CLOUD SECURITY ARCHITECT

Dinesh Chirra
901-468-6085
[email protected]

Cloud Security Architect with 10 years of experience in Information Security, Cloud Security,
Infrastructure Security, SOC Operations, Incident Response, Threat Hunting, Threat Detection,
Network Security, Application Security, IDS/IPS, Firewalls, Switches, Routers, Vulnerability
Scanning, Penetration Testing, Risk Assessment, SIEM/SOAR, Monitoring and Administration.
Skilled in implementing information security infrastructure and balancing security initiatives to
external risks and business operations.

CERTIFIED in CISA and CompTIA Security + Certificate.

PROFESSIONAL EXPERIENCE

Publicis Sapient Jan 2022 - Present

Sr. Cloud Security Architect

• Experienced in SIEM/SOAR Implementation & its Integration with other N/W devices and
Applications and the troubleshooting work.
• Expertise in developing the complex Use Cases, Universal Device Support Modules (DSM’s)
on the QRadar SIEM/SOAR.
• Design, develop and maintain integrations between various systems using the Python
framework.
• Experience with deploying large-scale Elasticsearch and Tines clusters in AWS.
• Primary lead for a QRadar project. Environment consisted of thousands of WinCollect agents,
over 100 managed hosts and high availability (console, EP and FP’s).
• Worked on QRadar log source management system and troubleshooting them.
• Implemented and upgraded Snort on RedHat Linux CentOS 6,7 and 8 Operating systems.
• Performed vulnerability scanning on multiple web applications using IBM AppScan.
• Experienced in SIEM/SOAR Implementation & its Integration with other N/W devices and
Applications and the troubleshooting work.
• Expertise in developing the complex Use Cases, Universal Device Support Modules (DSM’s)
on the QRadar SIEM/SOAR.
• Design, develop and maintain integrations between various systems using the Python
framework.
• Experience with deploying large-scale Elasticsearch and Tines clusters in AWS.
• Performed vulnerability/risk assessment analysis to support certification and accreditation,
Provides configuration management (CM) for information system security Officer, FISMA,
hardware, and firmware.
• Expert in creating repository in Art factory and publish vulnerable open source component to
the new repository.
• Expertise in Conducting Phishing campaigns within the organization to create awareness to the
employees on Phishing attacks.
• Performed L2 & L3 kind of support at SOC Monitoring.
 • Conducted Gophish Phishing campaigns every month within an organization using custom
templates, landing pages, and sending profiles.
• Having Very Good Experience in UNIX commands.

InEight Scottdale, AZ
Feb 2021 – Dec 2021
Sr. Cloud Security Architect

• Planning, implementing, upgrading, and monitoring security measures for the protection of
computer network security and information.
• Executed daily vulnerability assessments, threat assessment, and mitigation and reporting
activities to safeguard information assets and ensure protection has been put in place on the
systems.
• Worked with lot of systems owners to onboard End Point Security, EDR, CASB, DLP systems
to QRadar.
• Experience in Google Cloud Platform (GCP) Cloud Solutions Architect with extensive
experience in migrating data from on-premises data centers to GCP clusters.
• Designed GCP cloud architectural components such as backup, archive and replication in
preparation for migration into GCP cluster implementation with GCP central for replication
between regions.
• Experience and SME on integration with Cascade, Firemon and Citrix, NG911 Systems &
other critical security service.
• Worked on Creating multiple Custom DSM’s and Parsed and mapped all the events on QRadar.
• Worked Closely with SOC team to Configure Offenses and tuned them to exclude false
positive alerts on QRadar.
• Had hands on experience Comply-to-Connect (C2C) and tools such as Forescout and Cisco
ISE.
• Strong Technical Skills in Integrating Tenable.cs into AWS, Azure Sentinel ,ADX, and GCP
environments.
• Experience in Configuring, updating, and maintain security tools used for endpoint security,
log collection and reporting, vulnerability, and compliance scanning including Azure Sentinel,
Azure Security Center.
• Performed hands-on evaluation, implementation, troubleshooting and operation of leading
security Cyber defense tools and technologies (including but not limited to ForeScout).
• Experienced in troubleshooting and daily maintenance of ForeScout appliances.
• I had Installed and deployed ForeScout in a large government environment.
• Design, develop and maintain integrations between various systems using the Python
framework.
• Experience with deploying large-scale Elasticsearch and Tines clusters in AWS.
• Expert in creating repository in Art factory and publish vulnerable open source component to
the new repository.
• Expertise in Conducting Phishing campaigns within the organization to create awareness to the
employees on Phishing attacks.
• Performed L2 & L3 kind of support at SOC Monitoring.
 • Conducted Gophish Phishing campaigns every month within an organization using custom
templates, landing pages, and sending profiles.
• Having Very Good Experience in UNIX commands.
• Experienced in log collection methodologies and aggregation techniques such as Syslog-NG,
rsyslog, NxLog, Snare, WinCollect and Windows Event Forwarding.
• Expertise in Application Security program (DAST and SAST) at the enterprise level to identify,
report and remediate security vulnerabilities from applications deployed in DEV and PROD
environments.
• Expertise in line support to customer meetings and audit requests to ensure that OneTrust's
customers understand the security program and controls and how it meets the requirements of
the customer.
• Hands-on experience in implementing Data Privacy Solution like OneTrust.
• Dell Quest TPAM, Thycotic Secret Server, or CyberArk.
• Conducted vulnerability assessments and penetration testing to identify and prioritize risks.

