Sonali Pradhan
Bangalore
Summary
Technology Security Specialist with 9 years of experience in securing multi-cloud environments (AWS, Azure, GCP, OCI, Alibaba). Skilled in Cloud Compliance (Prisma), Vulnerability Management (Qualys), Network Security, and Incident Response. Proven ability to design secure architectures, mitigate risks, and develop controls aligned with CIS Benchmarks. Seeking growth opportunities in a learning-focused organization.
Overview
9
9
years of professional experience
Work History
Security Delivery Specialist
Accenture
Bangalore
02.2020 - Current
- Conducted compliance assessments across AWS, Azure, GCP, OCI, and Alibaba using Prisma Cloud, developing over 200 custom controls and RQL queries aligned with security standards.
- Managed cloud security posture and led the design of Zero Trust architectures, working closely with DevOps to integrate security into CI/CD pipelines and automate remediation.
- Created detailed control specifications, remediation documents, and collaborated with cross-functional teams to ensure effective implementation of security policies and procedures.
- Architected cloud-native security solutions to meet evolving regulatory and organizational security requirements, ensuring scalability and resilience.
- Advised stakeholders on secure cloud migration strategies, bridging security gaps by aligning business goals with technical security controls and industry best practices.
- Collaborated with third-party vendors to fast-track implementation timelines and ensure seamless API integrations for security tooling and automation workflows.
- Installed, configured, and administered Qualys scanners across diverse infrastructures.
- Created Policy Compliance Controls for several technologies including Windows and Linux, aligned with internal standards and security benchmarks.
- Conducted policy compliance scans, ran ad-hoc scans, and generated detailed reports to support patching and compliance teams.
- Onboarded and decommissioned servers, managed cloud agent deployment, and addressed scan failures or unreachable IPs.
- Approved and tracked false positives and exceptions based on verified evidence from server owners.
- Monitored scanner health and coordinated with POCs to resolve issues with offline scanners.
- Maintained documentation for processes and compliance measurement activities.
- Performed vulnerability assessments and compliance checks for network devices in Microfocus Network Automation (NA).
- Evaluated firewall rule sets using FireMon, ensuring compliance with security standards and eliminating insecure port traffic.
- Managed configuration pulls, reachability checks, and alignment of controls with organizational security policies.
- Developed Python scripts to automate tasks and enforce compliance, particularly for SSL VPN configurations and routine security checks.
- Continuously improved scripts to keep up with evolving security requirements.
- As a Team Lead, I conducted performance evaluations, drove process optimization, facilitated knowledge transfer (KT), and oversaw the onboarding of new members, while providing continuous guidance and support for team development.
Security Analyst
Infosys Ltd.
Bangalore
06.2016 - 01.2020
- Scanned IPs and hosts, vulnerability assessment reporting and remediating tracking using Qualys Guard.
- Monitoring suspicious emails, handling and notifying tickets for phishing emails including performing analysis of the phishing emails.
- Traffic analysis using Tanium and BlueCoat.
- Alert Detection from Symantec MSS and IBM Resilient.
- Handling different types of alert in IBM Resilient such as Phishing Emails, Potential Trojan, FireEye Retro MSS Escalation, Ransomware alerts.
- Blocking malicious IPs, URLs, Domains after analyzing from tools like Virus Total, QualysGuard, BlueCoat sitereview, IPvoid, Zscalar, Whois Domain, FireEye.
- Analyze the log details from Symantec MSS, RSA, Splunk, SEPM.
- Run Antivirus and Vulnerability Scans on client machines using Symantec and Qualys Guard respectively.
Education
Master’s in business administration - Information Technology
ISBM University
01.2022
Bachelor Of Science - Information Science and Telecommunication
Ravenshaw University
01.2016
Skills
- Cloud platforms: Azure, AWS, GCP, OCI, Alibaba
- Security tools: Prisma, Wiz, Qualys, Tanium, Nessus
- Endpoint protection: Symantec SEPM, Symantec MSS
- Incident response: RSA, IBM Resilient
- Data analysis: Splunk
- Network security: MFNA, FireMon
- IT service management: ServiceNow
- Email security: IronPort
- Web security: Zscaler, BlueCoat SiteReview
- Threat detection: FireEye
- Security architecture: Zero Trust Architecture
- Compliance frameworks: NIST, ISO, CIS, GDPR
- AI engineering: Generative AI prompt engineering
Certifications:
- Certified Ethical Hacker
- AZ-900, AZ-500
- Certificate of Cloud Security Knowledge
- Splunk Fundamentals
- ITIL
Timeline
Security Delivery Specialist
Accenture
02.2020 - Current
Security Analyst
Infosys Ltd.
06.2016 - 01.2020
Master’s in business administration - Information Technology
ISBM University
Bachelor Of Science - Information Science and Telecommunication
Ravenshaw University
Similar Profiles
Amanjot Kaur LambaAmanjot Kaur Lamba
Workday Integration Consultant at AccentureWorkday Integration Consultant at Accenture
Sumit PatilSumit Patil
SAP Security and GRC Consultant at AccentureSAP Security and GRC Consultant at Accenture
Sajal BhardwajSajal Bhardwaj
People Advisor Analyst, HRBP at AccenturePeople Advisor Analyst, HRBP at Accenture
Priyanka GhoshPriyanka Ghosh
Instructional Design Analyst at AccentureInstructional Design Analyst at Accenture
Muskan JainMuskan Jain
Associate – Bid Management at Subex Ltd.Associate – Bid Management at Subex Ltd.