CHANDANA C MULPURI

Chandana Mulpuri has built a career at the intersection of application security, DevSecOps, Zero Trust identity governance, cloud security architecture, and site reliability engineering, with work spanning major organizations including IBM, StateFarm, and American Airlines. Her professional record reflects a sustained focus on designing enterprise systems that are not only secure and compliant, but also resilient, observable, and operationally scalable. Across regulated environments where failure can carry serious business and compliance consequences, she has consistently worked on transforming security and cloud operations from reactive processes into structured, automated, and measurable engineering disciplines.

At IBM, one of her most significant contributions came through the AI-Driven Continuous Compliance and Audit Framework (AICCAF), where, as Senior Security Specialist, she designed and implemented scalable automated security and compliance controls aligned with GDPR, HIPAA, SOX, and ISO 27001. By integrating IBM Cloud Pak for Security with enterprise SIEM tooling, she enabled real-time alerting and anomaly detection while reducing manual audit preparation time by over 60%. Her work also included Python-based automation for evidence collection and compliance reporting, collaboration with AI and data science teams to securely deploy NLP models that mapped regulatory text to internal controls, and enforcement of RBAC, IAM, and encryption standards across Kubernetes and OpenShift environments. The outcome was a 50% reduction in average audit cycle time and a 40% improvement in mean time to detect compliance violations, illustrating the practical impact of combining security engineering with automation and AI-enabled controls.

In her current role as Application Security Engineer at IBM, Mulpuri has continued to work at the core of secure software delivery by integrating tools such as Mend, Contrast, AppScan, and Invicti directly into SDLC workflows. Her contributions include secure design reviews, threat modeling, and SAST and DAST assessments, resulting in a reported 90% reduction in application vulnerabilities through proactive remediation and close collaboration with engineering teams. She has also been responsible for classifying and prioritizing vulnerabilities according to the OWASP Top 10 and for providing secure coding guidance and training across multiple projects. This work reflects a professional approach that treats security as an integral part of software development rather than an after-the-fact control.

Her experience at StateFarm adds another major dimension to her profile through the design and implementation of Zero Trust identity governance. As Senior Cloud Security Operations Engineer, she worked on the StateFarm Identity Fortress initiative, engineering access policies using Azure Active Directory Conditional Access, Identity Protection, and Multi-Factor Authentication. She also led implementation of Privileged Identity Management for just-in-time access to critical systems and automated governance processes using PowerShell and Azure Automation. This framework was deployed across more than 100,000 users with zero critical disruptions, reduced privileged access misuse risk by over 65%, and achieved 95% MFA adoption across the enterprise. Her work in this area also involved integrating SAML/OAuth-based SSO, implementing Defender for Identity, and aligning infrastructure to NIST 800-207 Zero Trust principles. This combination of scale, security rigor, and operational continuity is especially notable in enterprise identity architecture.

Mulpuri has also contributed significantly to site reliability engineering and cloud resilience. In her IBM role as SRE/Software Developer on Project Pulse, she helped design and implement an automated SRE operations framework to ensure high availability for mission-critical applications. Her responsibilities included building a unified observability platform using Prometheus, Grafana, and Azure Monitor, automating incident response workflows with Python, PagerDuty, and ServiceNow, and creating Terraform-based infrastructure automation. The project reduced critical incident MTTR by 70%, achieved 99.995% uptime across always-on services, and cut incident false positives by 60%. The telemetry and resilience framework was adopted across 12+ business-critical applications and 5 engineering teams, while chaos-engineering exercises uncovered and resolved three major resilience gaps before production exposure. This work highlights her ability to connect reliability engineering with practical risk reduction at scale.

Another important contribution came through IBM’s cloud transformation work for American Airlines, where, as IBM Cloud DevOps SRE, she helped modernize and migrate digital platforms including aa.com, mobile apps, check-in kiosks, and cargo systems to IBM Cloud. Her work included CI/CD implementation, infrastructure automation using Jenkins, GitHub Enterprise, and Terraform, Kubernetes and Cloud Foundry provisioning, and end-to-end monitoring with Prometheus, ELK Stack, and IBM DevOps Insights. This transformation supported migration of multiple business-critical applications, reduced deployment errors by over 70%, and contributed to a 30% improvement in system recovery time during live incidents. In effect, her work improved both the reliability and the agility of cloud-native airline operations.

What strengthens Mulpuri’s profile further is the combination of measurable impact and professional recognition. The source text notes recognition as an IBM Cloud Garage Developer Certificate recipient, along with acknowledgment as a Security Focal for major vulnerability reduction achievements. Her broader record shows a consistent pattern of leading security transformation through automation, embedding compliance into engineering workflows, and improving organizational resilience through secure and observable cloud operations. Rather than focusing on a single niche, her work spans the full lifecycle of enterprise security engineering—from policy enforcement and identity governance to DevSecOps and SRE.

Taken together, Chandana Mulpuri’s career reflects the profile of a technologist who has repeatedly advanced how large organizations secure, govern, and operate cloud-native systems. Her contributions combine security architecture, compliance automation, Zero Trust implementation, vulnerability reduction, and site reliability engineering in ways that are both technically rigorous and operationally meaningful. For fellowship-level consideration, she presents as a strong candidate whose work has had clear enterprise impact in regulated and mission-critical environments.