KRISHNAREDDY D.

• Having 12+ years of experience as Cyber Security Engineer in various Domains such as SIEM Tools and CyberArk and SailPoint, Web Application/Thick Client Security Testing, Vulnerability Assessment, Penetration Testing and Generating reports using tools. • Expertise in automating security testing using SAST, DAST, and IAST tools, as well as managing infrastructure as code with Terraform, Ansible, and Kubernetes. Proficient in cloud security (AWS, Azure) and securing CI/CD pipelines to ensure continuous delivery of secure software. • Skilled in deploying and managing CyberArk solutions to secure and monitor privileged accounts, reducing risks associated with unauthorized access. • Extensive experience in designing and implementing IAM policies and frameworks, enforcing least privilege, and ensuring secure access control across enterprise environments. • Proficient in configuring and optimizing SIEM tools for real-time monitoring, threat detection, and incident response, reducing mean time to detect (MTTD) and respond (MTTR) to security threats. • Strong background in designing and managing secure networks, implementing firewalls, VPNs, and intrusion detection/prevention systems (IDS/IPS) to protect organizational assets. • Excellent knowledge in CWE, OWASP Top 10, and WASC Threat Classification 2.0 methodologies. • Experience in penetration testing with Kali Linux: Nmap, Nessus, Nexpose, Wireshark, Proxy Chains, Enum4linux, Password Cracking, TCP Dump, PW Dump, FG Dump, and Metasploit. • Experience with industry recognized SIEM (Security Information and Event Management) solutions such as IBM QRadar, Splunk, and Log Rhythm and hashicorp vault • I have experience in Plain id using giving access control and Data Access Control. • Worked on validation of SailPoint migration, Plain ID Implementation. • In-depth experience with log search tools such as Splunk, usage of regular expressions and natural language queries. • cloud-based IAM platforms such as Azure Active Directory, AWS IAM, or Google Cloud IAM, and their integration capabilities with Plain ID. • Good experience with system vulnerability detection and mitigation. • Good Understanding of Web Technologies HTTP, HTML & CSS. • Good Understanding of compliance and regulatory requirements like PCI DSS, SOX & HIPPA. • Good Understanding in pen testing Mobile application both Android and IOS. • Experience in different web application security testing tools like Metasploit, Burp Suite, SQL map, OWASP ZAP Proxy, Nessus, Nmap and HP Fortify. • Strong working knowledge of ITI, ISO27001, NIST (SP-800.53. Rev 4) Security and Privacy Controls for