Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Siva Sankara Prasad Ketineni

Devsecops
Hyderabad,TG

Summary

Cyber Security Professional with 9+ years of experience specializing in DevSecOps, AWS & Azure Security, SIEM (Splunk, Sentinel), SOAR, EDR ( Crowdstrike , Microsoft Defender), Threat Hunting, MIP Purview, DLP & CASB implementation, and SOC Operations. Expertise in manual and automated security testing, secure code review, SAST & DAST methodologies, and cloud security best practices. Strong background in vulnerability assessments, security automation, and security operations management.

Overview

9
9
years of professional experience
1
1
Certificate

Work History

DevSecOps Engineer

Flexera
01.2024 - 07.2024
  • Conducted manual penetration testing on web applications and APIs to identify security vulnerabilities
  • Implemented Static and Dynamic Application Security Testing (SAST & DAST) methodologies
  • Implemented Palo Alto Cortex XDR for over 5,000 cloud devices across AWS, enhancing threat detection and response in cloud environments
  • Automated security checks and misconfiguration alerts using Python, AWS Lambda, Terraform
  • Provided secure coding guidance and remediation support to development teams
  • Specialized in AWS security including IAM policies, AWS Inspector, GuardDuty, and CloudTrail analysis
  • Deployed Prisma Cloud to ensure security governance, compliance, and vulnerability management in multi-cloud environments (AWS, Azure)
  • Managed and configured Palo Alto Firewalls, establishing secure connections between cloud and on-premise environments
  • Integrated Devo SIEM, creating advanced correlation rules and dashboards, reducing incident response time by 40%
  • Automated security checks and misconfiguration alerts using AWS Lambda and CloudFormation, ensuring continuous compliance
  • Provided L3-level support, handling complex security incidents and automating remediation tasks with Terraform and Ansible

Senior Software Engineer

SA Technologies Inc.
08.2023 - 01.2024
  • Led Dell Managed Detection and Response (MDR) services in the APAC region, managing incident response for over 400+ clients
  • Deployed and supported CrowdStrike XDR, Microsoft XDR, and Dell Secureworks XDR, improving detection capabilities for more than 5,000 endpoints
  • Acted as L3 Analyst for P1 and P2 issues, addressing critical incidents across EDR, SIEM, and cloud environments (Azure, AWS)
  • Led penetration testing and security assessments for web applications, APIs, and cloud workloads
  • Conducted secure code reviews to detect business logic vulnerabilities and security flaws
  • Developed automated security scripts for vulnerability detection using Python and Bash
  • Assisted with secure authentication and authorization implementation (OAuth, JWT, SAML)
  • Enhanced SIEM & EDR correlation rules for better threat detection and incident response

Analyst Infosec Operations

Gap Inc.
04.2019 - 07.2023
  • Specialized in AWS security operations, CrowdStrike EDR Threat Hunting, and DevSecOps implementation
  • Conducted security assessments and vulnerability testing in AWS and Azure environments
  • Designed SIGMA-based threat detection rules for SIEM platforms (Splunk, ELK, Azure Sentinel)
  • Led proactive threat hunting activities across multiple data sources, identifying malicious activities, threat actors, and anomalies using CrowdStrike Falcon and Microsoft Defender ATP
  • Developed detection logic and content for identifying cyber-attacks, insider threats, and new TTPs based on the MITRE ATT&CK framework
  • Participated in SOC operations, monitoring, triaging, and escalating alerts for critical incidents (P1 and P2) using SIEM and EDR tools
  • Conducted threat intelligence-driven hunts, identifying and investigating APTs, and providing recommendations to the incident response team
  • Performed deep-dive forensic investigations on network traffic and endpoint data, hunting for adversarial behavior and malware persistence mechanisms
  • Analyzed and decoded malware, including ransomware, JavaScript-based malware, and malicious PowerShell scripts, to develop new detection signatures
  • Collaborated with the CrowdStrike Overwatch team for quarterly threat-hunting exercises, focusing on detecting APT activity and improving detection rules

Technology Analyst

Infosys
06.2017 - 04.2019
  • Led a team of 12 SOC analysts for an Animal Healthcare client, handling L2 SOC operations and escalations
  • Monitored and responded to security incidents using a broad range of tools including Splunk, Cisco AMP, FireEye NX/AX/EX, Cisco SourceFire AMP, CarbonBlack Bit9, MBAM BitLocker, Sophos AV, and Nessus
  • Managed Vulnerability Management program using Tenable Security Center, Qualys, and Nessus, conducting vulnerability assessments and scans for over 5,000 servers
  • Triaged, escalated, and remediated incidents involving malware, unauthorized access, phishing attacks, and brute-force attempts
  • Acted as the primary point of contact for high-priority incidents, coordinating across teams to mitigate and resolve P1 and P2 security issues
  • Performed detailed forensic analysis and root cause investigations for security incidents, providing actionable remediation steps
  • Provided guidance and training to SOC analysts on incident detection, investigation techniques, and response workflows
  • Managed endpoint encryption using MBAM BitLocker and performed antivirus administration with Sophos AV

