Mobile: +91 7675962108

Venkata Subhash Muthareddy

Experience Summary

- Subhash is a Cyber Security professional with distinguished experience of 18 years.

- Subhash is known for his specialized/niche skillset and deep subject matter expertise in cyber security
infrastructure areas and loves being hands-on, while delivering large scale client engagements.
- He is proficient in driving security consulting, engineering (design and implement) and operations
efforts to help clients reduce risk footprint and improve overall risk posture for organizations.
- He helps clients to be Secure, Vigilant and Resilient in the face of an ever-increasing array of cyber
threats and vulnerabilities.
- He has profound knowledge in performing maturity assessments, risk assessments and gap assessments
for fortune 500 clients and reporting findings from a business risk prospective.

- He is proficient with multiple security vendor tools like Qualys Guard (VMDR, WAF, Policy Compliance,
Certificate Management etc.), RiskSense, ArcSight, RSA envision, STRM, Qradar, Sumologic, Symantec
Data Loss Prevention, Blue coat DLP, Tanium End Point Protection, SSL VPN Secure Access, Sourcefire
IDP/IPS, Symantec End Point Protection, Tripwire, FireEye etc.

Contact Details
Mobile No : +91 7675962108

Email : [email protected]

Relevant Cyber Security Experience

Organization: Securin (Formerly Cyber Security Works)

Title Director - VMaaS

Team Size 60+

Role Attack Surface Management Specialist, Threat and Vulnerability Management

Specialist, Security Architect

Period 14th February 2022 – till date

Selected Experience:

Responsible and accountable for delivering Vulnerability Management and External Attack Surface
Management (EASM) services to global clients. We help clients with Continuous Threat and Exposure
Management analysis, performing continuous authenticated scans, Industry specific Threat Intelligence and
do RISK based vulnerability prioritization for remediation efforts to reduce overall risk foot print on their
environment.

Page 1 of 6 Dated: 10/28/24

Mobile: +91 7675962108

Organization: Deloitte & Touché Assurance Enterprise Risk Services India Pvt Ltd.

Title Advisory Manager

Team Size 80+

Role Attack Surface Management Specialist, Threat and Vulnerability Management

Specialist, Security Architect

Period 28th July 2014 – 13th Feb 2022

Selected Experience:

Working as an Advisory Manager in Deloitte Cyber Risk Services. During his stint at Deloitte, Subhash
worked at both Deloitte USI and US practices. Subhash is a key member of Deloitte Attack Surface
Management team, and he helps large scale clients in driving risk reduction efforts across the enterprise.
He is known for adopting new technologies to better operate and automate client’s attack surface
management programs. He is responsible for leading teams that perform Risk assessments, gap
assessments, current state maturity assessments, vulnerability assessments, architecture reviews,
configuration reviews for a wide array of clients (includes many Fortune 100 clients).

At Deloitte, I am known for my ability to drive and execute complex client engagements.

Proposals and Pricing: Work on new client proposals, pipeline, expanding existing clients into new
services and provide strategic pricing estimates. Consistently sold more than $2-5 million revenue
engagements over the last 4-5 years. Was instrumental in winning Cybersecurity Operational Support
Services contract (~$22M+ in yearly revenue) for a major financial client.

Cyber Security Consulting: Worked on multiple large to very large security engagements including
defense in depth assessments, strategy engagements and managed services.

Threat and Vulnerability Management/Attack Surface Management:

- Developed VM from scratch to a mature automated state for a fortune 500 client. Proposed Risk-Based
approach for vulnerability remediation to improve the risk posture for the client in a short stint.
Implemented script-based ticket creation approach to automate BAU ticket creation process for open
vulnerabilities identified on client network.

- Provide Subject Matter Expert (SME) level support for Vulnerability Management area to set up new
clients to be onboarded into Deloitte MSS (Managed Security Services). Work with client(s) key
stakeholders to achieve operational excellence by identifying areas of improvement in steady state
operations.

