About Me
Hi, I’m Phani Varun Munukuntla, a Software Engineer with a strong focus on security, specializing in building scalable, automated, and reliable systems across applications and infrastructure. My experience spans backend development, cloud-native systems, and embedding security best practices into CI/CD pipelines and development workflows.
Building Secure, Scalable Infrastructures, One Line at a Time
I’m an engineer who enjoys solving complex system problems by building scalable, automated software with security built in. My work spans backend systems, DevSecOps pipelines, threat modeling, and detection automation in fast-paced environments.
If you're looking for someone who can build, adapt, and grow with your team—let's connect and make it happen.
Skills
Frontend and Backend Development
Python
MySQL
HTML
CSSSecurity Tools
Burp Suite
OWASP Zap
Metasploit
Splunk
Nessus
Wireshark
NmapTools & Technologies
Git
Docker
AWS
KubernetesCertifications
CompTIA Security+
Google Cybersecurity Professional
AWS Cloud Security
TryHackMe Security EngineerTryHackMe DevSecOpsFeatured Work
Policy-Driven Code Reviewer
Designed a policy-driven backend analysis platform to evaluate pull requests for correctness, performance, and security, enforcing CI/CD controls to prevent high-risk code regressions before merge.
Automated Web Security Testing Engine
Built a Python framework to simulate OWASP Top 10 web attacks, automate exploit testing, and validate defenses using secure coding and DevSecOps principles.
SOC Monitoring with ELK Stack
Implemented SOC monitoring using ELK Stack to analyze host- and network-based logs, detect incidents, and map attacker behavior.
Secure Cloud File Management
Implemented client-side encryption/decryption using WebAssembly and Web Cryptography API to secure cloud data and prevent leakage.
My Experience
Graduate Assistant - Software Security
University at Buffalo, State University of New York
March 2025 — December 2025
Buffalo, United States
- Analyzed and modified application source code to identify and remediate security vulnerabilities using secure coding practices.
- Implemented input validation and authentication logic through code changes to reduce application-level security risks.
- Applied threat modeling concepts to drive secure design decisions and guide design-informed code modifications.
- Performed static and dynamic security testing, iterating on code fixes to validate remediations and improve security.
Network Security Associate
EduSkills Foundation® Supported By Fortinet
May 2023 — July 2023
Virtual Internship
- Analyzed network traffic logs using Wireshark to detect anomalies and gain insights into potential threats.
- Simulated common network-based attacks to study their behavior and evaluate defense strategies.
- Explored and recommended security policies covering firewalls, IDS/IPS, and access control measures.
- Developed a foundational understanding of network protocols, endpoint security, and best practices in threat detection.
Information Security Administrator
Virtually Testing Foundation
September 2022 — November 2022
Virtual Internship
- Conducted web application vulnerability assessments aligned with the OWASP Top 10, identifying and documenting potential risks.
- Analyzed simulated attack scenarios using the MITRE ATT&CK framework, mapping threats to relevant tactics and techniques.
- Recommended effective mitigation strategies to strengthen application security and reduce exploitable weaknesses.
- Collaborated on mock incident response exercises, refining structured analysis, reporting, and presentation skills for both technical and non-technical audiences.
Contact Me
Get In Touch With Me
Location
New York, United States