• Hi!
    I'm Naveen

    As a cybersecurity consultant with hands-on experience at EY and a Master's from Penn State, I specialize in Penetration Testing, Red Team assessments, and network security configurations. Let's strengthen your digital defenses together.

    Download CV

About

Who Am I?

Cybersecurity enthusiast with 2 years of experience in Cybersecurity Consulting. Strong communication and leadership skills, offer a diverse skill set with experience in Network and Web Application Penetration Testing, Red Team assessments, and configuration review of Network devices

Network Security

Penetration Testing

Cloud Security

Web Application Security



Certifications

Here are my Certifications

Icon Image

Certificate of Cloud Security Knowledge

Certified by the Cloud Security Alliance (CSA), Demonstrating expertise in securing data in the cloud

Icon Image

CompTIA Security+ SY0-701

Possessing a strong understanding of core cybersecurity concepts

Icon Image

Cisco Certified Network Associate

Proficient in networking, IP routing, switching, and network security.

Icon Image

AZ-900: Microsoft Azure Fundamentals

Proficient in Azure tech, knowledgeable about Microsoft's cloud solutions.

Icon Image

Certified AppSec Practitioner

Certified by SecOps, proficient in application security practices.

Icon Image

Certified Network Security Practitioner

Certified by SecOps, proficient in network security methodologies.

Icon Image

Certified Cyber Security Analyst(C3SA)

Certified by Cyber Warfare Labs, proficient in cyber security analysis techniques.

Icon Image

EY Cybersecurity - Learning

Offered training programs to enhance expertise in cybersecurity strategies and techniques.

Icon Image

Python Certification by HackerRank

Showcasing knowledge & proficiency in Python development and problem-solving.

Projects
Clients Handled
Ransomware Attacks Handled

Technical Skills

Computer Networks

Penetration Testing

Red Teaming

Secure Configuration - Firewalls, Routers, Switches

Python

SQL

Application Security

Cloud Security

Incident Response

Vulnerability Assessment

Soft Skills

Leadership

Communication

Client Relationship

Team Player

Tools

Burp Suite

Nmap

Nessus

Metasploit

Cisco Packet Tracer

Nikto

Education

Education

During my journey through the Masters degree at the Penn State University Park campus, I immersed myself in advanced cybersecurity methodologies, honing my skills to tackle real-world challenges in this dynamic field.

Relative Coursework:

  • Information Security and Assurance: Explored principles and practices to safeguard information assets and mitigate security risks.
  • Ethical Hacking and Penetration Testing: Delved into offensive security techniques to identify and remediate vulnerabilities in systems.
  • Theories and Methods of Information Sciences and Technology Research: Acquired knowledge of research methodologies essential for advancing in the field of information sciences and technology.
  • Cybersecurity Analytics: Analyzed data to detect and respond to cyber threats effectively, utilizing advanced analytics techniques.
  • Network Management and Security: Developed skills in managing and securing network infrastructure to ensure reliable and secure communication.
  • Software Security: Explored techniques to identify and mitigate security vulnerabilities in software applications, ensuring robust security posture.

Relative Coursework:

  • Data Structures and Algorithms: Covered fundamental algorithms and data structures essential for efficient problem-solving and software development.
  • Database Management Systems: Explored the design, implementation, and optimization of database systems for data storage and retrieval.
  • Operating Systems: Studied the principles and mechanisms underlying modern operating systems, including process management, memory management, and file systems.
  • Computer Networks: Examined the architecture, protocols, and technologies underlying computer networks, including local area networks and the Internet.
  • Software Engineering: Learned software development methodologies, best practices, and tools for designing, implementing, and testing software systems.
  • Machine Learning and Artificial Intelligence: Explored techniques and algorithms for machine learning and artificial intelligence applications, including supervised and unsupervised learning.

