Avinash Pathuri
Senior Lead Information Security Engineer
Hyderabad
Summary
Senior Lead Information Security Engineer with deep expertise in security policy exception assessments, risk acceptance, and network security governance within large-scale enterprise environments. Proven leader in driving exception lifecycle management, designing efficient intake and assessment processes, and ensuring security decisions follow approved enterprise security standards and designs. Strong background in firewall governance, hybrid cloud security (AWS, VMware NSX), and M&A connectivity risk assessments, with hands-on experience using ServiceNow, OpenPages, and Tufin. Known for translating security policy into practical, auditable controls while enabling secure business operations.
Overview
12
12
years of professional experience
5
5
Certifications
Work History
Senior Lead Information Security Engineer
S&P Global
Hyderabad
08.2018 - Current
- Lead security exception risk assessments across network, application, and infrastructure domains, ensuring alignment with information security policies are being fallowed.
- Drive continuous process improvements by designing standardized, use-case–based exception questionnaires, significantly reducing assessment time for recurring exception requests.
- Designed and implemented ServiceNow (SNOW) exception intake forms with dynamic use-case selection and conditional questions, enabling requesters to submit complete risk information upfront and minimizing back-and-forth with InfoSec teams.
- Manage the exception lifecycle, including validation of remediation evidence and exception closure in OpenPages when risks are mitigated or exceptions are no longer required.
- assess M&A and third-party connectivity risk assessments, ensuring external entities meet corporate security baselines; facilitate risk acceptance when business requirements outweigh remediation feasibility.
- Define and apply a risk acceptance framework for legitimate business scenarios where remediation is not immediately possible, ensuring documented risk ownership and approvals.
Network Security Engineer
Wipro Technologies
01.2017 - 06.2018
- Designed and implemented Software-Defined Data Center (SDDC) security architecture using VMware NSX, enabling secure network segmentation and policy-driven controls.
- Created Low-Level Design (LLD) documentation for SDDC NSX architecture, detailing security zones, traffic flows, firewall policies, and integration points.
- Implemented NSX firewall rules to securely enable internet-facing access for critical payment applications (e.g., UPI, BHIM) and controlled internal connectivity between application tiers.
- Provisioned and managed Windows and Linux servers on VMware infrastructure, supporting production and non-production workloads.
- Created and maintained CIS-aligned golden images for Windows and Linux servers; remediated reported vulnerabilities and raised exception requests with InfoSec when remediation was not feasible.
Firewall Engineer
UBS Financial Services
06.2015 - 05.2016
- Developed and improved Firewall Rule Lifecycle Management (FWRLM) processes to analyze, define, document, and track firewall rule changes, ensuring auditability and alignment with security controls.
- Reviewed and validated network firewall configurations against internal policies and applicable industry security and compliance standards, working closely with firewall implementation teams.
- Created and maintained firewall policy configurations, ensuring accurate documentation of rule intent, ownership, and approval for all enterprise firewalls.
- Conducted internet exposure investigations by identifying servers accessible from the internet, validating associated firewall rules, confirming business ownership, and documenting justifications in Tufin SecureTrack per UBS governance requirements.
- Identified high-risk exposure scenarios where no approved firewall rules existed for internet-facing servers and raised P1 incident tickets for immediate investigation and remediation.
Network Security Engineer
Accenture
Hyderabad
03.2014 - 05.2015
- Verified that firewall configurations and live traffic flows aligned with approved business requirements and security policies, ensuring compliance with organizational and regulatory standards.
- Supported change management and vulnerability management processes to reduce security risks and maintain compliance across network infrastructure.
- Developed repeatable processes and procedures for firewall reviews, reducing effort for future assessments and lowering operational overhead.
- Raised and managed firewall change requests using enterprise change management tools (BMC Remedy) and contributed to compliance reporting in a global network environment.
Education
B.Tech - Computer Science
Kshatriya College of Engineering
Armoor 04.2001 -
Skills
Infosec Policy Exception Assessment
InfoSec Policy Exception Risk Assessment
Security Architecture
ADSA (Active Directory Security Assessment)
Algosec (Orchestration & firewall rule reviews)
Alkira, AWS, Tanium, Tenable
SNOW , Open Pages (GRC)
Accomplishments
- Active participant in leading security conferences (Nullcon, BlueHat, OWASP);
- Winner – BlueHat AppSec Village Competition, recognized for hands-on application security skills and practical vulnerability exploitation and analysis.
Certification
CCNA
Timeline
AZ 104
08-2021
AZ 500
08-2021
Senior Lead Information Security Engineer
S&P Global
08.2018 - Current
AWS Solution Architect
05-2017
Network Security Engineer
Wipro Technologies
01.2017 - 06.2018
Firewall Engineer
UBS Financial Services
06.2015 - 05.2016
Network Security Engineer
Accenture
03.2014 - 05.2015
CCNA
05-2013
CEH V8
05-2013
B.Tech - Computer Science
Kshatriya College of Engineering
04.2001 -