Summary
Overview
Work History
Education
Skills
Certification
Projects
Accomplishments
Timeline
Generic

Karthik Devan

Chennai

Summary

Cybersecurity analyst with extensive experience in PCI DSS compliance, cloud and application security, and vulnerability management, pursuing roles centered on security and compliance.

Overview

2
2
years of professional experience
5
5
Certification

Work History

PCI DSS Analyst

SISA Information Security
Bangalore
05.2024 - Current
  • Conducted PCI DSS gap assessments across cloud, on-prem, and hybrid environments, enabling clients to align with v4.0 and v4.0.1 requirements and develop targeted remediation roadmaps.
  • Orchestrated PCI DSS scoping and segmentation for Fintech and BPO clients; reduced the in-scope environment by 35%, resulting in a $5,000+ reduction in annual audit costs and operational overhead.
  • Evaluated payment gateway security architecture against PCI DSS requirements, documenting 40+ cardholder data flows and supporting encryption and key management controls to remediate gaps prior to external QSA assessments.
  • Automated vulnerability management via a Python-based Qualys API v2 framework, enabling scheduled authenticated scans across on-prem and AWS and cutting audit preparation effort by 60%.
  • Audited 8+ e-commerce storefronts under SAQ-A framework; streamlined third-party vendor validation processes to achieve 100% adherence to PCI DSS outsourcing requirements.
  • Synthesized technical security artifacts (IVA, ASV, SPT, and Pen-test results); translated technical vulnerabilities into actionable remediation tasks, reducing Time-to-Compliance by 40%.
  • Prepared ROC and AOC documentation, liaising with 3 QSAs as the primary technical contact.
  • Honored with 3 Employee of the Month awards for maintaining a 100% on-time delivery record across 12+ concurrent compliance projects.

Automotive Cybersecurity Engineer

Vitesco Technologies
Chicago
05.2022 - 08.2022
  • Performed cybersecurity testing for 3 ECUs using Vector CANoe, addressing critical vulnerabilities in ECU security, communication, and CAN authentication with cryptography and signature methods.
  • Debugged entropy generation algorithms in embedded C for the ECU, contributing to a 10% reduction in security vulnerabilities.
  • Conducted 80+ hardware security module (HSM) tests for the ECU to ensure data integrity.

Cybersecurity Engineer

Accuknox
Chennai
10.2020 - 06.2021
  • Implemented robust network segmentation and micro-segmentation policies using Kubernetes Network Policies and Calico, reducing the attack surface by 30% and limiting the blast radius of potential breaches.
  • Reduced vulnerability exposure by 25% through the implementation of a comprehensive container security framework, utilizing tools like Trivy and Clair for image scanning and vulnerability assessment.
  • Collaborated with software development team to design and implement role-based access control (RBAC) with Keycloak, streamlining user-role management through SQL database integration.

Education

Master of Science - Cybersecurity

Illinois Institute of Technology
Chicago, Illinois, U.S.A
05.2023

Bachelor of Science - Information Technology

SRM University
Chennai , Tamil Nadu, India
06.2020

Skills

  • Compliance
  • PCI DSS
  • Scoping
  • Segmentation
  • Penetration Testing
  • Vulnerability Assessments
  • RBAC
  • IAM Policies
  • Documentation
  • Cloud Security
  • Network Security
  • Application Security
  • AWS,GCP,Azure
  • C
  • Nmap
  • Python
  • Qualys
  • Cryptography

Certification

• ISO 27001 Lead Auditor
• Qualys Certified Specialist (PCI Compliance)
• NCL Spring 2022 Team Game - U.S. chapter
• NCL Spring 2022 Individual game
• CyberArk Certified Trustee
• Certified Payment Industry Security Implementer (CPISI)

Projects

  • Android malware analysis

Analyzed Android malware using Wireshark, identifying 50+ malicious channels and data exfiltration, produced reports on Android malware, leveraging Wireshark, tcpdump, and IDS/IPS for threat intelligence, analyzed over 50 Android malware samples using Ghidra, IDA Pro, Binary Ninja, and Frida on a Kali Linux platform, leading to enhanced threat detection and more effective mitigation strategies

  • Heart disease prediction using machine learning and embedded systems

Led a team of five in developing a cardiac monitoring system with an IoT smartwatch consisting of heart and temperature sensors, supported by a mobile app to monitor the sensor values, and obtained an accuracy of 91.4% using the SVM algorithm after data pre-processing, data cleaning, and Tableau for data aggregation and statistical analysis

Accomplishments

Above and Beyond Award - October 2025

Timeline

PCI DSS Analyst

SISA Information Security
05.2024 - Current

Automotive Cybersecurity Engineer

Vitesco Technologies
05.2022 - 08.2022

Cybersecurity Engineer

Accuknox
10.2020 - 06.2021

Master of Science - Cybersecurity

Illinois Institute of Technology

Bachelor of Science - Information Technology

SRM University

Similar Profiles

  • Pravallika TatineniPravallika Tatineni

    PCI DSS Auditor & Vulnerability Management / Risk Analyst at Herbalife NutritionPCI DSS Auditor & Vulnerability Management / Risk Analyst at Herbalife Nutrition

  • OLUMIDE ASALUOLUMIDE ASALU

    PCI DSS Security Analyst at Baxter Clewis ConsultingPCI DSS Security Analyst at Baxter Clewis Consulting

  • Nkemdilim AigbogunNkemdilim Aigbogun

    GRC Analyst - PCI DSS at NAGRC Analyst - PCI DSS at NA

  • S KS K

    Senior GRC & PCI DSS Compliance SME at MiGSO-PCUBED (MP)Senior GRC & PCI DSS Compliance SME at MiGSO-PCUBED (MP)

CREATE PROFILE
Karthik Devan