Krishna is available for hire

Krishna Prasad

Verified Expert in Engineering

Cloud Security Architect and Developer

Toronto, ON, Canada

Toptal member since December 13, 2022

Expertise

Cloud Engineering SOC 2( Service Organization Control)Software Development Cloudflare Linux Windows Development AWS DevOps Cybersecurity Security Engineering Penetration Testing Database Java System Security

Bio

Krishna is a skilled cybersecurity professional with over 16 years of IT experience, specializing in application security, cloud security, DevSecOps, and security architecture. His expertise includes AI/ML security, multi-cloud security, VAPT assessments, security automation, compliance, and source code reviews. Krishna is skilled in researching AI system security risks, enhancing application security, and integrating security into Agile/DevOps practices using S-SDLC principles.

Portfolio

Edari

AI Security, Application Security, Static Application Security Testing (SAST)...

KVK Cloud Security Consulting Incorp

Python, DevSecOps, Amazon Web Services (AWS), Amazon CloudWatch...

WorkSpan

Application Security, Security, Cloud Security, DevSecOps, SOC 2...

Experience

Dynamic Application Security Testing (DAST) - 12 years
Static Application Security Testing (SAST) - 10 years
Vulnerability Management - 10 years
SecOps - 10 years
Cloud Security - 10 years
DevSecOps - 10 years
Software Development Lifecycle (SDLC) - 9 years
Security Architecture - 7 years

Availability

Full-time

Preferred Environment

Security Architecture, Application Security, Vulnerability Management, DevSecOps, SOC 2, Cloud Security, CISO, AI Security, Network Security, HIPAA Compliance

The most amazing...

...multi-cloud security design and reviews I’ve completed were well received by satisfied clients.

Work Experience

AI & Application Security Specialist

2024 - 2024

Edari

Collaborated with cross-functional teams and stakeholders at clients' locations to lead initiatives that addressed application security vulnerabilities, significantly enhancing the organization’s security posture.
Worked closely with external vendors and internal stakeholders of the client on vulnerability assessment and penetration testing (VAPT) activities and report presentations.
Participated in security architecture reviews and threat modeling for new and existing projects to identify potential security flaws and recommend enhancements.
Drafted guidelines for securing and hardening infrastructure and applications running on the Azure OpenAI service, promoting best practices and raising awareness among development teams.
Evaluated the implications of emerging technologies, such as large language models, on AI security and formulated countermeasures to mitigate associated risks.
Remained current on developments in AI and application security by participating in vendor calls (Salesforce – Einstein) and actively engaging with the security community.

Technologies: AI Security, Application Security, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Penetration Testing, Vulnerability Management, Azure Cloud Security, Azure OpenAI Service, Salesforce Einstein, Jenkins, Security Design, Compliance, Information Security, OWASP, Data Labeling, Generative Artificial Intelligence (GenAI), Java, SaaS Security, On-premise, Kubernetes, AWS Cloud Security, Audits, Web App Security

Cybersecurity Architect & DevSecOps (Contract)

2023 - 2024

KVK Cloud Security Consulting Incorp

Worked with various clients' cross-functional teams to assess different cybersecurity issues and requirements and proposed measures and solutions.
Consolidated metrics into a centralized dashboard using various tools like Databricks and AWS QuickSight.
Created and maintained comprehensive documentation for all developed scripts and tools to facilitate seamless knowledge transfer within the team.
Participated in evaluating new tools and technologies with PoCs.
Participated actively in knowledge-sharing sessions to disseminate expertise across the organization.

Technologies: Python, DevSecOps, Amazon Web Services (AWS), Amazon CloudWatch, Vulnerability Assessment, Application Security, Databricks, Security Design, Penetration Testing, Compliance, Information Security, OWASP, Data Labeling, Generative Artificial Intelligence (GenAI), Dynamic Application Security Testing (DAST), Java, SaaS Security, On-premise, Kubernetes, AWS Cloud Security, Audits, Web App Security

Application and Cloud Security Architect

2023 - 2023

WorkSpan

Designed and implemented AWS IAM Identity Center, integrating Google single sign-on (SSO) across multiple AWS accounts.
Implemented Vanta, a SOC2 automation and reporting tool. Promoted awareness and adoption of the tool and platform among site reliability engineering (SRE) and cross-functional teams.
Owned the AWS Foundational Technical Review (FTR) engagements for the WorkSpan product hosted on AWS Marketplace.
Executed internal pen testing activities to identify the security issues and weaknesses on WorkSpan's co-sell application platform.
Drafted security standards and controls, collaborating closely with cross-functional teams to enforce these measures across cloud systems, applications, and data stores. Implemented a shared security responsibility model and shift-left mindset.
Participated in compliance initiatives as needed to achieve and maintain continuous compliance to protect customers and sensitive data.
Researched and executed POCs on new tools and processes that provide security automation to enforce continuous infrastructure and app development lifecycle security.
Drafted security incident response playbooks and contributed to the development/improvements of information security policies.
Conducted security incident investigations and designed security incident response automation flows.
Spearheaded the evaluation program for static application security testing (SAST) tools, providing valuable insights and recommendations to both the engineering and executive teams.