Fannie Mae Reston, VA

Sr. Cloud Security Architect Nov 2018 – Jan 2021

• Assists in planning and deployment of disaster recovery procedures.

• Installed NxLog agent on multiple devices for event log collection.
• Performed upgrades on NxLog Managers and NxLog agent servers.
• Build and tune custom cases, dashboards, searches, reports on SIEM/SOAR platform based on
cybersecurity and business needs.
• Develop, implement, and execute standard procedures for the administration, content
management, change management, version/patch management, and lifecycle management of
the SIEM/SOAR Log Management platforms.
• Designed GCP cloud architectural components such as backup, archive and replication in
preparation for migration into GCP cluster implementation with GCP central for replication
between regions.
• Design, develop and maintain integrations between various systems using the Python
framework.
• Experience and SME on integration with Cascade, Firemon and Citrix, NG911 Systems &
other critical security service.
• SME in Secrets Management and Privileged Access Management tools such as - CA PAM,
Dell Quest TPAM, Thycotic Secret Server, or CyberArk.
• Performed Static and Dynamic Analysis and Security Testing (SAST and DAST) for various
applications as per firm’s security standards (i.e., OWASP, SANS).
• Strong Technical Skills in Integrating Tenable.cs into AWS, Azure Sentinel ,ADX, and GCP
environments.
• Experience in Configuring, updating, and maintain security tools used for endpoint security,
log collection and reporting, vulnerability, and compliance scanning including Azure Sentinel,
Azure Security Center.
• Administer and maintain security products such as vulnerability management, web application
firewall, SOC, DAST, SAST, EDR, DLP etc.
• Evaluate existing SIEM/SOAR content and use cases and adapt them to meet our customer’s
goals.
• Acted as a point of escalation for SIEM/SOAR and provide guidance and mentoring to
associate security engineers/analysts.
 • Responsible for SOC operations in 24x7 environment.
• Good knowledge of Cybersecurity Governance and Compliance frameworks.
• Integrated QRadar with multiple applications like CrowdStrike, Cylance, Carbon Black, Prisma
Cloud, Appian, CASB, Okta, Cloudflare, Office365 and many others.
• Experience in Security Incident Management, Incident Response, Firewall technologies,
IPS/IDS, LAN/WAN Cisco routers and switches, Understanding of PCI DSS Compliance
requirements.
• Research, analyze and understand log sources utilized for the purpose of security monitoring,
particularly security and networking devices (such as firewalls, routers, anti-virus products,
proxies, and operating systems).
• Provides direct administration and ownership of SIEM/SOAR to include configuration, access
control, tuning, integration to QRoC, and continuous improvement activities.
• Worked on Migrated log sources to Cloud QRoC.
• Development and execution of security controls, defenses, and counter measures via tools like
Data Loss Prevention (DLP), UEBA and CASB.
• Provided recommendations to overall system deployment and design of SIEM environment.

