Santosh Kumar Chilla

As a Program Cybersecurity Engineer, I played a pivotal role in enhancing the cybersecurity posture of our R&D product portfolio, specifically tailored for Operational Technology (OT) environments. My key contributions included:

KRA and Deliverables.

• Cybersecurity Management Plan.
• Program Cybersecurity Analysis.
• Program Cybersecurity Verification Report.
• Program: Cybersecurity Case.
• Threat Model.
• Program Cybersecurity Evaluation Plan.
• Vulnerability Management.
• Allocating IEC 62443 Requirements: Successfully mapped and integrated IEC 62443 cybersecurity standards into our R&D product portfolio, ensuring compliance, and robust security measures across all products.
• Collaboration with R&D Teams: Worked closely with R&D teams to understand product functionalities, and seamlessly incorporate cybersecurity requirements without compromising on performance or innovation.
• Risk Assessment and Mitigation: Conducted thorough risk assessments to identify potential vulnerabilities, and implemented mitigation strategies to safeguard against cyber threats.
• Training and Awareness: Developed and delivered training programs to enhance cybersecurity awareness among R&D personnel, fostering a culture of security-first thinking.
• Continuous Improvement: Engaged in continuous monitoring and improvement of cybersecurity practices, staying abreast of the latest threats, and ensuring our products remain secure and resilient.
• Threat Modeling: Developed and implemented detailed threat models to identify, assess, and mitigate potential security threats across our R&D product portfolio.

Transverse Activities

• Performed regular penetration tests to identify weaknesses in the system.
• Performed source composition analysis using the Synopsis Black Duck tool to identify operational risk by using open-source components.
• Trained personnel on proper use of data encryption techniques.
• Responded quickly to any alerts generated by the organization's cybersecurity systems.
• Collaborated with IT teams to develop secure configurations for operating systems, applications, and hardware devices.
• Maintained up-to-date knowledge of cybersecurity trends, threats, and vulnerabilities.
• Identified potential cyber threats and assessed risk levels of new technologies.
• Provided technical advice on security best practices and procedures.
• Contributed innovative ideas and solutions to enhance team performance and outcomes.

• Created technical documentation for various coursework and practical labs.
• Creating CTF challenges on various vulnerabilities and exploitation methods on multiple cloud platforms like LabOnDemand & CloudLab.
• Research various cybersecurity concepts and implement them in the CloudLab.
• Created practical challenges for various courses like CEHv11, and CCTv1 & CPENT WAHS.
• Product Research & Development
• Technical Writing
• Lab Architecture & Deployment
• Subject Matter Expert for NICE Framework