Technologies: Application Security, Security, Cloud Security, DevSecOps, SOC 2, Vulnerability Management, Penetration Testing, Google Cloud Platform (GCP), Python, Vulnerability Assessment, Identity & Access Management (IAM), Fuzz Testing, Data Protection, Database Security, Group Policy, Governance, Data Governance, Security Engineering, Ethical Hacking, Vanta, Infrastructure Security, Secure Access Service Edge (SASE), Cloud Infrastructure, Network Security, Security Audits, Artificial Intelligence (AI), Google Workspace, Cybersecurity Operations, Tanium, Threat Modeling, Windows, Documentation, Security Information and Event Management (SIEM), AI Security, Secure Software Development Lifecycle (SSDLC), Cryptography, Linux, Authentication, Vulnerability Identification, Cloud, Risk Management, Security Software Development, IT Management, SOC Compliance, Jenkins, Security Design, Compliance, Information Security, OWASP, Data Labeling, Dynamic Application Security Testing (DAST), Java, SaaS Security, On-premise, Kubernetes, AWS Cloud Security, Audits, Web App Security

Cloud Security Architect

2021 - 2022

SSENSE

Delivered security architectures for cloud native and distributed systems. Ran applications on microservices and serverless based environments hosted on AWS Cloud.
Used Jira as a project tracking tool. Used SonarQube, Security Hub, and Guardduty for several static application and security testing (SAST) and CSPM tools. Used AWS for security.
Carried out the opportunity of building cloud security competency and practice with needed skills in the security domain.
Delivered security standards and technical controls implementation for ongoing customer data protection initiatives. Assisted various teams in adapting them.
Built a cloud security roadmap with goals matching cross-functional teams and organizational objectives. Continued to work on the ambitious goals of the cloud security team.
Drafted security standards and controls. Worked with cross-functional teams to enforce them across cloud systems, applications, and data stores with a shared security responsibility model and "shift left" mindset.
Executed threat modeling activities to identify the security. Generated security architectural requirements for software development and product teams for remediation.
Proposed and enforced the implementation of security controls at every layer of architecture and applications. Set up a thorough defense strategy.
Participated in compliance initiatives as needed to achieve and maintain continuous compliance. Protected the customer's sensitive data. Promoted strong identity and access (IAM) policies and practices.
Worked closely with the data engineering teams. Built secure data applications and data pipelines. Adapted industry-standard data governance practices with the principle of least privilege, encryption, auditing, and monitoring controls in place.

Technologies: Cloud Security, Amazon Web Services (AWS), Security, Application Security, Microservices Architecture, Static Application Security Testing (SAST), Secure Software Development Lifecycle (SSDLC), General Data Protection Regulation (GDPR), Web Security, APIs, Full-stack, Security Architecture, Dynamic Application Security Testing (DAST), Vulnerability Management, DevSecOps, SOC 2, Management, Big Data Architecture, Big Data, DevOps, CI/CD Pipelines, OWASP Top 10, Security Operations Centers (SOC), SIEM, Software, Software Development Lifecycle (SDLC), Architecture, SecOps, Cybersecurity, IT Security, Asset Management, Docker, Terraform, Python, Vulnerability Assessment, Identity & Access Management (IAM), Fuzz Testing, Go, Data Protection, Database Security, Group Policy, Governance, Data Governance, Security Engineering, Ethical Hacking, Infrastructure Security, Secure Access Service Edge (SASE), Cloud Infrastructure, Network Security, Security Audits, Artificial Intelligence (AI), Cloudflare, Google Workspace, Cybersecurity Operations, Threat Modeling, Windows, Ansible, Documentation, Security Information and Event Management (SIEM), Automated Server Deployment, AI Security, Cryptography, Linux, Authentication, Vulnerability Identification, Cloud, Risk Management, Security Software Development, Penetration Testing, IT Management, SOC Compliance, Jenkins, Security Design, Databricks, Azure Cloud Security, Compliance, Information Security, OWASP, Data Labeling, Generative Artificial Intelligence (GenAI), Java, SaaS Security, On-premise, Kubernetes, AWS Cloud Security, Audits, Web App Security

