• Spearheaded adoption and compliance of NIST SP 800-171, 800-53, and latest Cybersecurity Maturity Model Certification, enhancing security of controlled unclassified information across non-federal systems.• Authored and operationalized over 30 comprehensive System Security Plans (SSPs) and Plans of Actions and Milestones (POA&Ms), resulting in a 40% improvement in audit readiness and risk mitigation.• Improved overall security posture by regularly updating antivirus software, firewalls, intrusion detection systems, and other protective measures as required.• Designed and implemented comprehensive cybersecurity policies and procedures, aligning with industry standards and frameworks to bolster client security postures.• Collaborated with cross-functional teams to ensure seamless adoption of security practices, driving awareness and compliance across client organizations.• Perform analysis of Qualys vulnerability and compliance scans based on criticality and compliancy and tracking all remediation effort.• Ensured regulatory compliance by conducting thorough audits of information systems and security controls.• Worked closely with Chief Information Security Officer (CISO) to develop and execute security initiatives and programs for effective risk management.• Collaborated with software development teams to integrate security best practices into the development lifecycle, reducing vulnerabilities by 30% and enhancing software resilience.

• Monitor security event logs and alerts to identify and investigate potential security incidents.• Conduct thorough analysis of security events to determine the scope, impact, and root cause of incidents.• Coordinate incident response efforts, including containment, eradication, and recovery activities.• Document incident findings, response actions, and lessons learned for continuous improvement.• Assist in the development, implementation, and enforcement of information security policies, standards, and procedures.• Conduct periodic security audits and compliance assessments to ensure adherence to regulatory requirements and industry best practices.• Provide guidance and support to internal stakeholders on security-related matters, including data protection and access control.• Stay abreast of the latest cybersecurity threats, trends, and technologies through continuous monitoring and research.

• Analyzed phishing emails including email headers, malware, source code, act as a first responder to system attacks and compromises to determine threat vectors and provide initial remediation.• Escalated incidents when necessary, using policies and procedures, closely involved in developing, tuning, and implementing threat detection analytics.• Monitored security sensors and review logs to identify intrusions.• Conducted scheduled maintenance, upgrades, and patch updates.• Oversaw malware detection, containment, and remediation.• Monitor security alerts and events in real-time using SIEM tools to detect potential threats and incidents.