Krishnaveni Palanivelu

Krishnaveni Palanivelu

Menu

Professional Qualifications

Cloud Architecture & Delivery

  1. Strong knowledge of cloud delivery, security, and deployment models across IaaS, PaaS, and SaaS.

  2. Deep experience conducting architectural risk assessments, cloud/high-risk exception reviews, and coordinating firm-wide cloud security initiatives.

  3. Expertise in executing Information Security directives aligned with enterprise data security policies.

Cloud Platforms & Services

  1. Hands-on knowledge of AWS, PCF, and OCI cloud platforms.

  2. Proficient in AWS core services: EC2, VPC, ELB, Route 53, S3, CloudWatch, CloudTrail, and more.

  3. Strong understanding of AWS security services:
    IAM, KMS, AWS WAF, GuardDuty, Secrets Manager, etc.

Engineering & Operational Excellence

  1. Agile Software Development, Scrum, DevOps, and SRE best practices.

  2. Expertise in Incident, Change, Release, Configuration Management, and Root Cause Analysis (RCA).

Security Architecture & Strategy

  1. Secure Systems Architecture & Strategy

  2. Defense-in-Depth Secure Architecture

  3. Cyber Security Risk Management Framework

  4. Enterprise Security Controls

Regulatory & Compliance Frameworks

Experienced in multiple international standards and regulatory frameworks including:

NIST

  1. SP 800-30, 800-39, 800-40, 800-53, 800-61

  2. SP 800-92, 800-122, 800-144, 800-145, 800-146, 500-292

ISO Standards

  1. ISO 12207, 15408, 17788, 17789, 19086, 19941

  2. ISO 20000, 22301

  3. ISO 27001, 27002, 27017, 27018, 27034, 27036, 27037, 27043

  4. ISO 31000

Additional Compliance

  1. FIPS, ITIL, HIPAA, COBIT, SOX, PCI DSS

Identity & Access Management

Deep experience in IAM programs, governance, and secure access models

Threats, Vulnerabilities & Threat Modeling

  1. Strong understanding of modern threats and vulnerabilities.

  2. Hands-on exposure to industry-standard threat modeling methodologies:
    STRIDE, PASTA, MITRE ATT&CK, Attack Trees, and tooling across AWS, Azure, and GCP environments.

Data Protection & Application Security

  1. Data Loss Prevention (DLP)

  2. DevOps Security

  3. Compute / Storage / Kubernetes

  4. SAST & DAST concepts and tools

Security Infrastructure & Defensive Technologies

  1. DDoS Mitigation

  2. Web Application Firewalls (WAF)

  3. Intrusion Detection/Prevention Systems (IDS/IPS)

  4. Network Segmentation

  5. SIEM Platforms

  6. Deceptive Technologies

  7. Threat & Vulnerability Management Solutions

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by