Information Security/Cloud Security Operations (Principal)

2018 - 2021

Ingram Micro

Performed architectural reviews of hybrid cloud infrastructure and applications. Validated architecture, design and data flow diagrams for the company’s cloud business unit.
Used Jira, Azure, and AWS as native cloud security posture management tools. Utilized Azure Sentinel as a SIEM and SonarQube as an SAST.
Led auditing, monitoring, and improving the security posture of cloud enterprise workloads. Developed CSPM and CWPP programs and worked with cross-functional teams to enforce them.
Worked with different engineering leads and managers for adoption and improvements in matured DevSecOps processes. Built pipelines for security testing automation methodologies like SAST, dynamic application security testing (DAST), and SCA.
Mentored juniors and first security-incident responders during proof-of-concept (PoC) activities, incident investigations, and escalations. Developed security metrics, reports, KRIs, and KPIs for management and executive teams as needed.
Performed vendor risk assessments for the different CSPs and third-party application vendors. Maintained a risk register with a risk score. Maintained practices as a cloud security team Agile practitioner.
Researched trends, best practices, and tools in the different domains of the security industry. Developed security solutions for technical and reference architectures.
Aligned and translated business requirements into secure solutions. Reviewed technical architectures of applications and products to ensure they met modern security standards. Promoted zero-trust architectures.
Researched security industry trends and best practices to share with the organization through presentations. Hosted security training and awareness programs.
Collaborated with solution architects within the organization. Used Microsoft, AWS, and other multi-sided platforms (MSPs) and cloud vendors.

Technologies: Dynamic Application Security Testing (DAST), Security, Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Application Security, Static Application Security Testing (SAST), Full-stack, Security Architecture, Vulnerability Management, ISO 27001, General Data Protection Regulation (GDPR), DevSecOps, SOC 2, Cloud Security, Management, Microservices Architecture, Secure Software Development Lifecycle (SSDLC), Web Security, APIs, Big Data Architecture, Big Data, DevOps, CI/CD Pipelines, OWASP Top 10, Security Operations Centers (SOC), SIEM, Software, Qualys, Veracode, Software Development Lifecycle (SDLC), Architecture, SecOps, Cybersecurity, IT Security, Asset Management, Docker, Terraform, Python, Vulnerability Assessment, Identity & Access Management (IAM), Fuzz Testing, Data Protection, Database Security, Group Policy, Governance, Data Governance, Security Engineering, Ethical Hacking, Infrastructure Security, Secure Access Service Edge (SASE), Cloud Infrastructure, Network Security, Security Audits, Artificial Intelligence (AI), Cloudflare, Cybersecurity Operations, Threat Modeling, Windows, Documentation, Security Information and Event Management (SIEM), Automated Server Deployment, Cryptography, Linux, Authentication, Vulnerability Identification, Cloud, Risk Management, Security Software Development, Penetration Testing, IT Management, SOC Compliance, Jenkins, Security Design, Databricks, Azure Cloud Security, Compliance, Information Security, OWASP, Data Labeling, Java, SaaS Security, On-premise, Kubernetes, AWS Cloud Security, Audits, Web App Security

Senior Security Engineer

2018 - 2018

Zapr Media Labs

Orchestrated the delivery of DevSecOps, big data apps, and cloud security aspects for the organization. Defined the organization’s IT security policies.
Used Jira as a project tracking tool. Used AWS native security tools like Trusted Advisor, ConnectWise, SonarQube, Jenkins, and CI/CD pipelines.
Evaluated the current security posture, cloud environment, and on-premise data center. Conducted immediate and quarterly audits. Published the recommended missing best practices and security controls.
Organized and carried out vulnerability scans for web, mobile, APIs and other cloud hosted solutions.
Managed validation, authentication, authorization methods, and data flow. Enforced best practices with encryption in place.
Evaluated DevOps workflows, tools, methods, and components of CI/CD pipelines. Supervised them in adapting a shared security responsibility model.
Facilitated recognizing, adopting, and integrating industry-leading security practices in the security engineering unit of the organization. Participated in the investigation and reporting of security incidents and events.
Developed and maintained documentation and diagrams outlining data flows, endpoints, ports, protocols, and incident response plans.
Deployed hardened base Amazon machine images (AMI). Hardened web server and application server configurations as per respective benchmarks.

