Security Operations Engineer
CurrentIn Vulnerability Management (VM), I conducted weekly scans, validated findings, and communicated results to stakeholders to ensure timely remediation and risk mitigation. I handled vulnerability tracking, including newly discovered vulnerabilities, documentation (PoC), closure, and post-vulnerability reporting, enabling system owners to optimize security operations and strengthen the overall security posture.In Penetration Testing (VAPT), I utilized tools like Burp Suite, OWASP ZAP… Show more In Vulnerability Management (VM), I conducted weekly scans, validated findings, and communicated results to stakeholders to ensure timely remediation and risk mitigation. I handled vulnerability tracking, including newly discovered vulnerabilities, documentation (PoC), closure, and post-vulnerability reporting, enabling system owners to optimize security operations and strengthen the overall security posture.In Penetration Testing (VAPT), I utilized tools like Burp Suite, OWASP ZAP, Wireshark, and Kali to assess system security and provide actionable remediation recommendations. My tasks included mitigating vulnerabilities such as open redirects, sensitive information exposure, OWASP Top 10 issues, and privilege escalation.As part of Incident Response (IR), I led efforts in response to critical events, including Zero-Day vulnerabilities, phishing email analysis, and major incidents like the CrowdStrike global outage in 2024. I identified, contained, and eradicated threats, minimizing business impact.In Endpoint Detection and Response (EDR), I validated alerts, fine-tuned detection rules, and ensured timely responses to security incidents, improving alert accuracy through statistical analysis.In Threat Intelligence and Hunting, I proactively identified and investigated threats using intelligence feeds, contributing to early detection. I measured threat detection and response effectiveness, analyzing trends, tracking KPIs, and reducing incident response times.I contributed to Governance, Risk, and Compliance (GRC) by implementing security policies, conducting risk assessments, and contributing to SOC 2 and HIPAA compliance. I developed Standard Operating Procedures (SOPs) for Incident Response, Threat Intelligence, and Vulnerability Management, streamlining workflows and enhancing efficiency.I have led cross-functional security teams, driving threat resolution, improving customer satisfaction, and ensuring compliance. Show less