Jan 2023 – Aug 2024 · 1 yr 7 mos · Bengaluru, Karnataka, India

• Extensive knowledge and practical experience in risk assessment methodologies, threat modeling, and vulnerability management frameworks.
• Able to communicate effectively with stakeholders at all levels, including executives, technical teams, and end-users, to
• promote awareness of security risks and foster a culture of security awareness.
• Implemented security best practices to harden system security, resulting in a 15% decrease in vulnerabilities.
• Strong analytical skills with the ability to identify and evaluate potential risks and vulnerabilities across diverse technology
• environments.
• Proficient in utilizing industry-leading tools and technologies for risk assessment, vulnerability scanning, penetration testing, and
• security incident response.
• Skilled in defining and implementing vulnerability management policies and procedures.
• Capable of ensuring project objectives are delivered on time and meet stakeholder expectations for quality.
• Knowledgeable in identifying and prioritizing vulnerabilities, validating vulnerability reports, and driving remediation efforts.
• Created and maintained comprehensive security documentation, including policies, procedures, and risk assessments, ensuring
• transparency and accountability.
• Implemented a robust vendor risk assessment process to evaluate third-party suppliers' compliance with security standards, mitigating supply chain vulnerabilities.

Jul 2022 – Jan 2023 · 6 mos · Bengaluru, Karnataka, India

• Researching threats, performing IT vulnerability assessments, and monitoring remediation and report metrics
• to ensure management makes information risk-aware decisions.
• Working in Vulnerability Analytics will help in identifying the risk in our organization. Tool Used Nessus Professional.
• Asset group creations and providing user permissions.
• Scheduling and running vulnerability scans on a weekly and monthly basis.
• Analyzing vulnerability reports and providing inputs to the respective teams.
• Running External network port scans to identify any exposed open ports of our public-facing domain
• and IP Address.
• Working and coordinating actively with the respective teams in resolving vulnerabilities.
• Provide the reports regularly to stakeholders and also with weekly and monthly summary reports.
• Performs comparative analysis on results collected against threats, vulnerabilities, and other malicious.
• files and samples identified from multiple sources.
• Good experience with Nessus for automated scanning of internal networks. Also, have a sound
• knowledge of Kali Linux tools for network security assessment.
• Performed Network testing and experience using tools like Nessus, Nmap, and Metasploit.
• Have experience in working on client-side projects.
• Developed and implemented a comprehensive cybersecurity strategy aligned with NIST guidelines, ensuring robust
• protection of sensitive data and systems.
• Established key performance indicators (KPIs) to measure the effectiveness of cybersecurity initiatives, resulting in
• improved incident response times and reduced security incidents.
• Demonstrated proficiency in achieving and maintaining compliance with industry standards such as PCI-DSS and
• ISO 27001, ensuring data security and regulatory adherence.

Mar 2019 – Jun 2022 · 3 yrs 3 mos

• Perform Vulnerability Scan and Web Application Scan using Qualys and Tenable.IO and Tenable.SC. Experience
• analyzing risk and prioritization of vulnerabilities, validating vulnerability reports, and driving remediation.
• Understanding of the overall threat and vulnerability management process, including metrics to
• measure performance.
• Deploying the virtual scanners in the cloud and on-premises
• Configuring the scanners and ensuring they communicate with cloud platforms.
• Setting up service accounts to perform authenticated scans.
• Testing the service account to ensure the scans are accurate.
• Setting up the scans
• Performing ad hoc scans on demand.
• Assisting Windows and Linux teams to deploy agents.
• Ensuring the agent’s connectivity to the cloud
• Troubleshooting the connectivity
• Scheduling weekly scans
• Generating weekly reports and sharing with the clients
• Attending the remediation calls
• Following up with the remediation team
• Troubleshooting the scanner appliances
• Create Report Templates
• Generate weekly reports for remediation.
• Generate monthly reports for Management.
• Host Weekly remediation call with Stakeholders
• Drive the remediation task by coordinating with stakeholders.
• Maintain Remediation tracker.
• Responsible for Vulnerability Scans
• Perform Compliance scan.
• Provide reports to stakeholders.
• Preparation of a comprehensive vulnerability report along with remediation. Performing Host Discovery.