Ashish Krishna
Bengaluru
Summary
Cloud Security Specialist with 5+ years of experience and a Cyber Security certification from IIIT Bangalore. Skilled in cloud risk analysis, incident response, SIEM management, and policy enforcement across GCP, AWS, and Azure. Proficient with tools like Splunk, Cortex XDR, Prisma Cloud, Terraform, and Qualys VMDR.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Senior Associate Consultant
Infosys Limited
08.2024 - Current
- Enforced cloud security policies using Prisma Cloud and Terraform for continuous monitoring and compliance integration.
- Reviewed, validated, and fine-tuned out-of-the-box (OOTB) policies to align with customer-specific requirements.
- Enabled policies using labels and integrated security alerts into ServiceNow for streamlined incident response.
- Created, tested, and deployed custom security policies using RQL (Resource Query Language) in production environments.
- Verified policy functionality by checking API coverage in Prisma; collaborated with vendor support for unsupported or unclear APIs.
- Identified and analyzed false and true positives to optimize alert quality and reduce noise.
- Disabled or rewrote non-relevant policies to improve accuracy and relevance in client environments.
Cloud Security Specialist
MetricStream ( Contractor)
11.2023 - Current
- Enhanced security by 30% through proficient management of Web Application Firewall, Proxy, & Linux
- Reduced risk by 15% & decreased risk events by 20% through managing Risk Management framework, implementing controls for mitigation, & utilizing control implementation tools, Risk event tracking system, & Risk assessment software
- Implement New Technology: Continuously evaluated the risk and security posture of organization and looked for areas of improvement by implementing new tools and checked health daily to ensure the uptime of the SIEM appliances
- Mitigated attacks on public facing portal by 30% & improved portal uptime by 20% through continuous monitoring of dashboard utilizing SIEM tools, network monitoring solutions, & firewall software
- Shared reports with the client diligently and logged source password management to ensure compliance policy
- Experienced in Reference Set management, Log source Device integration at SIEM tool and Cortex XDR
- Managed & updated content in the knowledge base document through periodic audits & manual reviews
- Enhanced operational efficiencies & identified cost savings through risk mitigation strategies resulting from internal audit & vendor assessment, utilizing attention to detail, problem-solving, & analytical skills
- Integrated AWS Config & IAM for vulnerability scanning, policy approvals, & checks, achieving a 30% drop in security incidents & a 20% compliance boost
- Regularly monitor and assess the security posture of the cloud environment using tools like Security Command Center and Forseti.
Security Specialist
Tata Consultancy Services
02.2020 - 11.2023
- Developed and maintained Security Operations Center procedures (24
- 7
- 365 security event monitoring)
- Raised security incidents as per defined severity level and alert all relevant stakeholders within defined time frame
- Configured and maintained security tools, such as firewalls, intrusion detection systems, and Event management (SIEM) systems
- Develop and implement automated security controls using tools like Cloud IAM, Cloud Armor, Cloud Security Command Center, and Forseti.
- Organized training and support to clients on security best practices Provided training and guidance to end-users on security best practices.
- Proficiency in training other analysts and team members in their respective roles and responsibilities Deployment of Kubernetes cluster in GCP
- Investigated security incidents, determined root cause, & recommended remediation measures that reduced incident response time by 40% & increased security efficacy by 30%, utilizing SIEM, firewalls, & VPNs
- Proactively identified vulnerabilities, improved overall security posture, leveraging cybersecurity expertise & Security Command Center as well as Stream security tools
- Integrate security checks into CI/CD pipelines for continuous monitoring and prevention.
- Enhanced security measures by configuring firewall policy & implementing GCP with SIEM-SPLUNK
- Conducted regular security assessments to identify and address potential security risks in your GCP environment. Implementing strong identity and access management by using IAM
- Enforcing strong password policy and 2FA
- Using Google Cloud Security Command Center to monitor visibility into GCP environment and identify security threats.
Education
MCA - Computer Applications Development
Amrita Vishwa Vidyapeetham
Bengluru, India02.2025
B. Sc. - Computer Science
University of Calicut
Kerala, India05.2019
Skills
- Information Security
- SIEM Management
- Security Operations Center
- Splunk
- Cloud Security
- Incident Management
- Vendor Assessment
- Internal Audit
- GCP
- AWS
- AZURE
- Prisma Cloud
- Qualys VMDR
- GitHub
- Terraform
Certification
- Advanced Certificate Programme in Cyber Security, IIIT-B, 09/01/22
- Data Analyst, Google Certified Professional
- Google Associate, Google Cloud Engineer Certification
- ICS CC
Timeline
Senior Associate Consultant
Infosys Limited
08.2024 - Current
Cloud Security Specialist
MetricStream ( Contractor)
11.2023 - Current
Security Specialist
Tata Consultancy Services
02.2020 - 11.2023
MCA - Computer Applications Development
Amrita Vishwa Vidyapeetham
B. Sc. - Computer Science
University of Calicut
Similar Profiles
Ashokkumar AvudainayagamAshokkumar Avudainayagam
Lead Data Engineer at Infosys LimitedLead Data Engineer at Infosys Limited
Ritika KainturaRitika Kaintura
Technology Analyst at Infosys LimitedTechnology Analyst at Infosys Limited
Ekta DakhaneEkta Dakhane
Technology Analyst at Infosys LimitedTechnology Analyst at Infosys Limited
Yaman KalraYaman Kalra
Senior Project Manager at Define LabsSenior Project Manager at Define Labs
Hunain KhaleelHunain Khaleel
Product Manager at IBMProduct Manager at IBM