Oct 2025 – Present · 5 mos

Jan 2023 – Oct 2025 · 2 yrs 9 mos

• Well experienced in vulnerability management, specializing in Qualys, Tenable.IO, Tenable.SC, Kena, Burp Suite and Tanium for comprehensive infrastructure vulnerability assessments and remediation.
• Expert in utilizing Tanium for effective patch management to address identified vulnerabilities and minimize risk exposure across IT environments.
• Conducted gap analysis to assess and enhance the maturity of vulnerability management programs, ensuring alignment with industry standards.
• Consultative approach to vulnerability remediation, prioritizing true positive vulnerabilities based on exploitability and risk assessment metrics.
• Skilled in managing false positives, performing health checks on scanners, and overseeing the lifecycle of scanning assets to maintain optimal performance.
• Developed and implemented VM processes, including minimum security baseline documents in accordance with CIS benchmarks for operating systems and network devices.
• Proficient in web application penetration testing and DAST using Burp Suite , conducting assessments for leading clients in financial, retail, and public sectors, aligned with OWASP frameworks.
• Provided strategic recommendations for system upgrades and security enhancements following DAST assessments for major banks in the Middle East and USA.
• Strong collaborator, effectively engaging with IT, DevOps, and security teams to drive vulnerability management initiatives and ensure compliance with security standards.
• Mentor and leader for junior analysts, fostering a culture of security awareness and continuous improvement within teams.
• Excellent communication skills, adept at translating complex technical concepts into actionable strategies for nontechnical stakeholders.