- Managing upwards and talent (Hiring, creating shared pool of resources in TVM and ASM areas,
Coaching, Mentoring)

Organization: Juniper Networks India Pvt. Ltd.

Page 2 of 6 Dated: 10/28/24
Mobile: +91 7675962108

Title Information Security Lead

Tools STRM SIEM tool, Arcsight, Nessus, Qualys Guard, Fire Eye, SSL VPN Secure Access
box, Wiki, Postini, Websense, Symantec End Point Manger, SSL Cert Management,
SRX App Secure, Juniper Web Application Security (JWAS), Web screen, Juniper
Distributed Denial of Service (JDDoS).
Team Size 8
Role Information Security Analyst Lead
Period October 2012 – 25th July 2014

Selected Experience:

Establish a Security Operations Center for catering the overall security operations at Juniper Networks

 Responsible for carrying out day to day Security Operations

 Providing operations overview report to CISO on weekly and monthly basics
 First point of contact for handling critical P1, P2 security incidents across Juniper
 First point of contact handling Claimed notice infringements and abuse alerts from external parties
 Carrying out Penetration Testing for Juniper external facing websites
 Managing and troubleshooting issues related to Juniper SSL VPN for Contractors and employees across
the world
 Vulnerability Management for critical servers using Qualys Guard
 Responsible for carrying out ECCC Project to manage vendors SIEM (ArcSight) and Vulnerability Scanning
process (Qualys)

SIEM Activities (Internal Security operations for SOC using STRM and ECCC Project Operations for
Vendor using ArcSight):

 Build and fine-tuning Dashboards, Data Monitor Active Lists, Active Channels, Custom correlation rules,
reporting templates, monitoring views and asset mapping configurations as part of SIEM customization
with Security Threat Response Manager
 Detecting and prevent Zero-day attacks on critical assets using SIEM
 Identify the technology gaps and provide recommendations to JTAC Team members with the
requirement.
 Co-coordinating with Arcsight professional support for building use cases according to Vendors
Requirements.
 Recommended USE cases for Threat, Database, Identity and access management etc.
 Spam Incident handling to ensure there is no threat posed to Juniper Network
 Carrying the Cert request process for Email and Web SSL Certificates

Malware Handling Activities:

 Driving operations from malware behavior aspect with Fire Eye tool
 Operations handling of Symantec End Point Manger

Incident Response:

 Ability to think like the bad guys

 Excelling at incident handling, crisis management, response coordination, forensics, and out-of-the-box
problem solving

Specialties:

+Investigations

Page 3 of 6 Dated: 10/28/24

Mobile: +91 7675962108

+Forensics
+ Incident Response

Penetration Testing:

Performing first level penetration testing for external facing juniper websites and websites in staging
environment that are to be moved to production down the line.

Tools used: Back Track 5, Kali, Metasploit

Organization: Cognizant Technology Solutions

Title Technical Lead for Security Operations Center

Tools Arcsight (SIEM), RSA Envision
Team Size 20
Role Team Lead
Period November 2010 – October 2012

Selected Experience:

Establish a Security Operations Center for monitoring for 7000+ business critical assets & PCI material
servers. The purpose of this project is to implement various Use Cases & monitor business-critical Assets
using an interim SIEM solution and led the initiative for PCI & SOX compliance.

 Responsible for carrying out day to day Security Operations

 Responsible for preparing Generic Security advisory/Threat advisory.
 Build and fine-tune dashboards, data monitor Active Lists, Active Channels, customize correlation rules,
reporting templates, monitoring views and asset mapping configurations as part of SIEM customization.
 Detecting and prevent zero-day attacks on critical assets using SIEM.
 Provide timely report Weekly, Monthly and Quarterly
 Identify the technology gaps and provide recommendations.
 Recommended use cases for Threat, Database, Identity and access management etc.

