Home

Praveen - Cybersecurity

[email protected]

Location: Oronoco, Minnesota, USA

Relocation: Yes

Visa: GC

Praveen Dasari Email: [email protected] M: +1 (980)-858-0251 SUMMARY: Versatile cybersecurity professional with experience of 9+ years in leading security operations, minimizing business impacts, and ensuring regulatory compliance. My expertise includes conducting risk assessments, Identity Threat Detection, vulnerability management, IT policy management, security audits, and enhancing security architecture. Proven ability to collaborate cross-functionally, manage critical security breaches, and conduct cloud security assessments with proficiency in diverse tools such as AWS, CrowdStrike, Qualys guard, and Splunk. Strong leadership skills demonstrated through mentoring and leading risk assessment projects. Exceptional communication skills are evident in clear and concise reporting on complex technical matters. Led security operations at VISA, minimizing business impact and ensuring regulatory adherence. Over 5 years of experience with Identity Threat Detection and Response (ITDR) implementations, specializing in CrowdStrike Falcon Identity and Microsoft Defender. Proficient in integrating Azure AD to enhance identity management and security across enterprises. Skilled in conducting behavior analysis and leveraging cyber threat intelligence to identify and mitigate identitycentric threats. Expertise in monitoring and responding to identity-centric threats, significantly reducing incident response times and enhancing overall security posture. Conducted risk and vulnerability assessments at Global Payments, enhancing security posture. Enhanced security architecture at VISA and Global Payments, aligning with industry best practices. Collaborated cross-functionally, fostering continuous learning and leading security training at VISA. Managed critical security breaches at VISA and National General Insurance, improving system resilience. Conducted cloud security assessments with AWS Inspector and Azure Security Center. Proficient in diverse security tools including Nessus, Metasploit, and Splunk. Establish a strong GRC (Governance, Risk and Compliance) practice to ensure adherence to best practice, regulatory requirements, and ISO 27001. Proficiency in TARA methodologies qualitative and quantitative analysis, STRIDE, DREAD, CVSS Skilled in vulnerability management and conducting comprehensive vulnerability assessments. Knowledge of regulatory frameworks (SOC1, HIPAA, PCI DSS) and compliance through TARA. Familiarity with security frameworks: NIST Cybersecurity Framework, ISO 27001, CSIRT, CIS Controls Expertise in incident response planning and preparedness through TARA. Strong documentation and reporting skills, with the ability to communicate risk posture effectively. Experience in planning, developing, implementing, monitoring, and updating security programs, and advanced technical information security solutions, and sound knowledge in SOC and PCI compliance requirements and understanding of NIST and ISO standards. Configure, maintain, and design network security solutions including firewalls (Checkpoint, Palo Alto, and Fortinet), IDS/IPS (Zscalar cloud IPS, Checkpoint and Snort), VPN, ACLs, Web Proxy, etc. Progressive experience in Enterprise Vulnerability Management, Risk Assessment, generating reports, SQL Injection XSS and major hacking protection techniques. Experience in using various testing tools like Burp Suite, Dir Buster, NMap, OpenVAS, Nexpose, Nessus, HP Fortify, HP Web Inspect, Confidential AppScan enterprise, Metasploit and Jira. knowledge on OWASP Top 10 based Vulnerability assessment of web applications. Experience with Security Risk Management with TCP-based networking. Domain knowledge in Retail, Banking and Financial Services, health care. Knowledge in detecting vulnerabilities over authentication, authorization, input validation, session management. Involved in Security Development Life Cycle (SDLC) to ensure security controls are in place. Having good experience SAST and DAST applications. Capable of identifying flaws like Security misconfiguration, Insecure direct object reference, Sensitive data exposure, Functional level access control and Invalidated redirects. Ability to develop and maintain metrics and reports on vulnerability findings and remediation compliance. Having good Knowledge on Jira, Root Kit, IP Spoofing, Virtual Box, Software Hardening concepts and SIEM. Good Knowledge of HTTP, HTTPS, Web application firewalls, checking logs, SSL and TLS. Good knowledge of SQL and programming skills in Python. Experience with Windows and Linux environments. TECHNICAL SKILLS: SIEM : Splunk, IBM Qradar, Insight IDR Rapid7, MS Sentinal. IDS/IPS : Snort, Suricata, Fortigate, Checkpoint. EDR / EPP : Sentinel One, Falcon Identity Protection, VMware Carbon Black. Cloud Security : AWS Security Hub, Splunk Cloud, Octa, Azure AD. Threat intelligence : Splunk ES, Dark trace, OSINT, Nessus, Qualys Guard. WAF/NGF : Palo Alto, Mod security, Barracuda, Forti web, AWS WAF. Operating Systems : Linux, MacOS and Windows. Frameworks : CIS, SOC1, SOC2, CSIRT, NIST-800-53, ISO-27001. Network Analysis : Wireshark, tcpdump, NetFlow. VA/PT tools : Nmap, Metasploit, Tenable.io, Qualys guard. Log Management : Syslog, Splunk Cloud, Rapid7, IBM Qradar. Programming Language: Python, PowerShell, SQL. Scripting Languages : PHP, HTML, CSS EDUCATION: Bachelor s in