Skip to main content
HimalayasHimalayas logo
itsme naniIN
Open to opportunities

itsme nani

@itsmenani

Cyber Security Engineer focused on PAM, SIEM-driven incident response, and DevSecOps application security.

United States
Message

What I'm looking for

I’m looking to strengthen enterprise security in regulated environments—owning PAM and SIEM-driven incident response, improving least-privilege controls, and supporting secure SDLC/DevSecOps to reduce risk and pass audits confidently.

I’m a Cyber Security Engineer with 5+ years of experience supporting enterprise security operations across manufacturing and regulated environments. I bring strong hands-on exposure to Privileged Access Management (PAM) operations with CyberArk, identity and access controls, SIEM monitoring, and incident response workflows, consistently improving access security through least-privilege and audit-driven controls.

At McKesson, I supported PAM L2/L3 tasks like account onboarding, access troubleshooting, credential rotation, and incident resolution, while integrating IBM QRadar investigations with Active Directory controls and ServiceNow security workflows. Previously at Merck Group, I strengthened secure delivery by embedding SAST/DAST/SCA into CI/CD pipelines (Jenkins, GitLab), performing threat modeling and penetration testing, and automating vulnerability assessment with Python—backed by compliance work aligned to GDPR and ISO 27001.

Experience

Work history, roles, and key accomplishments

MC
Current

Cyber Security Engineer

McKesson

Feb 2023 - Present (3 years 3 months)

Supported Privileged Access Management (PAM) operations, including access reviews, credential rotation, and policy enforcement for critical systems. Investigated privileged access events in IBM QRadar, managed service accounts and RBAC in Active Directory, and coordinated incident remediation through ServiceNow while supporting NIST/CMMC compliance evidence.

Privileged Access Management (PAM)IBM QRadar SIEMActive DirectoryIncident Response
MG

Application Security Engineer

Merck Group

Jan 2020 - Jul 2022 (2 years 6 months)

Conducted SAST/DAST and integrated SCA into CI/CD pipelines to reduce vulnerabilities before deployment. Led threat modeling and penetration testing initiatives, built Python automation for security reporting, and collaborated with DevOps and privacy/compliance teams to support GDPR and ISO 27001 requirements across Windows/Linux applications.

SASTDASTSCACI CD PipelinesThreat ModelingPenetration TestingPythonCheckmarx SonarQube OWASP ZAP Burp SuiteGDPRISO 27001

Education

Degrees, certifications, and relevant coursework

Satyabhama University logoSU

Satyabhama University

Bachelor's in Electrical and Communication Engineering, Electrical and Communication Engineering

Earned a Bachelor’s in Electrical and Communication Engineering from Satyabhama University in India.

University of North Carolina at Greensboro logoUG

University of North Carolina at Greensboro

Master's in Computer Science, Computer Science

Earned a Master’s in Computer Science from the University of North Carolina at Greensboro in North Carolina.

Tech stack

Software and tools used professionally

Splunk logo

Splunk

AWS IAM logo

AWS IAM

GitLab logo

GitLab

SonarQube logo

SonarQube

Jenkins logo

Jenkins

Gmail logo

Gmail

Java logo

Java

PowerShell logo

PowerShell

Linux logo

Linux

Windows logo

Windows

ZAP logo

ZAP

Checkmarx logo

Checkmarx

Qualys logo

Qualys

CrowdStrike logo

CrowdStrike

Cisco ASA logo

Cisco ASA

Azure Security Center logo

Azure Security Center

Ansible logo

Ansible

Zap logo

Zap

ServiceNow logo

ServiceNow

Burp Suite logo

Burp Suite

Evidence logo

Evidence

OWASP ZAP logo

OWASP ZAP

Dynamic logo

Dynamic

Jan logo

Jan

Falcon logo

Falcon

Availability

Open to opportunities

Location

United States

Authorized to work in

United States

Job categories

Cybersecurity EngineerSOC AnalystIAM Security EngineerApplication Security EngineerCloud Security EngineerSecurity EngineerInformation Security EngineerIT Security EngineerCybersecurity Systems EngineerSenior Cybersecurity EngineerLead Cybersecurity EngineerCybersecurity Engineering

Skills

NISTCMMCISO 27001GDPRHIPAASIEMSplunkQRadarAWS SecurityAzure Security CenterAWS IAMVPCAWS CloudTrailAzure NSGsSASTDASTSCACI CD PipelinesJenkinsGitlabCheckmarxSonarQubeOWASP ZAPBurp suiteNessusQualysPrivileged Access Management (PAM)ServiceNowActive DirectoryRBACPrinciple Of Least PrivilegeIncident ResponsePalo Alto FirewallsCisco ASACrowdStrike Falcon Cloud SecurityPythonPowerShellAnsibleJavaThreat ModelingPenetration TestingCrowdstrikeDynamicEvidenceFalconGmailJanLinuxWindowsZAP

Interested in hiring itsme?

You can contact itsme and 90k+ other talented remote workers on Himalayas.

Message itsme

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan