PRABHAKAR KOORAPATI

Information Security Professional

Vulnerability Assessment/SOC, Security Audit
: +91- 8019188976 : [email protected]

Career Objective:

 To obtain a position of Security Analyst in a reputed organization where I can practice my

skills and education.

Professional Summary:

 Having 4+ years of experience in Information Security.

 Working On Nessus and McAfee Vulnerability Manager.
 Hands on experience in generating VA & PT reports.
 Good experience in the area of Vulnerability Assessment, Nessus Security Centre,
Symantec Endpoint Protection, SOC, SIEM Alien Vault, AD Audit Plus, Barracuda Webfilter,
BlueCoat Proxies, Metasploit (GUI), IDS/IPS.
 Knowledge of typical Security devices such as firewalls, intrusion detection systems, AV and
End Point Security, anti-spam systems, event correlation systems, etc.

 Hands-on experience in Penetration and vulnerability assessment of internet and

intranet scanning, Discovery, Exploiting, Detailed analysis, Review and Reporting.
 Well conversant with the latest technological trends in information security field
including management practises and regulatory issues.
 Acting on internal and external reports of possible infection cases and creating reports.
 Strong understanding of Network Security Concepts.
 Generating reports such as weekly, monthly and daily based on the client requirement.
 Ability to communicate technical issues to technical and non-technical business
area representatives.
 Ability to analyze test results and suggest mitigations for security problems.

CAREER HIGHLIGHTS :
C-DAC (Centre for Development of Advanced Computing ) HYDERABAD,INDIA
(Information security analyst (Jan 2013 to Till Date)
Responsibilities:
 Responsible for carrying out system and network wide vulnerability assessment and
penetration testing to assess the security level of systems and network devices at client
networks.
 Vulnerability assessment and Penetration testing, performing weekly, Monthly, Half Yearly,
Yearly vulnerability assessments.
 Maintaining and analyzing the security risks on to the whole network, servers and systems
through several vulnerability tools.
 Analysis/Research activities on hacker exploits and trends.
 Preparation of daily and weekly status reports.
Modules/ Tools:

 Nessus , SOC, SIEM Alien Vault, AD Audit Plus, Symantec Endpoint Protection Management,
Bluecoat Proxies, Barracuda Web Filter, Source fire IDS/IPS, Etc.

Network Security:
 Knowledge On TCP/IP Networking.
 Network Scanning : Nmap, Metasploit.
 Vulnerability Assessment : NESSUS Professional, Wireshark.

Cyber Security:
 Symantec Endpoint Protection, Barracuda Webfilter, SIEM, CEH Modules, Kali linux.

Data Security:
 Extensive Experience in the areas of Symantec Endpoint Protection Management.

Operating Systems:
 WINDOWS, LINUX (Kali Linux).

Work Experience:

 Working as System Analyst in Concen Tek Pvt. Ltd. Hyderabad from Jan 2013 to Till Now.

Educational Qualifications:

 B.S.C Computers (U.G)

 M.C.A Master of Computer Applications (P.G)

Training Completed:

 Certified CSSP (Computer Security System Professional).

 Trained On CEH (Certified Ethical Hacking).
 Trained On CHFI (Computer Hacking Forensic Investigator ).

Project Details:

Project # 3

Project Name : ISOME-SECTEST

Client : Kotak Life Insurance, Mumbai.
Role : Security Engineer L1
Description:

This project aims to deliver the requirements of Kotak Life Insurance in the area of Information
Security. As part of the project we conducted penetration testing assignments for KLI and other
related bodies with KLI. Prepared Vulnerability assessment and Penetration testing reports and
supported the clients to fix those vulnerabilities. Weekly review of Top 10 Incidents and generating
reports based on analysis of logs collected. Conducted secure configuration reviews for windows
and Linux servers. Prepared System Health Check List for various platforms, reviewed router switch
and firewall configurations. Released reports on weekly, monthly basis for SHC and VA.

Responsibilities:

 Discover Live IPs within the organization.

 Run Automated Scanners to find out the vulnerabilities.
 Manual analysis of the reported vulnerabilities.
 Prepare detailed report explaining the impact of the vulnerabilities present and how to fix
them.
 Final discussion with stake holders on vulnerabilities and mitigation recommendations.
 Network penetration testing for assessing vulnerabilities as seen from inside the
organization/outside world.
 Performed Internal Penetration Testing.
 Reporting of detected vulnerabilities with solutions.
 Manual check of each and every policy and confirm that they meet the set standards.
 Create Secure Configuration Document for the Hardening of devices.
 Capture outputs related to the policies to be audited and then analyze them for mis-
configurations.
 Reporting all the mis-configurations and explain the client as how can they pose a threat.
 Help the client in hardening the devices and platforms.
 Good knowledge in Metasploit, Nessus, Acunetix, ,NMAP, Wireshark.

Project # 2

Project Name : Information Security Education & Awareness

Client : Government of India
Role : InfoSec Consultant

Description:

This project aims to deliver the requirements of the Government of India in the area of Information
Security. As part of the project we conducted penetration testing assignments for various
government bodies and private sector companies. Prepared Vulnerability assessment and
Penetration testing reports and supported the clients to fix those vulnerabilities. Conducted secure
configuration reviews for windows and linux servers. Written various information security articles in
“Frontline” magazine and maintaining a website dedicated to information security awareness and
education.

Responsibilities:

 Oversaw and conducted penetration test assignments.

 Conducted Internal & External Penetration tests, Re-Scan, Secure Configuration Reviews,
Server Audits (Linux and Windows) for various organizations.
 Generated VA & PT reports.
 Reviewed and made recommendations on secure configuration of network devices.
 Prepared and distributed security assessment reports to customers.
 Developed and documented security evaluation test plan and procedures.
 Performed additional incidental duties as assigned.
Project # 1

Project Name : System Admin

Client : A.P Vigilance Commission
Role : System Analyst.

Description:

As a System analyst I worked in Andhra Pradesh Vigilance commission, secretariat from June 2013
to Sep 2014. APVC is a government body of AP government where the information maintained is
confidential and unauthorized access is strictly prohibited. As a System security analyst I have
joined as a junior member in Network and Security team in APVC, actively monitored the network
of APVC for security issues and error free operation.

Responsibilities:

 Support and maintain the computer network and systems installed by the organization.
 Ensure that the network infrastructure is well managed and maintained and that it functions
without interruptions.
 Reporting any Security related violations and security breach incidents to senior team
members.
 Make certain that the server functions smoothly and ensure the security is not tampered.
 Tackle the security issues concerning the network and prevent unauthorized access to the
systems.
 Perform duties as necessary for network address, routing table configuration, authorization
of directory services, etc.

Personal Profile :

 Languages Known : English , Hindi, Telugu

 Skills : Smart Working, quick Adaptability ,Eager to learn

Declaration:

 I hereby declare that the information furnished above is true to the best of my knowledge.