Technologies: Security, Application Security, Amazon Web Services (AWS), Static Application Security Testing (SAST), Cloud Security, Full-stack, Big Data Architecture, Big Data, Security Architecture, Dynamic Application Security Testing (DAST), Vulnerability Management, DevSecOps, SOC 2, Management, Microservices Architecture, Secure Software Development Lifecycle (SSDLC), Web Security, APIs, DevOps, CI/CD Pipelines, OWASP Top 10, Security Operations Centers (SOC), Java, SIEM, Software Development Lifecycle (SDLC), Architecture, SecOps, Cybersecurity, IT Security, Asset Management, Docker, Terraform, Python, Vulnerability Assessment, Identity & Access Management (IAM), Fuzz Testing, Data Protection, Database Security, Group Policy, Governance, Data Governance, Security Engineering, Ethical Hacking, Infrastructure Security, Cloud Infrastructure, Network Security, Security Audits, Artificial Intelligence (AI), Code Review, Cloudflare, Cybersecurity Operations, Tanium, Threat Modeling, Windows, Ansible, Documentation, Security Information and Event Management (SIEM), Automated Server Deployment, Cryptography, Linux, Authentication, Vulnerability Identification, Cloud, Risk Management, Security Software Development, Penetration Testing, IT Management, Jenkins, Security Design, Databricks, Compliance, Information Security, OWASP, SaaS Security, C#, On-premise, Kubernetes, AWS Cloud Security, Audits, Web App Security

Senior Software Engineer

2017 - 2018

EPAM Systems

Consulted technical personnel. Managed client requirements on industry-best practices. Discussed, persuaded, and agreed on the most innovative approaches applicable in the customer landscape.
Worked closely with the management and development organizational units. Secured enterprise-level software applications and solutions that met or exceeded client demands with an eye for the most efficient and cost-effective solutions.
Supported the organization’s offshore unit. Improved the end-to-end stability and security posture of environments and tools.
Led technology research, solution budgeting, feasibility, and evaluation. Spearheaded proof of concepts (PoC) to make imperative decisions. Trained the development teams on secure software development lifecycle (SDLC) practices.
Contributed as part of an interview panel. Reviewed DevOps Profiles in the market for the requirements and initial screening. Mentored junior engineers on the company culture, solutions, and tools.
Conducted internal audits. Led IT and cloud security policy reviews. Identified, fixed, and presented compliance related improvements to senior management.

Technologies: DevOps, DevSecOps, Secure Software Development Lifecycle (SSDLC), CI/CD Pipelines, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Amazon Web Services (AWS), Azure, Cloud Security, Security, Security Architecture, Application Security, Vulnerability Management, ISO 27001, General Data Protection Regulation (GDPR), SOC 2, Management, Microservices Architecture, Web Security, APIs, Full-stack, OWASP Top 10, Security Operations Centers (SOC), Java, SIEM, Software, Qualys, Veracode, Software Development Lifecycle (SDLC), Architecture, SecOps, Cybersecurity, IT Security, Asset Management, Docker, Terraform, Vulnerability Assessment, Identity & Access Management (IAM), Fuzz Testing, Data Protection, Database Security, Group Policy, Governance, Data Governance, Security Engineering, Infrastructure Security, Cloud Infrastructure, Network Security, Security Audits, Code Review, Cloudflare, Cybersecurity Operations, Threat Modeling, Windows, Ansible, Documentation, Security Information and Event Management (SIEM), Automated Server Deployment, Cryptography, Linux, Authentication, Vulnerability Identification, Cloud, Risk Management, Penetration Testing, IT Management, Jenkins, Compliance, Information Security, OWASP, SaaS Security, C#, On-premise, Kubernetes, AWS Cloud Security, Audits, Web App Security

Senior Software Engineer

2013 - 2017

Progress

Led all DevOps Operations. Deployed, automated, maintained, and troubleshot. Tuned multi-tier and distributed cloud-based application components hosted on AWS.
Troubleshot issues in real-time across the whole stack. Conducted audit trails and account access reviews. Worked on compliance assignments related to SOC 2.
Facilitated and provided support (for internal and external parties). Ensured cyber security incident management and response for the alerts and events triggered by SIEM, and IDS/IPS solutions.
Worked closely with the other teams to assess risk and provide recommendations for improving our security posture.
Served as the point of contact and escalation for all cloud security operations center events for the offshore unit in Hyderabad.
Assisted lower-level software engineers and new recruits to the team. Educated them about the security knowledge, tools, and processes.
Kept up to date with knowledge of current standard system security practices.

