Available for opportunities ·

Hi, I'm Rishikesh Reddy

I help enterprises reduce risk across security operations, cloud, and application layers — blending threat detection, incident response, and secure development to protect the systems people rely on. Four-plus years of building resilient defenses, hunting emerging threats, and partnering with engineering teams to ship secure software by default.

4+
Years
24/7
SOC Ready
Multi
Cloud
01 · About

Defensive security, built for the enterprise.

I'm a cybersecurity practitioner who genuinely loves the craft — the mix of investigation, engineering, and communication that makes real defense work. My career has centered on building resilient security operations, hardening cloud environments, and helping developers ship applications that stand up to modern threats.

I gravitate toward problems that need both technical depth and calm judgment — chasing an anomaly across SIEM pipelines, threat-modeling a new API before it ships, or partnering with engineering on a secure-by-default pattern. I treat security as a product: measurable, iterated, and shaped by the people who depend on it.

Whether I'm running an incident response, tuning detections in Sentinel or Splunk, or reviewing an AppSec pipeline, I aim for outcomes that stick: reduced dwell time, fewer repeat findings, and teams that trust security to help them move faster.

What drives me
Cloud-first defensive engineering
Threat hunting & detection design
Secure SDLC & developer enablement
Continuous learning on emerging threats
Clear, calm incident communication
02 · Core expertise

Ten disciplines. One coherent security practice.

From SOC operations to secure delivery — a full-stack defensive skillset shaped in real enterprise environments.

Security Operations Center

24/7 detection, triage, and response across SIEM, EDR, and cloud telemetry pipelines.

Incident Response

Contain, eradicate, and recover from live threats with structured NIST-aligned playbooks.

Threat Hunting

Hypothesis-driven hunts using MITRE ATT&CK to surface stealthy adversary behavior.

Application Security

Shift-left AppSec with SAST, DAST, SCA, and threat modeling embedded in CI/CD.

Cloud Security

Harden AWS and Azure workloads with CSPM, IAM guardrails, and runtime monitoring.

Identity & Access

Zero-trust IAM with conditional access, PIM, and least-privilege enforcement.

Security Monitoring

Custom detections, correlation rules, and dashboards for high-fidelity alerting.

Vulnerability Management

Risk-based remediation across cloud, endpoints, apps, and infrastructure.

Secure SDLC

Security gates, developer enablement, and policy-as-code in the delivery pipeline.

Security Automation

SOAR playbooks and scripting to eliminate toil and cut mean-time-to-respond.

03 · Technical skills

A stack tuned for defense at scale.

Security Operations

SplunkMicrosoft SentinelSIEM EngineeringIncident ResponseThreat HuntingMITRE ATT&CK

Application Security

OWASP Top 10SASTDASTSCABurp SuiteCheckmarxFortify

Cloud Security

AWSAzureIAMMicrosoft DefenderIdentity SecurityCSPM

Programming

PythonJavaJavaScriptSQLAutomationScripting

Networking

TCP/IPHTTPHTTPSDNSFirewallsAuthentication

Developer Tools

GitGitHubGitLabJenkinsJiraServiceNow
04 · Experience

Four years defending real production.

Feb 2025 – Present

Cybersecurity Analyst

Health Plan of San Joaquin
Remote / USA
  • Lead detection engineering across Microsoft Sentinel, tuning analytics rules to reduce alert noise by 40% while preserving true-positive coverage.
  • Own incident response for HIPAA-regulated workloads, coordinating containment and forensics with IT, legal, and compliance stakeholders.
  • Run continuous vulnerability management across cloud and endpoint estate, prioritizing remediation with risk-based scoring against critical assets.
Microsoft SentinelDefenderAzureKQLMITRE ATT&CK
May 2024 – Feb 2025

Application Security Engineer

Kroger
Cincinnati, OH
  • Embedded SAST, DAST, and SCA controls into Jenkins pipelines across multiple product lines, blocking high-severity findings before production.
  • Partnered with development squads on threat models and secure code reviews, driving a measurable drop in recurring OWASP Top 10 defects.
  • Built lightweight security champions program that scaled AppSec guidance across 20+ engineering teams.
CheckmarxFortifyBurp SuiteJenkinsGitHubOWASP
Feb 2023 – Mar 2024

Information Security Analyst

FIS Global
Jacksonville, FL
  • Monitored Splunk SIEM in a 24/7 SOC, triaging alerts across financial services workloads with strict SLA adherence.
  • Executed proactive threat hunts mapped to MITRE ATT&CK, uncovering misconfigurations and dwell-time exposure across hybrid environments.
  • Authored runbooks and enrichment scripts that shortened investigation cycles for L1/L2 analysts.
SplunkSIEMPythonMITRE ATT&CKEDR
Nov 2020 – Dec 2021

Programming Developer Intern

MPaul Tech IT Solutions
India
  • Built internal automation utilities in Python and Java, learning secure coding fundamentals early in the SDLC.
  • Contributed to backend services and database integrations, gaining hands-on exposure to authentication and access control patterns.
PythonJavaSQLGit
05 · Projects

Security work, built and shipped.

Selected initiatives that demonstrate detection engineering, cloud security automation, and secure delivery in practice.

Enterprise SIEM Monitoring Dashboard

Problem

Fragmented visibility across Splunk and Sentinel slowed SOC triage.

Unified detection console consolidating alerts, MITRE mappings, and asset context into a single analyst-first view.

Cross-SIEM correlation
MITRE ATT&CK heatmap
SLA tracking
Analyst notes & handoff
SplunkSentinelPythonReact

Cloud Security Compliance Automation

Problem

Manual audits couldn't keep pace with a growing multi-cloud footprint.

Continuous CSPM engine that evaluates AWS and Azure workloads against CIS, NIST, and internal baselines with auto-remediation hooks.

Drift detection
Auto-remediation
Evidence export
Slack alerts
AWSAzurePythonTerraform

Secure API Assessment Platform

Problem

API-first products needed repeatable AppSec coverage.

Chained SAST, DAST, and fuzzing pipeline that scores API endpoints for OWASP API Top 10 risks and generates developer-ready reports.

OWASP API Top 10
CI/CD integration
Auth-aware fuzzing
Dev-friendly reports
Burp SuiteJenkinsPythonPostman

Threat Intelligence Aggregator

Problem

Siloed intel feeds diluted analyst focus.

Aggregation service normalizing IOCs across open-source and commercial feeds, enriched with context and pushed into SIEM watchlists.

STIX/TAXII ingest
IOC deduping
Confidence scoring
SIEM sync
PythonSTIX/TAXIIElasticsearch

Enterprise Vulnerability Scanner

Problem

Vulnerability data lacked business context for prioritization.

Risk-based vulnerability platform combining scanner output with asset criticality, exploit intelligence, and SLA workflows.

Risk scoring
Owner routing
SLA dashboards
Ticket automation
QualysNessusJiraPython

Incident Response Case Management

Problem

Ad-hoc IR notes and chat threads slowed post-incident learning.

Structured IR portal with case timelines, evidence vault, and lessons-learned templates aligned to NIST SP 800-61.

Timeline builder
Evidence vault
Playbook runner
Post-incident review
ReactNode.jsPostgreSQL
06 · Certifications

Continuous credentialing.

CompTIA Security+

CompTIA
2024

AWS Certified Security – Specialty

Amazon Web Services
In Progress

Microsoft SC-200: Security Operations Analyst

Microsoft
2024

Certified Ethical Hacker (CEH)

EC-Council
2023

Azure Security Engineer (AZ-500)

Microsoft
In Progress

GIAC Security Essentials (GSEC)

SANS / GIAC
Planned
07 · Tools

The stack I reach for daily.

Splunk
Sentinel
Burp Suite
Qualys
Nessus
Checkmarx
Fortify
Defender
AWS
Azure
GitHub
Jenkins
Jira
ServiceNow
08 · Education

Academic foundation.

Master of Computer and Information Systems

New England College
Henniker, New Hampshire
Graduated May 2023GPA 3.8 / 4.0

Bachelor of Technology in Engineering

Mahatma Gandhi University
Meghalaya, India
Graduated May 2021GPA 8.68 / 10
09 · Why work with me

What I bring to the team.

Strong Analytical Thinking

Structured investigation habits that turn ambiguous signals into confident, evidence-backed decisions.

Enterprise Security Experience

Hands-on across healthcare, retail, and financial services SOC and AppSec programs.

Cloud Security Expertise

Deep AWS and Azure fluency — from IAM guardrails to workload runtime protection.

Collaborative Mindset

Trusted partner to developers, IT, compliance, and leadership — security as an enabler, not a blocker.

10 · Contact

Let's build something secure.

Open to full-time, contract, and consulting engagements. Strong support for relocation across the United States.

Availability
Full-Time Opportunities
Consulting Engagements
Contract Roles
Remote · Hybrid · Onsite
Strong relocation support (H1B)
CST working hours
Currently
Based in Alabama, USA — available across the United States.