Summary
Overview
Work History
Education
Skills
Languages
Certification
Accomplishments
Timeline
Generic

Vinod Kumar Gurrala

Bangalore

Summary

Technical expert with 7 years of experience in IT and cybersecurity, with deep expertise in information security, audit and compliance assessments, and vulnerability management. Proven ability to perform comprehensive risk assessments, manage data loss prevention (DLP) initiatives, and conduct detailed cybersecurity analysis to identify, evaluate, and mitigate threats. Skilled in aligning security operations with business goals, ensuring regulatory compliance, and supporting secure IT infrastructure across diverse environments.

Overview

7
7
years of professional experience
1
1
Certification

Work History

Senior Security Engineer

Ericsson
Bangalore
01.2022 - Current

Work as a Cybersecurity Advisor for one of the largest telecommunication organization in Africa. Expertise in handling information security audits and compliance assessments for evaluating the effectiveness of controls, regulatory compliance, and standards like ISO, PCI DSS, CIS, and NIST, as well as OWASP. Managed overall IT security and compliance, including security control assessments, recommendations for prevention, mitigation, and compensation controls, management of MBSS (minimum baseline security standards), vulnerability management, and remediation in order to maintain appropriate levels of security and compliance with information security standards. Provide security expertise and guidance on cloud infrastructure, and vulnerability risks. Develop initiatives and cloud security improvements that contribute to delivering an optimized security posture. Lead the engineering teams to design, build, and maintain security services, hardening the security of clients platforms. Build, improve, and drive security monitoring, and assist in driving automation efforts for vulnerability risks. Proactively identify security weaknesses within systems. Document vulnerabilities and their remediation with an agreed SLA for future reference. Monitoring threat alerts and handling incidents across the integrated devices from Office 365 Defender. Conduct governance calls with business stakeholders and the internal team to discuss account updates. Drive information security risk assessments, impact analyses, and follow up on findings. Write security reports, including findings, conclusions, and remediation for further system security improvements. Automating security manual work into intelligent, actionable processes. Provide preparation for security-related audits and assessments carried out by internal and external audit parties, and coordinate the remediation effort of any identified nonconformities or observations.

Security Analyst

wipro
Bangalore
05.2018 - 12.2021

Works as a Security Analyst in Information Security on security operations, incident management, intrusion detection, and security event analysis using SIEM tools like Splunk and QRadar. Execute the cybersecurity strategy and infrastructure for the company, including the development of a threat management vulnerability framework to protect the core business system. Identify, investigate, and recognize security incidents based on their signatures, behaviors, and escalate them to the respective teams. Involved in 24/7 operations of the Security Operations Center (SOC), providing continuous log monitoring, security information management (SIM), and global threat monitoring to detect, analyze, and respond to cybersecurity incidents. Creation of new content (use cases, queries, reports) within the SIEM platform (Splunk). Responsible for monitoring, analyzing, and responding to phishing attempts to identify potential threats, and prevent security breaches. Maintain the security risk register and track risk mitigation activities, working with stakeholders, and action owners.

Education

Bachelor of Technology - Mechanical Engineering

Jawaharlal Nehru Technological University
Kakinada
05-2013

Skills

  • Information security
  • Governance, Risk, and Compliance
  • Cloud security knowledge, Azure
  • Vulnerability Assessment: Tenable Nessus
  • SIEM: QRadar, Splunk, Microsoft Sentinel
  • Incident response
  • Threat analysis
  • Security auditing
  • End Point Detection and Response (EDR): Microsoft Defender, CrowdStrike Falcon
  • Multiple customer control program
  • Team collaboration

Languages

Telugu
First Language
English
Proficient (C2)
C2
Hindi
Upper Intermediate (B2)
B2

Certification

  • Certified Ethical Hacker v7 (CEH)
  • Certified in Cybersecurity (CC) from ISC2
  • ITIL Foundation Certificate in IT Service Management
  • SC-200: Microsoft Security Operations Analyst
  • Pursuing ISO 27001: 2022 Lead Auditor

Accomplishments

  • Received the award for 'Achievement in Customer Excellence 2023' in Ericsson, India
  • Received the 'Impact Award 2024' at Ericsson, India

Timeline

Senior Security Engineer

Ericsson
01.2022 - Current

Security Analyst

wipro
05.2018 - 12.2021

Bachelor of Technology - Mechanical Engineering

Jawaharlal Nehru Technological University
Vinod Kumar Gurrala