GOLDMAN SACHS Salt Lake City, Utah

Cloud Security Analyst October 2017 - October 2018

• Primary lead for a QRadar project. Environment consisted of thousands of WinCollect agents,
over 100 managed hosts and high availability (console, EP and FP’s).
• Worked on QRadar log source management system and troubleshooting them.
• Implemented and upgraded Snort on RedHat Linux CentOS 6,7 and 8 Operating systems.
• Performed vulnerability scanning on multiple web applications using IBM AppScan.
• Experienced in SIEM/SOAR Implementation & its Integration with other N/W devices and
Applications and the troubleshooting work.
• Expertise in developing the complex Use Cases, Universal Device Support Modules (DSM’s)
on the QRadar SIEM/SOAR.
• Design, develop and maintain integrations between various systems using the Python
framework.
• Experience with deploying large-scale Elasticsearch and Tines clusters in AWS.
• Performed vulnerability/risk assessment analysis to support certification and accreditation,
Provides configuration management (CM) for information system security Officer, FISMA,
hardware, and firmware.
• Hands-on experience in implementing Data Privacy Solution like OneTrust.
• Hands on experience in implementing consent and preference management using OneTrust.
• Designed GCP cloud architectural components such as backup, archive and replication in
preparation for migration into GCP cluster implementation with GCP central for replication
between regions.
• Shift JFrog's focus from creating the forecast to understanding and acting on the forecast
(identifying business risks, highlighting opportunities, etc.0

• Assist with security projects related to data access, integrity, confidentiality, IT disaster
recovery and business continuity.
• Experienced in troubleshooting and daily maintenance of ForeScout appliances.
• I had Installed and deployed ForeScout in a large government environment.
 • Having Very Good Experience in UNIX commands.
• Skilled at performing penetration testing using both SAST & DAST methodologies.
• Conducted vulnerability assessments and penetration testing to identify and prioritize risks.
• Identify web application security vulnerabilities (SAST/DAST) and offer resolution advice to
the system owners.
• Experienced in Contribute to improving Imperva’s global network performance and stability.
• Executed and provided remediation support for Static Application Security Testing (SAST)
assessments against .NET, Java, Android, and iOS applications.
• Experience with Pen testing/Vulnerability Scanning tools such as IBM AppScan, Tenable
Nessus, Rapid7 and Burp Suite.
• Having Very Good experience in computing with packaging the Tenable agent for software
distribution.
• Interacting with technical teams with Tenable agent install for non-automated environments.
• Worked with Tenable to get Tenable.ad installation completed in our environment.
• Strong Technical Skills in Integrating Tenable.cs into AWS, Azure Sentinel ,ADX, and GCP
environments.
• Experienced in Authentication, End Point Security, Internet Policy Enforcement, Firewalls,
Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions.
• Integrated Cisco Sourcefire IPS with QRadar by using Estreamer Protocol.
• Collected data on Attacks to help SOC engineers create reports for auditing purposes.
• Experience with developing alerts and setting policies within IDS/IPS/HIPS systems, including
Snort or Sourcefire or McAfee Host based Security System.
• Monitored agencies sensors and SOC (Security Operation Center) systems for incidents and
malicious activity.
• Static (SAST) & Dynamic (DAST) Application Security Testing or penetration testing of
applications and source code, auditing results with development and/or security teams and
offering plans for remediation of vulnerabilities.
• Responsible for conducting automated and manual tests of information systems, including
internal and external network penetration testing, vulnerability scans, threat modeling,
information system architecture assessments and Web application testing.