Technologies: DevOps, DevSecOps, Cloud Security, Security Operations Centers (SOC), Security, Software Development Lifecycle (SDLC), Static Application Security Testing (SAST), Veracode, Qualys, Software, SIEM, Java, OWASP Top 10, CI/CD Pipelines, APIs, Web Security, Secure Software Development Lifecycle (SSDLC), Amazon Web Services (AWS), Management, SOC 2, Vulnerability Management, Dynamic Application Security Testing (DAST), Application Security, SecOps, Cybersecurity, IT Security, Asset Management, Docker, Vulnerability Assessment, Identity & Access Management (IAM), Data Protection, Database Security, Group Policy, Governance, Data Governance, Security Engineering, Infrastructure Security, Cloud Infrastructure, Network Security, Security Audits, Windows, Ansible, Documentation, Security Information and Event Management (SIEM), Automated Server Deployment, Sumo Logic, Cryptography, Linux, Authentication, Vulnerability Identification, Cloud, Risk Management, IT Management, SOC Compliance, Jenkins, Compliance, Information Security, OWASP, SaaS Security, C#, On-premise, Kubernetes, AWS Cloud Security, Web App Security

Experience

Deployment and Configuration of AWS Native Security Tools

Completed PoCs on the latest versions of AWS native security tools like Security Hub and GuardDuty. I deployed them to production environments and configured and fine-tuned the false positives and deployment automation around them.

Deployed Azure Native Cloud Security Tools

Deployed and configured Azure native cloud security tools like Microsoft Azure Security Center and Azure Sentinel. These baselines are for cloud security posture management and cloud workload protection. I fine-tuned the alerts and documented the project implementation

Static Analysis Process Integration into CI/CD Pipelines

Deployed and configured static code. I used analysis tools and introduced secure SDLC concepts into development CI/CD pipelines. I automated the process and documented the setup. I also executed a few demos for the development teams

Education

2006 - 2008

Master's Degree in Bioinformatics

Bharathidasan University - Tiruchirappalli, India

Skills

Libraries/APIs

Java Security, OpenID

Tools

AWS SDK, Terraform, Google Workspace, Ansible, Sumo Logic, Azure OpenAI Service, Salesforce Einstein, SonarQube, Jenkins, Puppet, Chef, Amazon CloudWatch

Languages

Java, Python, C#, Go

Paradigms

DevSecOps, Management, DevOps, Security Software Development, Penetration Testing, Fuzz Testing, Microservices Architecture, DDoS, Automated Server Deployment, HIPAA Compliance

Platforms

Amazon Web Services (AWS), Linux, Google Cloud Platform (GCP), Windows, Azure, Docker, Vanta, Databricks, Kubernetes

Industry Expertise

Cybersecurity

Storage

Database Security, Data Lakes, On-premise

Frameworks

OAuth 2

Other

Dynamic Application Security Testing (DAST), Vulnerability Management, SOC 2, Cloud Security, Web Security, OWASP Top 10, Security Operations Centers (SOC), Software, SIEM, Architecture, Data Protection, Authentication, Security, Vulnerability Identification, APIs, Cloud, IT Security, Ethical Hacking, Risk Management, SecOps, Vulnerability Assessment, PCI, NIST, Software Development Lifecycle (SDLC), Identity & Access Management (IAM), Asset Management, Security Design, Security Audits, Cloud Computing, Monitoring, SSL, Load Balancers, Information Security, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), Group Policy, Governance, Data Governance, Security Engineering, Infrastructure Security, Cloud Infrastructure, Cloudflare, Cybersecurity Operations, Threat Modeling, Documentation, Security Information and Event Management (SIEM), SOC Compliance, OWASP, Data Labeling, AWS Cloud Security, Audits, Application Security, Static Application Security Testing (SAST), ISO 27001, Security Architecture, Big Data Architecture, CI/CD Pipelines, Veracode, Qualys, IT Management, Big Data, Full-stack, Mobile Security, Configuration Management, Risk Assessment, Secure Access Service Edge (SASE), Network Security, Artificial Intelligence (AI), Cryptography, SaaS Security, Web App Security, General Data Protection Regulation (GDPR), Secure Software Development Lifecycle (SSDLC), OAuth, AWS DevOps, CISO, Compliance, Code Review, Tanium, AI Security, Azure Cloud Security, Generative Artificial Intelligence (GenAI)

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring