Lekhya Uppati
Hermitage,TN
Summary
Detail-oriented Cyber Security Analyst with four years of hands-on experience in protecting organizational data and infrastructure from cyber threats. Proficient in conducting vulnerability assessments, implementing security protocols, and monitoring networks for suspicious activities. Skilled in incident response and risk management, with a strong understanding of security frameworks and compliance regulations. Proven track record of collaborating with cross-functional teams to enhance security posture and streamline processes. Committed to continuous learning and staying abreast of emerging threats and technologies in the cybersecurity landscape.
Overview
3
3
years of professional experience
1
1
Certification
Work History
Network Security Engineer/ Cloud Security Engineer
CSS Corp.
03.2020 - 03.2023
- Involved in using servers for the App in performing on-going security monitoring and detailed assessments of the organization's information systems, security risks, and providing management reports on issues and corrective action plans
- Led development of security procedures and documentation to ensure business is compliant with all corporate security policies
- Designed secure network architectures, incorporating best practices and latest industry standards
- Leading day-to-day administration of active directories including Windows Active Directory object maintenance
- Takes responsibility for management of multiple Domain Controllers located across multiple domains and sites
- Before systems go live, evaluating design efficacy of IT controls, looking for loopholes and fixing them.
- Offering technical know-how and spearhead deployment of automated end-to-end certificate management across various application stacks
- Giving internal teams technical design and architectural guidance on how to safely create and construct applications and supporting systems
- Application teams guidance on appropriate certificate lifecycle management
- Ability to clearly explain crypto topics to variety of groups including non-technical people and those who are familiar with technologies.
- Conducting complex troubleshooting and repair tasks on Active Directory, Domain Controllers, DNS, DFS, NPS, and DHCP configurations, user authentication, and other operational systems
- Perform fraud and spam investigations using various data sources, identify product vulnerabilities and drive anti-abuse experiments to prevent abuse
- Conducted comprehensive application security reviews to identify vulnerabilities and ensure compliance with industry standards, enhancing overall security posture of applications
- Designed secure architecture for new applications, integrating security best practices into development lifecycle, resulting in 30% reduction in vulnerabilities during initial deployment phase
- Led threat modeling sessions to proactively identify potential security threats and mitigate risks, improving risk assessment processes across multiple projects
- Developed and delivered security training for internal development teams, increasing security awareness and fostering culture of security-minded development
- Created detailed security guidance documentation that provided clear protocols and best practices for developers, facilitating secure coding practices and reducing incidents of insecure code
- Administer DNS, DFS, NPS, and DHCP and supports infrastructure
- Good level of understanding and implementation of commonly deployed WAN technologies and concepts like MPLS, SDWAN, P2P, WAN Optimization, etc
- Good knowledge of Layer 3 technologies, including IPv4, BGP, OSPF, EIGRP, GETVP, etc
- Dealt with priority level tickets
- Have basic knowledge and understanding of security risk management frameworks (specifically, ISO 27001-27002, SOC 2) requirements and standards
- Assist in continuous development, implementation, and ongoing maintenance of security training and awareness education program
- Assisting operations team in handling Tier 1-2 security tickets, by utilizing Sophos firewall ticketing applications
- Creating and updating technical documents such as case related analysis and application updates
- Identifying key risks and mitigating factors for customer bases or industry segments
- Determining escalation for security events and recommending improvements in security systems or procedures
- Conducting security audits to identify potential problems related to physical security, staff safety, or asset protection and to satisfy state and federal regulations
- Performing risk assessments and executing tests of data processing system to ensure functioning of data processing activities and security measures
- Evaluating security operations to identify risk or opportunities for improvement
- Confer with users to discuss issues such as computers data access needs security violations, and programming changes
- Producing reports or presentations that outline findings, explain risk positions, or recommend changes
- Having good critical thinking and analysis skills with the ability to create correlations and visualizations in and across tools and data sets to identify patterns, anomalous and potentially malicious behavior
- Maintained robust security posture by regularly updating security policies and procedures.
- Designed secure network architectures, incorporating best practices and latest industry standards.
- Reduced cyber threats by conducting vulnerability assessments and recommending appropriate mitigation strategies.
- Assisted in the development of disaster recovery plans, minimizing downtime during unforeseen events or incidents.
- Optimized network performance through effective monitoring and troubleshooting of security devices.
- Collaborated with IT teams to develop comprehensive incident response plans for potential security breaches.
- Implemented necessary controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
- Coordinated with third-party security information and event management (SIEM) providers to maintain protections and predict threats.
- Enhanced network security by implementing advanced firewall configurations and intrusion detection systems.
Education
Master of Science - Cyber Security
GVPCOE
Andhra Pradesh, India02.2018
Bachelor of Science - Computer Science And Engineering
Vignan's Institute of Information Technology
Andhra Pradesh, India09.2015
Skills
- Penetration Testing
- Risk Management
- Route summarization
- Vulnerability Assessment
- Event Management (SIEM)
- Incident Response
- Splunk, Wireshark
- HTML, XML, PHP, C, Java , Perl, Batch, MySql
- Network Security Design
- Access Control Management
- Security Information and Event Management
- Azure platforms
Certification
- CCNA (Cisco Certified Network Associate)
- CCNP (Cisco Certified Network Professional)
Projects
Passive IP traceback: Knowing the locations of IP spoofers based on Path Backscatters Student Alumni based on Decisive Trees Industrial Training on Top 10 vulnerabilities of OWASP
Timeline
Network Security Engineer/ Cloud Security Engineer
CSS Corp.
03.2020 - 03.2023
- CCNA (Cisco Certified Network Associate)
- CCNP (Cisco Certified Network Professional)
Master of Science - Cyber Security
GVPCOE
Bachelor of Science - Computer Science And Engineering
Vignan's Institute of Information Technology
Similar Profiles
MANO SMANO S
Technical Support Engineer at CSS CORP.Technical Support Engineer at CSS CORP.
Narayana GaragaNarayana Garaga
Senior Tech Support Engineer at Movate Technologies (CSS CORP)Senior Tech Support Engineer at Movate Technologies (CSS CORP)
Capt DeenadayalanCapt Deenadayalan
Sr. Director – Admin Operations at Movate Technologies Pvt Ltd (Earlier Known as CSS Corp Pvt Ltd)Sr. Director – Admin Operations at Movate Technologies Pvt Ltd (Earlier Known as CSS Corp Pvt Ltd)