Sairam Nalluri
Technical Lead - Information Security
Hyderabad
Summary
Cyber security professional with over 9.5 years of experience in product security, application security, SAST, DAST, DevSecOps, third-party risk assessments, privacy assessments, cloud security, and vulnerability management. Deep understanding of various security tools and frameworks, with expertise in OWASP Top 10, SANS, GDPR, ISO27001, and SOC2 Type2 audit controls.
Overview
10
10
years of professional experience
4
4
years of post-secondary education
Work History
Information Security Lead
Tata Consultancy Services
Hyderabad
01.2023 - Current
- Led Threat Modelling and MSR Risk Assessments for Cisco In-house Apps
- Conducting penetration testing on web and mobile applications
- Performing SAST and Open-source library reviews
- Managing the Vulnerability Management and Cloud Security Hygiene programs
Associate Consultant
Tech Mahindra
12.2021 - 01.2023
- Conducted Third-party Vendor Assessments for Cisco based vendors as per SOC2 Type 2, ISO27001 standards
- Conducted Privacy Impact Assessments
- Collaborated with business units to provide remediation plans for identified risks based on data classification and integrations
Product Security Engineer
Carrier
10.2020 - 12.2021
- Performed Thread modeling for the Firmware, Mobile applications
- Performed the risk assessment and privacy impact assessments
- Performed penetration testing on web, mobile, and firmware applications
- Conducted secure code reviews and open-source library reviews using Coverity, BlackDuck
- Prepared comprehensive security assessment reports and providing recommendations to the stakeholders to remediate the vulnerabilities
Security Analyst
ValueLabs
07.2015 - 10.2020
- Performed penetration testing on web and mobile applications
- Conducted SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) using automated tools, with a focus on analyzing and eliminating false positives from scan reports to ensure accurate vulnerability assessments
- Implemented the end-to-end CI/CD pipeline by integrating the SAST and DAST scans
- Provided security training and awareness programs for new hires and internal teams
Education
Bachelor of Technology - BTech - Computer Science
IIIT Nuzvid
Nuzvid 05.2011 - 05.2015
Skills
Product security
Application Security
SAST
DAST
Threat Modeling
Penetration Testi
undefinedTimeline
Information Security Lead
Tata Consultancy Services
01.2023 - Current
Associate Consultant
Tech Mahindra
12.2021 - 01.2023
Product Security Engineer
Carrier
10.2020 - 12.2021
Security Analyst
ValueLabs
07.2015 - 10.2020
Bachelor of Technology - BTech - Computer Science
IIIT Nuzvid
05.2011 - 05.2015
Similar Profiles
Vrunda ChindhadeVrunda Chindhade
HR Manager at Tata Consultancy Services, TCS, Tata Consultancy Services LimitedHR Manager at Tata Consultancy Services, TCS, Tata Consultancy Services Limited
Sreya BasuSreya Basu
Procare Analyst at Tata Steel(Tata Consultancy Services)Procare Analyst at Tata Steel(Tata Consultancy Services)
Arun VArun V
Program Manager at Tata consultancy services | Financial Ombudsman ServicesProgram Manager at Tata consultancy services | Financial Ombudsman Services