Organization: Wipro Technologies, GSOC

Title Project Engineer in Global Security Operations Center

Client Major Retail Client
Operating System Windows, Solaris & Linux
Tools ArcSight, Qualys Guard, Sourcefire, SCSP, Deep Security, Skybox and Tripwire
Team Size 60
Role Security Analyst, L2
Period March 2008 – Nov 2010

Page 4 of 6 Dated: 10/28/24

Mobile: +91 7675962108

Selected Experience:

Establish event monitoring for 8000+ business critical assets & PCI material servers. Customer has the
mandate to comply with Payment Card Industry (PCI) and hence the top priority is to achieve readiness for
the compliance. The purpose of this project is to implement & monitor business-critical Assets using an
interim SIM solution to meet Customer’s readiness for Payment Card Industry (PCI) compliance.

 The project involves Incident analysis, incident responses, incident remediation, fine tuning and
developing co-relation rules. Advance device integration, IDS, IPS & VA tools
 Responsible for specialized investigation, threat Analysis and remediation in response to notifications
using SIEM tools such as ArcSight
 Monitor ArcSight dashboards to keep track of security events, health of SIEM devices
 Troubleshooting and deep analysis of Security alerts
 Define rules, customized reports, and schedule reports as per requirements. Fine tune SIEM Solution to
reduce false alerts, improve the performance etc.
 Troubleshooting the issues related to SIEM solution and ensuring health of SIEM Solution Devices
 Integration of new log sources with SIEM Solution
 Analyzing both corporate and retail logs downloaded from the loggers for the entire shift (8 hours).
 Recognizes successful intrusions and compromises through review and analysis of relevant event detail
information
 Understanding current vulnerabilities, attacks and countermeasures
 Managing KM activities in the Team (Introduced Shift handover report and MOM in the project for better
communication between each shift and Onsite.)
 Identification, investigation and escalation of security breaches to the client-side Security team (called as
Central Security Incident Response Team)
 Creating Rules, filters and active lists in ArcSight to filter out events obtained from the Logger
 Creation of New Dashboard as per the requirement
 Creating new process documents which would help the Analyst in analyzing events
 Launch and track investigations to resolution. Recognizes attacks based on their signatures Differentiates
false positives from true intrusion attempts
 PCI compliance enforcement on the production assets using FIM tools, such as Trip Wire, Deep Security
Third Brigade and Symantec Critical System Protection
 Firewall compliance auditing using Skybox
 Log Analysis
 Timely escalation of incidents to security management team
 Handling threat management tasks by subscribing various security alerts from various sources
 Discussion and brainstorming of relevant security alerts with security consultants and coming out with
threat management plan
 Review and refinement of threat management plan
 Vulnerability Reporting and vulnerability scan scheduling using Qualys Guard in line with PCI
requirements.
 Schedule and analyze vulnerability scans on various business critical assets
 Follow-ups with asset owners for remediation of vulnerabilities either at OS or application level
 Tracking, validation and closure of critical and high vulnerabilities
Acting as a shift lead (L2) and handling the entire team of about 30 members per shift

Page 5 of 6 Dated: 10/28/24

Mobile: +91 7675962108

Certifications
 Certified Information Systems Security Professional (CISSP)
 Cisco Certified Network Associate (CCNA) Certified (CISCO ID No. CSCO11688665)
 Juniper JNCIS-ER (Specialist, Enterprise Routing) Certified
 Juniper JNCIA-EX (Associate, Enterprise Switching) Certified
 Juniper JNCIA-JUNOS (Associate, JUNOS) Certified
 Attended a 40-hour workshop on “Packet Analysis & Web Application Security” from K-secure IT
security Services.
 Certified Ethical Hacker v7 (CEH) Certified (EC-Council Membership ID. ECC955088)
 EC-council Certified Security Analyst (ECSA) Certified
 Qualys Guard certified Specialist (Vulnerability Management)
 ArcSight Certified Professional (ACP)

Education

Title of the Degree with Branch College/University Year of Passing

Bachelor of Technology in EEE JNT University, Hyderabad. 2007
with 75.6%

Page 6 of 6 Dated: 10/28/24