool (Splunk)
  • Worked closely with developers, architects, devops and risk managers on Cloud deployments to diagnose, document, and remediate deviations from security standards
  • Prepared Weekly, monthly and Quarterly security reports by collecting, analyzing, and summarizing data and trends
  • Assist with ensuring controls are being followed for SOC2 compliance.

Education

Master of Science - Cyber Security

New York Institute of Technology
Vancouver, BC
12.2020

Skills

  • Sophos
  • FortiAnalyzer
  • Nessus
  • Okta
  • Jira
  • Tenable
  • Microsoft Defender, Sentinel
  • Microsoft Azure, Microsoft Active Directory
  • AWS Services (S3, EC2, Guard Duty, Security HUB, AWS Inspector)
  • SOC2
  • PCI-DSS
  • Python

Accomplishments

  • Develop useful content (Reports/Dashboards/Correlation Rules/Watch-lists etc.) for SPLUNK.
  • Worked on Sophos Monitoring the Alerts in the Sophos End point protection.
  • Experience in using FortiAnalyzer in ZD Power we used FortiAnalyzer for Daily alert monitoring. We monitor the traffic regularly by checking the logs in FortiAnalyzer.
  • SecurityHub, IAM analyzer, Inspector and Shield environments are secure.
  • Monitor, track and analyze security events from many systems both within and outside AWS.
  • Application vulnerability assessments and creating weekly summary.
  • Review of data logs and tickets daily. Refinement of the steps and maintaining the KB (Knowledge Base) etc.

Languages

English
Professional Working
Hindi
Limited Working
Telugu
Native or Bilingual

Internships

  • Network Penetration testing & Defense (Server-Side attack), 6 months, In a team of 2, Discovered vital
    machine details and vulnerabilities using Nmap and Nessus.
    Exploited vulnerabilities using Metasploit & Analyzed packet flow in Wireshark., Configured rules for
    Snort IDS to detect attacks.
  • Configured Firewall using iptables to prevent attacks., Identify internal and external threats that could
    result in unauthorized disclosure, misuse, alteration, or destruction of an organization's information
    assets.
  • Identify and prioritize all vulnerabilities in the organization's environments and provide timely
    vulnerability assessment reports to key stakeholders, Co-ordinates and response to security
    penetration testing and the management of vulnerabilities.
  • Ensure timely follow up with patch management and vulnerability remediation in coordination with
    support teams.
  • Work with technical teams to coordinate, conduct, and tune network and system vulnerability scans
    prior to deployment and when those systems are modified within pre-production and production
    environments

Projects

  • Cyber Threat detection by SIEM tools An approach to Cyber threat detection by collecting logs of data
    and correlation in SIEM tool).
  • Analyzing the logs to find False Positives Core Computing Courses: Software Input Validation, Cloud
    security, Operating system security, Intrusion detection and Data center security

Timeline

Senior Engineer II

CoverGenius
11.2022 - Current

Cyber Security Analyst

ZE Power
03.2022 - 10.2022

Security Operations Engineer

Capgemini Pvt Ltd.
03.2017 - 07.2019

Master of Science - Cyber Security

New York Institute of Technology

Similar Profiles

CREATE PROFILE
Krishna Reddy