EVEREST Liberty Corner, NJ

Security Engineer January 2017 - September 2017

• Log source tuning and remediation. This includes rules testing, LSX reconfiguration, and use of
the DSM editor to help extract properties from payloads.
• Worked closely with the Security Operations Center (SOC) Team to set up security
alerts on new sensors and new server installations in Datacenters.
• Responsible for detection and analysis of IT security threats, containment, eradication, and
recovery.
• Assist with security projects related to data access, integrity, confidentiality, IT disaster
recovery and business continuity.
• Experienced in Contribute to improving Imperva’s global network performance and stability.
• Experience in Google Cloud Platform (GCP) Cloud Solutions Architect with extensive
experience in migrating data from on-premises data centers to GCP clusters.
• Design, develop and maintain integrations between various systems using the Python
framework.
 • Strong Technical Skills in Integrating Tenable.cs into AWS, Azure Sentinel ,ADX, and GCP
environments.
• Experience in Configuring, updating, and maintain security tools used for endpoint security,
log collection and reporting, vulnerability, and compliance scanning including Azure Sentinel,
Azure Security Center.
• SME in Secrets Management and Privileged Access Management tools such as - CA PAM,
Dell Quest TPAM, Thycotic Secret Server, or CyberArk.
• Conducted vulnerability assessments and penetration testing to identify and prioritize risks.
• Designed GCP cloud architectural components such as backup, archive and replication in
preparation for migration into GCP cluster implementation with GCP central for replication
between regions.
• Expertise in API security Testing.
• Develop, implement, and maintain IT security solutions including firewalls, spam filtering,
SIEM, multi-factor authentication, and intrusion detection/prevention systems.
• Strong Technical Skills in Integrating Tenable.cs into AWS, Azure Sentinel, and GCP
environments.
• Experience in Configuring, updating, and maintain security tools used for endpoint security,
log collection and reporting, vulnerability, and compliance scanning including Azure Sentinel,
Azure Security Center.
• Working knowledge of PCI DSS, HIPAA, and SOX compliance.
• Strong experience with cloud security strategy, cloud provider ecosystems (Amazon AWS/
Microsoft Azure Sentinel) & migrating Enterprise from traditional data center Infrastructure,
Application and Data designs.

TECHINPRO SOLUTIONS Hyderabad, India

Security Engineer April 2013 - July 2015

• Analyzed a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS,
Syslog, etc.) to determine the correct remediation actions and escalation paths for each incident.
• Investigate any actual or potential information security incidents. Provide periodic reporting on
information security issues.
• Hands-on experience with various security tools and technologies such as SIEM, SAST and
DAST tools, Kali Linux, IAM, Nessus, Wireshark, tcpdump, etc.
• Experience with applying Common Weakness Enumeration (CWE), Common Vulnerability
Scoring System (CVSS), Common Vulnerabilities and Exposures (CVE) and Open Web
Application Security Project (OWASP) processes and remediation recommendations.
• Experience with common Web security vulnerabilities, logic vulnerabilities and their principles
in OWASP. Experience with Pen testing/Vulnerability Scanning tools such as IBM AppScan,
Tenable Nessus, Rapid7 and Burp Suite.
• Having Very Good experience in computing with packaging the Tenable agent for software
distribution.
• Experience in Configuring, updating, and maintain security tools used for endpoint security,
log collection and reporting, vulnerability, and compliance scanning including Azure Sentinel,
Azure Security Center.
• Conducted vulnerability assessments and penetration testing to identify and prioritize risks.
• Performed Penetration Testing of Network, Web, Mobile, and Wireless environments.
• Created, maintained, and grow penetration testing tool suites and automation of tasks using
commercial and open-source software
 • Understand customers compliance and security requirements and design end-to-end solutions
based on the Qualys web application security product line.
• Maintained baseline system security according to STIG organizational policies.
• Knowledge of industry standard control frameworks (e.g., NIST, SOC2).

EDUCATION
CHRISTIAN BROTHERS UNIVERSITY Memphis, TN
Master of Science in Computer and Information
Science, December 2016
Vignan University (INDIA, AP)
Bachelor of Technology in Computers, 2013

ADDITIONAL SKILLS
Skills: Cyber Security, Information Security, SIEM, Splunk, Malware Analysis, Risk Analysis, Python
Scripting, Cloud Security, Automation/DevOps, Reverse Engineering, Ansible, Palo Alto, FortiGate,
Cisco ASA, CI/CD, AWS, Azure, Penetration Testing, AppScan, Tenable Nessus, EDR, DLP