Kumaran Ramachandran

Developed and implemented a comprehensive application security program, reducing identified vulnerabilities by 40% within the first year. Led a team of security engineers in conducting threat modeling exercises for critical applications, identifying and mitigating potential security risks. Reduced onboarding time for new security tools by 20% through streamlined processes and user training Established a security awareness training program for developers, resulting in a 25% increase in secure coding practices. Automated security tasks using AWS Lambda functions and CloudWatch Events for vulnerability scanning, security configuration checks, and incident notification. Leveraged AWS Security Hub for centralized aggregation and analysis of security findings from various cloud services, improving the efficiency of security operations. Optimized cloud security posture by utilizing cost-effective security solutions and right-sizing cloud resources to balance security and cost considerations. Demonstrated strong technical skills in understanding and utilizing various cloud security tools (e.g., Wiz, Falcon, QRock, Qualys VM) Ensured compliance with PCI DSS requirements for cloud-based payment processing systems by implementing strong encryption, access controls, and regular security assessments. Collaborated with the IT audit team to conduct SOC 2 Type II audits for the cloud environment, demonstrating adherence to security controls and best practices. Maintained awareness of relevant cloud security regulations (HIPAA, GDPR) and implemented necessary controls to meet compliance requirements. Developed a cloud security monitoring strategy using CloudWatch logs and metrics to detect suspicious activity and potential security incidents. Led the investigation and remediation of a cloud security incident involving unauthorized access to an S3 bucket, implementing corrective actions and improving access control policies. Established a cloud security incident response plan (SIRP) for rapid detection, containment, eradication, and recovery from security incidents. Designed and implemented secure cloud architectures using AWS services to meet security best practices and industry compliance standards (SOC 2, ISMS 2013, HIPAA, GDPR, NIST). Utilized AWS Security Hub and NIST 800-53 controls to identify and remediate security vulnerabilities within the AWS environment. Leveraged Amazon GuardDuty to continuously monitor for suspicious activity and automate incident response procedures. Performed comprehensive security assessments using tools like Crowdstrike Falcon, Qualys VM scanner, Qualys Vulnerability Management, and Wiz.io to identify and remediate vulnerabilities across cloud and on-premises environments. Managed endpoint security using ManageEngine Endpoint Management to enforce security policies, deploy antivirus solutions (Apex One Antivirus), and ensure endpoint compliance. Conducted Privacy Impact Assessments (PIA) to evaluate the risks associated with processing personal data. Implemented security awareness training programs using KnowBe4 to educate employees on cybersecurity best practices and phishing attempts. Utilized Burp Suite for manual penetration testing to identify potential security weaknesses in web applications (OWASP). Led security teams in managing projects, assigning tasks, and tracking progress using Jira and Zendesk ticketing systems. Maintained clear communication with stakeholders to ensure alignment on security objectives and initiatives. Implemented asset management procedures to maintain an accurate inventory of hardware, software, and cloud resources for improved security posture. Administration of TrendMicro Email Security & Antivirus, whitelisting and blacklisting applications. Actively monitored for all Zer0day threats and critical patches. Implemented Wiz.io, Monitored Organizations network for security breaches and investigated violations. Assisted the Infra team in planning/building MongoDB, New Relic as a monitoring tool for all critical Networks/Servers. Worked with the CTO and Architects and IT and business stakeholders to define metrics and reporting strategies that effectively communicate the success and progress of the security program. Prime responsible for maintaining AWS Route53 AWS Macie, AWS WAF, AWS Security HUB, VPC, ALB IBM Qradar, Wiz.io, Akamai DDoS protection and Proofpoint email security, VPC, OKTA, InternetGateway, NAT Gateway, ACL, VPN Gateway, Routing table. Developed an automation plan to scan and install security patches for the AWS instances. Managed DS SaaS Production setup and got it to 90% scorecard of CIS Top-10 and AWS Security Best Practices, DRATA compliance management etc. Implemented (DLP) data security and data privacy using Macie, TrendMicro Email security, AWS NLB, and ALB for high availability. Implemented AWS WAF to protect web applications and APIs against exploits. Deployed automated patching solution for Delivery Solutions Servers using Inspector, Systems Manager, Lambda, S3. Increased security team adoption of Wiz.io by 30% through comprehensive training materials and ongoing support.

Highly motivated and Experienced in Security Administrator to be a top performer by maintaining cutting edge skills and the latest Industry knowledge. Specialized in network monitoring security software installation and working to prevent cyber- attacks especially in business and corporate settings.