> Spearheaded the deployment of Qualys Enterprise for vulnerability assessment, integrating VMDR, Cloud Agent, Global Asset View, and Policy Compliance modules.> Carried out security assessments, gap analyses, and requirements gathering for enterprise system environments.> Offered advice to stakeholders and developed migration strategies for transitioning legacy applications to cloud environments, aligning with business requirements.> Analyzed application security logs and monitored for suspicious activities, investigating, and responding to security incidents promptly.> Leveraged Checkmarx and Veracode Static Application Security Testing (SAST) tools to assess source code and byte code, detecting software vulnerabilities before deployment.> Executed comprehensive risk assessments and vulnerability remediation projects across 10 On-Premises networks and 5 cloud-based infrastructures.>

> Vulnerability assessment and management using Qualys Enterprise using modules VMDR, Cloud Agent, Global Asset View, and Policy Compliance.> Provide risk assessment and management inputs and remediation expertise for vulnerability remediation for various On-Premise & and cloud-based infrastructures> Execution of processes and procedures in support of the vulnerability management lifecycle from identification to remediation, to reporting.> Guided the Vulnerability Management Plan, to coordinate, monitor, and support activities in the areas of the VM program, security patch, and remediation management.> Responsible for carrying out System and network-wide Vulnerability Assessment and Penetration testing to assess the security level of systems and network devices at client’s networks.> Developed, implemented, and documented formal security programs and policies.

Had extensive interaction with Onsite Coordinators, understanding business issues, requirements, and providing end-to-end solutions.> Participated in architecture design and review sessions with IT teams, integrating security into projects, identifying risks, and implementing mitigating controls.> Investigated security alerts, identified and mitigated 10 potential breaches, and implemented a new incident response process; reduced mean time to detect security incidents.> Developed and executed incident response plans and procedures, coordinating response efforts with cross-functional teams to contain and mitigate security incidents.> Developed, deployed, and managed secure AWS cloud environments, ensuring adherence to security best practices and regulatory standards.> Code reviews and the implementation of security controls have been performed to identify and fix vulnerabilities in web and mobile applications.>

> Did penetration testing for 80+ business applications, including Vulnerability Assessments (DAST and SAST) for Web and Mobile (iOS and Android Applications) using tools such as IBM AppScan, ZAProxy, and BurpSuite Pro.> Performed risk assessments in cloud DevSecOps / CICD pipelines, including automated & and manual source code reviews and OWASP manual penetration testing of mobile & and web applications on AWS/Azure.> Assisted in review of solution architectures from security point of view which helps avoiding security related issues/threats at the early stage of project.> Designed identity and access management hierarchies to ensure secure access controls.> Managed controls and infrastructure of Active Directory GPOs and server infrastructure.