computer science and engineering April 2014 Certifications: ISC2 Certified Cyber Security. CompTIA Security+ . Qualys Certified Specialist. WORK EXPERIENCE: VISA, ATLANTA, GA Sep 2020 to Present Sr. Cyber Security Analyst Responsibilities: Led the design, implementation, and continuous improvement of enterprise-wide vulnerability management programs, ensuring comprehensive risk assessments across on-premise and cloud environments using tools like Rapid7, Nexpose, and InsightVM. Spearheaded the integration of threat intelligence feeds (e.g., CrowdStrike, Anomali) into SIEM tools, improving incident detection and response capabilities and enabling proactive threat mitigation. Managed the implementation of automated vulnerability scanning processes, reducing manual efforts by 30% and improving vulnerability remediation timelines. Deployed and configured advanced endpoint protection tools like CrowdStrike and Microsoft Defender, reducing endpoint compromise and enhancing identity-based threat detection and prevention with CrowdStrike Falcon Identity. Integrated Azure Active Directory (Azure AD) and ITDR tools for enhanced identity management, improving security posture and simplifying access control management for cloud applications. Implemented and managed Data Loss Prevention (DLP) solutions (e.g., Symantec, Proofpoint) to prevent unauthorized access to sensitive data, aligning with security policies and compliance standards. Designed and enforced security best practices for cloud environments, focusing on AWS configurations such as IAM, KMS, and VPC, and improving cloud security with AWS GuardDuty and AWS Config. Managed vulnerability remediation processes, coordinating efforts across IT, development, and security teams to promptly address critical vulnerabilities and system misconfigurations. Conducted security assessments and penetration testing on APIs, applying best practices from OWASP Top 10 to mitigate risks and vulnerabilities in data transmission and authentication. Led incident response efforts for identity-related threats, such as MFA bypass and credential stuffing, reducing response times by 40% and ensuring swift mitigation. Spearheaded the migration of critical systems to a hybrid cloud architecture, maintaining high security standards throughout the transition and implementing continuous monitoring. Utilized SIEM tools like Splunk, QRadar, and Phantom to monitor, investigate, and respond to security events, automating incident response workflows to reduce manual efforts and improve efficiency. Conducted cloud security assessments using CIS benchmarks and NIST 800-53 standards, ensuring AWS and Azure environments met security best practices and compliance requirements. Administered the implementation and management of multi-factor authentication (MFA) solutions, including RSA SecurID and Duo Security, securing access to enterprise resources and reducing the risk of account compromise. Managed security configuration for AWS and Azure environments, ensuring secure network zones, segmentation, and access control while maintaining strong security posture in cloud-native applications. Developed and maintained patch management procedures, improving patch compliance by 25% and ensuring all systems were up to date with the latest security patches. Collaborated with development teams to integrate security testing into CI/CD pipelines, automating security checks to ensure faster and more secure application deployments. Performed vulnerability assessments and conducted risk analysis using tools like Nexpose, Tenable, and Wireshark, identifying critical vulnerabilities and implementing remediation actions. Led security architecture initiatives, including secure network segmentation, to prevent lateral movement in case of a breach and enhance overall system resilience. Provided training for internal teams on secure coding practices, DLP protocols, and data protection measures, reducing vulnerabilities by 20% and promoting a security-conscious culture. GLOBAL PAYMENTS, DALLAS, TEXAS Sep 2018 to Aug 2020 Sr. Cyber Security Engineer Responsibilities: Managed enterprise-wide vulnerability management program, scanning over 50,000 endpoints and systems using Qualys, Tenable Nessus, and Nessus VA to identify and remediate vulnerabilities in both on-premise and cloud environments. Spearheaded the deployment of advanced endpoint protection tools (CrowdStrike, Carbon Black), reducing endpoint compromise by 25% and resolving incidents such as MFA bypass, credential theft, and phishing attacks. Integrated threat intelligence platforms (ThreatConnect, Anomali) with SIEM systems (QRadar, Splunk) to improve detection and response to security incidents. Deployed and managed cloud security solutions across AWS and Azure, securing VPCs, IAM roles, encryption settings, and cloud-native applications, ensuring compliance with industry standards and best practices. Implemented Zero Trust architecture principles for securing both internal and external applications with continuous authentication and authorization, reducing potential attack surfaces. Configured and managed Data Loss Prevention (DLP) solutions (Forcepoint, Symantec) to prevent unauthorized access to sensitive data, including customer and financial information. Led vulnerability patch management efforts, coordinating with IT and development teams to ensure timely application of security patches and updates across critical