Network Security Engineer

Proinf Networks
06.2015 - 06.2017
  • Installed, configured, and implemented Palo Alto and Fortinet Firewalls, ensuring secure connectivity and firewall policy management for multiple clients
  • Successfully implemented Site-to-Site IPSec VPN and GlobalProtect VPN solutions for secure remote access and inter-office connectivity
  • Administered McAfee Antivirus solutions across client environments, ensuring robust malware protection and endpoint security
  • Led the deployment of Data Loss Prevention (DLP) solutions to safeguard sensitive data and prevent data breaches
  • Provided ongoing support and configuration for network security devices, including firewalls and VPNs, to optimize performance and security
  • Conducted network security assessments and implemented security policies to prevent unauthorized access and mitigate cyber threats
  • Performed continuous monitoring and troubleshooting for network traffic, firewalls, and VPN solutions to ensure high availability and secure data transmission

Education

Bachelor of Technology - Mechanical Engineering

JNTU
Kakinada, India
04-2015

Skills

  • Cloud Security & DevSecOps: Automated security checks, vulnerability scanning, and misconfiguration detection in AWS & Azure environments using Terraform, AWS Lambda, Azure Security Center, Prisma Cloud, Defender for Cloud, and WIZ
  • Application Security & Penetration Testing: Conducted security assessments for web, API, and mobile applications, identifying and mitigating security vulnerabilities
  • Static & Dynamic Application Security Testing (SAST & DAST): Performed automated and manual security testingusing Burp Suite, OWASP ZAP, Checkmarx, and Veracode
  • Threat Hunting & EDR: Investigated advanced threats and adversary behaviors using CrowdStrike Falcon, Microsoft Defender, Carbon Black, and Dell XDR
  • Secure Coding & Code Review: Conducted secure code reviews and guided developers in Python, JavaScript, GraphQL, and REST API Security best practices
  • Threat Modeling & Risk Assessment: Implemented OWASP, STRIDE, and MITRE ATT&CKmethodologies to evaluate risk across applications and cloud environments
  • Scripting & Automation: Developed security automation scripts using Python, PowerShell, and Bash to streamline security operations
  • Security Testing Tools: Hands-on experience with Kali Linux, Metasploit, Nmap, Wireshark, SQLMap, and Nessusfor penetration testing and vulnerability scanning
  • Vulnerability & Compliance Management: Extensive experience with Qualys, Tenable, and Prisma Cloudfor vulnerability assessments, risk mitigation, and compliance tracking
  • Code & Dependency Security:Implemented security testing in CI/CD using SonarQube, GitLab Security, and Dependabot for automated dependency scanning
  • Query Languages: Skilled in SPL (Splunk), KQL (Azure Sentinel and Defender), Kibana Query Language, SIGMA format, Suricata signatures, and Yara signatures for detection engineering
  • MIP Purview & DLP Implementation: Microsoft Purview Information Protection (MIP), Data Loss Prevention (DLP), and CASB Implementations and Policy creations
  • SOC Operations & SIEM Management: Managed SOC processes, incident response, and threat detection using SIEM tools (Splunk, ELK, Sentinel, QRadar)

Certification

  • Microsoft Certified: Azure Security Engineer Associate
  • AWS Certified Solutions Architect – Professional
  • Cisco Certified Network Associate (CCNA)
  • Detection Engineering with Sigma
  • Network Cyber Threat Hunting (ICSI)
  • Certified Network Security Specialist (CNSS)
  • Practical Threat Hunting by Chris Sanders
  • AUTOPSY Digital Forensics

Timeline

DevSecOps Engineer

Flexera
01.2024 - 07.2024

Senior Software Engineer

SA Technologies Inc.
08.2023 - 01.2024

Analyst Infosec Operations

Gap Inc.
04.2019 - 07.2023

Technology Analyst

Infosys
06.2017 - 04.2019

Network Security Engineer

Proinf Networks
06.2015 - 06.2017

Bachelor of Technology - Mechanical Engineering

JNTU

Similar Profiles

  • TONIA ABREU

    TONIA ABREUTONIA ABREU

    Senior Technical Support Engineer at FlexeraSenior Technical Support Engineer at Flexera

    View Profile
  • DAN HUTCHISON

    DAN HUTCHISONDAN HUTCHISON

    Key Account Executive at FlexeraKey Account Executive at Flexera

    View Profile
  • Paul Matchett

    Paul MatchettPaul Matchett

    Staff UI Engineer at FlexeraStaff UI Engineer at Flexera

    View Profile
Siva Sankara Prasad KetineniDevsecops