Reddy Bhaskar Vengala

DevOps Manager

Hyderabad, Telangana, India9 yrs 6 mos experience

Most Likely To SwitchHighly Stable

Key Highlights

9 years of experience in security engineering.
Expert in vulnerability assessment and penetration testing.
Proficient in integrating security tools into DevSecOps pipeline.

Stackforce AI infers this person is a Security Engineer specializing in SaaS and Cloud Security.

Contact

Skills

Core Skills

Vulnerability Assessment And Penetration Testing (vapt)Api SecurityDynamic Application Security Testing (dast)Static Application Security Testing (sast)Penetration TestingSource Code Review (sast)Java-j2ee

Other Skills

API Penetration TestingActive DirectoryActive Directory Penetration TestingActive Directory SecurityApplication SecurityArcherAzure Storage accounts File sharesAzure storage & file share REST APIBurp SuiteCheckmarxCheckmarx Static Code AnalyzerCommunicationCybersecurityDetectSecretsDevSecOps

About

Passionate Security Engineer with 9 years of experience which includes 7 years of experience in vulnerability assessment and penetration testing VAPT on Web Apps, AI applications, SaaS applications and OCI cloud infrastructure and 2+ years of development experience using Java-J2EE. Perform various security testing activities like VAPT, DAST, SAST, API Security, Prompt Engineering, Container Security, Docker image security, Nessus infrastructure, Threat modelling, Security architecture review. Document vulnerability assessment report with detailed remediation suggestions. Develop automation scripts for integration of security tools into DevSecOps pipeline. Experienced in building burp extenders/plugins for security testing automation. Fine tune open source security tools as per the requirement needs for pipeline integrations. Explore and evaluate various security tools available for DAST, SAST, Docker, Kubernetes security and defect management.

Experience

Oracle

2 roles

Principal Security Engineer

Promoted

Sep 2023 – Present · 2 yrs 6 mos · Hybrid

Senior Security Engineer

May 2020 – Sep 2023 · 3 yrs 4 mos · Hybrid

Perform vulnerability assessment and penetration testing which includes both manual and automated DAST & SAST for Oracle Fusion SAAS applications using various security tools like BurpSuite, ZAP, WebInspect, Fortify and DetectSecrets.
Perform manual and automated API security testing.
Perform docker image and kubernetes security testing. Review pod security standards and network polices. Also perform Nessus scan on the hosts.
Create a detailed report on vulnerabilities identified and provide a remediation suggestions.
Develop automation scripts for integration of security tools in CICD pipeline.
Developed Burp extenders to improve the testing coverage and automate security testing processes.
Fine tune open source security tools as per the requirement needs for pipeline integrations.
Explore and evaluate various security tools available for DAST, SAST, Docker, Kubernetes security and defect management.

Vulnerability Assessment and Penetration Testing (VAPT)Dynamic application security testing (DAST)Static application security testing (SAST)API SecurityBurp SuiteNessus+2

Adp

Member Technical (Security Analyst)

Sep 2018 – Apr 2020 · 1 yr 7 mos · Hyderabad Area, India

Perform manual and automated Penetration/Security Testing (DAST) on Web Applications using burpsuite.
Perform Source Code Review from Security Point view (SAST) with the help of Checkmarx tool.
Create detailed report on vulnerabilities identified and assist development teams with remediation suggestions.

Penetration TestingSource Code Review (SAST)Checkmarx