Anusha Penumacha

Software Engineer

Vancouver, British Columbia, Canada7 yrs 9 mos experience

Most Likely To SwitchHighly Stable

Key Highlights

3+ years in Endpoint Security and DevSecOps.
Expertise in building scalable security automation solutions.
Hands-on experience with dynamic application security testing.

Stackforce AI infers this person is a Cybersecurity professional with a strong focus on DevSecOps and automation.

Contact

Skills

Core Skills

CybersecurityApplication SecurityDevsecopsAutomationDevopsSoftware Development

Other Skills

AWSAlgorithmsAmazon CloudWatchAmazon EC2Amazon EKSAmazon Elastic MapReduce (EMR)Amazon Web Services (AWS)AnsibleApache KafkaApache SparkCC++CI/CDCloud Automation FrameworkCode Analysis

About

My primary interests lie in the domains of Application Infrastructure and Open Source Security. I have 3+ years of experience in Endpoint Security and during this time I worked on various attack mitigation methods. Currently navigating the DevSecOps and Product Security space. I like to build scalable solutions to solve security automation problems.

Experience

Splunk

2 roles

Senior Security Software Engineer

Promoted

May 2023 – Present · 2 yrs 10 mos · United States · Hybrid

Vulnerability Management
Software Composition Analysis
SBOM Management

Vulnerability ManagementSoftware Composition AnalysisSBOM ManagementCybersecurityApplication Security

Product Security Engineer

Jun 2021 – May 2023 · 1 yr 11 mos · United States · Hybrid

Supply Chain Security

Supply Chain SecurityCybersecurity

Department of electrical and computer engineering at carnegie mellon university

Graduate Teaching Assistant

Jan 2021 – May 2021 · 4 mos · Pittsburgh, Pennsylvania, United States

18-732 - Secure Software Systems

Splunk

Product Security Intern

May 2020 – Aug 2020 · 3 mos · United States

Designed and built a self-service pipeline for Dynamic Application Security Testing [DAST]
Worked on integrating Semgrep rules into the CI build process to perform detailed and regular Code Analysis.
Built centralized report storage and stats reporting for Product Security controls at Splunk. Used Splunk for visualization and AWS for report storage and metric collection.

Dynamic Application Security TestingCode AnalysisReport StorageMetric CollectionDevSecOpsAutomation

Carnegie mellon university

Graduate Teaching Assistant

Jan 2020 – Jan 2021 · 1 yr · Pittsburgh, Pennsylvania, United States

14-761 - Applied Information Assurance

Fireeye, inc.

3 roles

Software Engineer

Promoted

Jan 2018 – Jul 2019 · 1 yr 6 mos

Development and Maintenance of Cloud Automation Framework which is consumed by the Endpoint division for deployment and automation.
Contributed to the CI/CD goals by designing and implementing pipelines to automate and enhance the build verification process
Ansible, Jenkins, Apache Groovy, Python, Teamcity, vCloudAir

Cloud Automation FrameworkCI/CDPipelinesDevOpsAutomation

Associate Software Engineer

Jun 2016 – Dec 2017 · 1 yr 6 mos

Developed benign exploits and internal tools to verify the efficacy of Exploit guard [Endpoint's behavior based detection engine]
Contributed to the functional test automation of multiple detection engines in the Endpoint Security Product ( FireEye-HX) [Exploit Guard, IOC Matching, Antivirus, Malware guard]
Developed unit tests for the Windows kernel mode mini filter driver
Python, C++, Windows Internals, Binary Exploitation, x86 Assembly

Exploit DevelopmentFunctional Test AutomationUnit TestingCybersecuritySoftware Development

Intern

May 2015 – Jul 2015 · 2 mos · Bengaluru Area, India

Developed a performance monitor framework which collects and analyzes system performance metrics from multiple client machines and sends periodic comparison reports and performance graphs to the key stakeholders.