systems and infrastructure. Conducted regular cloud security assessments using tools like Azure Security Center and AWS security tools to identify and remediate vulnerabilities in cloud environments, enhancing overall security posture. Managed and configured security monitoring systems including SIEM platforms (QRadar, Splunk), IDS/IPS (Snort, Suricata), and DLP, optimizing alerts and improving incident detection and response times. Led penetration testing efforts for web applications and critical systems, identifying high-risk vulnerabilities and ensuring timely remediation to strengthen security defenses. Implemented and maintained multi-factor authentication (MFA) systems, improving user account security and reducing phishing risks by ensuring identity verification across all platforms. Collaborated with cross-functional teams to integrate cloud-based security policies into CI/CD pipelines, automating security checks to enable faster, secure deployments. Developed and enforced security policies for network and endpoint protection, ensuring compliance with internal standards and regulatory requirements such as ISO 27001, PCI DSS, and OWASP. Led investigations into security breaches, performing forensic analysis and developing action plans to prevent future incidents, while ensuring minimal business impact. NATIONAL GENERAL INSURANCE, SALEM, NC July 2017 to Aug 2018 Cyber Security Analyst Responsibilities: Experience with many of the following technologies/roles: Privileged Account Management, Two-Factor Authentication, Web filtering, Web Application Firewalls, virtualized computing environments, Encryption-atrest and encryption-in-transit, Vulnerability Management. Conducted comprehensive cybersecurity risk assessments utilizing Qualys guard. Installation and configuration of networks and network devices such as web application firewalls, network firewalls, switches, checkpoint firewall, blue coat proxy and routers. Network Security configuration, audit, and management of Windows servers. Installation, configuration, audit, and management of security tools. Security configuration, audit, and management of applications and databases. Leading security incident investigations, including basic forensic analysis and reporting. Deploying, automating, maintaining and managing AWS cloud-based production system, to ensure the availability, performance, scalability and security of production systems. Maintenance and monitoring of network and host intrusion detection and prevention technologies. Implementing security controls. Experience with using a broad range of AWS technologies to develop and maintain an Amazon AWS based cloud solution, with an emphasis on best practice cloud security. Implemented physical and procedural safeguards for information resources within the facility. Communicate effectively with senior management, peers, staff, and customers both inside and outside the corporation. Administered access to information resources and makes provisions for timely detection, reporting, and analysis of actual and attempted unauthorized access to information resources. Proposed and assisted with the acquisition of security hardware/software. Develops and maintains access control rules. Experience with VOIP systems. Maintains user lists, passwords, encryption keys, and other authentication and security-related information and databases. Lead the design, implementation, and migration of enterprise infrastructure and application services to software defined networks. Experience in Palo alto networks and firewall. Configure and manage AWS/Azure cloud infrastructure. Develops and leads procedures for testing disaster recovery plans. Provides help-desk-style assistance. Administered MS Windows Server, Red Hat Linux Server, and Network/Security Administration. Client: INTERSOFT DATA LABS HYDERABAD Security Analyst May 2014 to Nov 2016 Responsible for identifying, analyzing, investigating, and reporting security incidents using correlated alerts from the SIEM(QRadar). Accessing and managing firewall policies via Palo Alto Appliance and Azure Firewall. We constantly monitor security devices and applications for performance problems and provide troubleshooting support for clients. Monitoring and analyzing network traffic during incident triage using various security solutions namely IDS/IPS alerts, AV alerts, Mail GW logs, etc. Monitoring Phishing email Analysis by Email Header Analysis through various online tools and Sandboxing environments. Address incidents based on criticality, in the shortest possible time to minimize the potential impact on the customer. Working on different APT/Virus Alerts and endpoint attacks through Microsoft Defender Security. Remediate DLP incidents perform analysis of the activity and discover patterns and trends of user activity to enhance the monitoring. Working on assigned ticket queues and understanding and exceeding expectations on all tasked SLA commitments. Escalating issues to level 2 and management when necessary. Following security feeds and attack trends from multiple sites. Assists with the development of processes and procedures to improve analysis of incidents, and overall, SOC functions. Creating monthly reports with event statistics to ease the understanding of higher management. Keywords: continuous integration continuous deployment active directory information technology hewlett packard microsoft Georgia North Carolina Virginia