Experience

Work Experience

Icon Image

Cybersecurity and Privacy Intern @Grant Thornton June 2024-Aug 2024

  • Perform technical security testing, including cyber-attack simulations and threat and vulnerability assessments.
  • Support cybersecurity assessments consisting of security architecture reviews, system configuration reviews and cloud security evaluations.
  • Support cybersecurity incident response readiness activities, including tabletop exercises and evaluations of incident response capabilities.
Icon Image

Teaching Assistant @Pennsylvania State University - College of Information Sciences and Technology JAN 2024-MAY 2024

  • Assisting the instructor for two courses EA 876: Architecting Enterprise Security and Risk Analysis and IST 866: Threat Hunting and Offensive Cybersecurity under Dr. Edward J. Glantz.
  • Responsible for assisting with in-class activities, specialized software or virtual labs, providing feedback on writing, grading assignments, out-of-class tutoring, and other learning-focused responsibilities.
Icon Image

Senior Cybersecurity Analyst @ Ernst & Young (EY) JULY 2022-JULY 2023

  • Conducted security assessment of 97 firewalls for a client during a ransomware attack incident. Provided comprehensive recommendations and delivered results under stringent timelines.
  • Executed network Vulnerability Assessment and Penetration Testing (VAPT) and Red Team assessments for Fortune 500 clients to assess the vulnerabilities of Internet, Intranet connected systems, networks, and applications including Windows and Linux.
  • Hands-on experience in performing Web Application Security testing. Demonstrated proficiency in OWASP Top 10 vulnerabilities and mitigations, and worked with security testing tools such as NMAP, Nessus, Kali Linux, Wireshark, Burp Suite, Acunetix, and others.
  • Conducted comprehensive cloud security audits for leading steel manufacturing company, resulting in identification and mitigation of vulnerabilities, ensuring compliance with industry standards and protecting sensitive data (AWS, GCP, Azure).
  • Performed secure Configuration review of Switches, Routers, Firewalls & Endpoints and provided remediation strategies.
  • Conducted offensive cyber drills and simulated real-world scenarios to test the effectiveness of security measures and assisted in curating process and procedure documents for incident response playbooks.
  • Collaborated on drafting technical proposals to onboard potential clients.
  • Awarded for excellence in client delivery on firewall secure configuration activities and leading the network team for incident response.
Icon Image

Cybersecurity Intern @ Ernst & Young (EY) FEB 2022-JULY 2022

  • Conducted comprehensive configuration review of over 200 network devices, including switches and routers, for one of India's largest tire manufacturers
  • Performed thorough vulnerability assessment and penetration testing at the client's location, utilizing industry-standard tools and techniques. Provided detailed remediation strategies to enhance network security and minimize risk.
Icon Image

Security Engineering Intern @ Hitachi Vantara Jan 2022-Feb 2022

  • Collaborated closely with Incident Response and Data Protection teams to evaluate and strengthen network Security through hands-on penetration testing and vulnerability assessments.
  • Conducted simulated phishing campaigns and spear phishing assessments for Red Team Engagements and client readiness evaluation.
My Work

Project Work Experience

Domain: Cybersecurity | Role: Content Writer | Location: Nagpur, India

  • Actively authored articles on cybersecurity topics, fostering awareness and knowledge sharing in the industry.
  • Published works include "Securely Configuring Firewalls to Protect Your Network" and "The Art of Brute-Forcing Subdomains."

Final Year Project | Domain: Machine Learning and Deep Learning | Role: Team Lead | Feb 2021 - May 2021 | Nagpur, India

  • Led a team to develop a rotoscoping tool using PyTorch and OpenCV libraries, which significantly enhanced the efficiency of VFX artists by reducing the time required to rotoscope a single frame or video from days and months to mere minutes.
  • Utilized OpenCV and PIL libraries to convert videos into streams of images, followed by semantic segmentation on all frames to categorize each pixel into one of the 21 predefined features, and applied corresponding colors to each pixel.
  • Provided users with the option to select the resolution of the output video, including 256x256, 512x512, and 1024x1024.

Final Year Project | Domain: Machine Learning and Deep Learning | Role: Team Lead | Sept 2021 - Jan 2022 | Nagpur, India

  • Collaborated to develop a ResNet CNN-based tool for realistic makeup simulation on facial images, enabling alteration of hair and lip colors.
  • Utilized BiSeNet for feature segmentation, identifying key facial features such as eyes, ears, lips, nose, and hair, and applied Gaussian blur for smooth color transitions.
  • Published a research paper in the International Journal of Health Sciences, contributing to advancements in the field of AI-enabled makeup tools.

Get in Touch

Contact

Icon Image

naveenreddypogalla@gmail.com

Icon Image

https://www.linkedin.com/in/naveenreddy11/