Feb 2025 – Jul 2025 · 5 mos · Mumbai, Maharashtra, India

• Handling Vulnerability Management and Secure Configuration Assessment for one of TCS' Financial Client.
• Overseeing daily Vulnerability and Configuration Assessments using Qualys’ various tools and modules.
• Responsible for tool administration, optimization,
• and ensuring smooth functionality.
• Act as a checker for vulnerability reports, also filter False Positives by thoroughly investigating and assessing them.
• Creating custom reports and dashboards tailored for client presentations.
• Conducting Windows OS, Linux OS, Database, Custom OS, Network devices’ secure configuration assessment using Qualys, based on CIS, RBI Guidelines to ensure optimal security and hardening.
• Guiding and assisting Junior Analysts and other non tech teams w.r.t to security best practices and vulnerability remediation.

Apr 2024 – Feb 2025 · 10 mos

• Served as the GRC SPOC for Europe region, managing comprehensive risk assessments for multiple vendors and IT infrastructure, covering physical security, application business impact analysis (BIA), and vendor onboarding processes.
• Oversaw risk management for vendors across countries such as Spain, Germany, Russia, Ukraine, England, Belgium, and Portugal, working closely with IT managers and vendors to assess, mitigate, and resolve risks in alignment with organizational objectives.
• Led risk assessments for critical IT infrastructure, ensuring both physical and digital assets were thoroughly protected. Spearheaded business impact analysis (BIA) efforts, identifying potential vulnerabilities that could disrupt operations and applying proactive strategies to mitigate these risks.
• Managed vendor onboarding risk assessments, ensuring that all third-party vendors adhered to the organization's compliance requirements and security protocols before integration. Regularly engaged with cross-functional teams and vendors to maintain a transparent and effective risk governance structure, ensuring adherence to governance standards and regulatory requirements.

Nov 2022 – Mar 2024 · 1 yr 4 mos

• Led Real-time Threat and Vulnerability Management, Risk Management & Assessments for a diverse clientele including multinational corporations (MNCs), banks, and non-profit organizations, overseeing vulnerability scanning, assessment, prioritization, and tracking for over 100k assets. (from Implementation till automation of the VM process)
• Analyzed IT infrastructure security using expertise in various security tools (Qualys,
• Kali Linux, nmap, Nessus, Rapid7,etc.) to identify, classify, and prioritize vulnerabilities, minimizing false positives and proposing effective remediation solutions.
• Work and developed the automation of vulnerability management process with the help of a dedicated developer’s team.
• Aggregated vulnerabilities across assets, assigning appropriate risk levels to guide mitigation strategies and resource allocation within the organization. Proactively identified and reported critical system defects, preventing potential cyber intrusions and safeguarding company & client data, filtered false positives while investigation them deeply and providing out of the box solutions for the
• vulnerabilities to the IT Infra, Developers, DB and etc. teams.
• Collaborated with cross-functional teams (e.g., IT Operations, Development) to
• implement industry best practices in cybersecurity, reducing the organization's
• overall cyber risk profile.
• Prepared and presented comprehensive security reports to CISO, informing strategic decision-making and resource prioritization

May 2022 – Oct 2022 · 5 mos

• Began my career in cybersecurity, learning about vulnerabilities, risk, threats, many security tools and security best practices under some great mentors.
• Got Hands on with Qualys, Nessus, Rapid 7, Tenable for vulnerability management activities.

Jan 2022 – Mar 2022 · 2 mos · Navi Mumbai, Maharashtra, India · Hybrid

• Troubleshoot issues with hardware, software, and other technical systems, and find solutions to problems
• Document and track issues and solutions for future reference
• Collaborate with cross-functional teams to resolve complex technical issues
• Conduct training sessions for new employees and customers on technical systems and tools
• Monitor and analyze system performance, identifying and addressing potential issues proactively.
• Assisted with testing and implementation of software and hardware updates.

Dec 2020 – Jun 2021 · 6 mos · Navi Mumbai, Maharashtra, India · On-site

• Assistance in the design and implementation of network infrastructure including routers, switches, firewalls, WAF, VPN, IPS as well as CCTV Cameras.
• Monitoring network performance and troubleshooting any issues that arise.
• Assisting in the implementation of security protocols to defend against threats.
• Keeping abreast of new technologies and industry trends to identify potential improvements to the network infrastructure.