Professional Documents
Culture Documents
WORK EXPERIENCE
COGNIZANT TECHNOLOGY SOLUTIONS
CYBER THREAT AND VULNERABILITY MANAGEMENT (01/2022 - PRESENT)
Gurugram, India
Liasing with internal stakeholders and senior leadership to maintain security position of
infrastructure.
Responsibility for managing the end-to-end vulnerability management workflow.
Performing configuration assessments for Policy Compliance for on-premises, remote, or in the
cloud devices.
Tracking and adhere in remediation for vulnerabilities in environment with SLA as per severity.
Checking for the security updates from various vendors and open-source channels and track critical
and emergency vulnerabilities remediation discovered in environment.
Scanning and identifying vulnerabilities associated with assets connected to the network.
Assisting with the prioritization and remediation of the identified vulnerabilities utilizing
operational best practices to maintain all tools that are used in the scanning and identification of
vulnerabilities.
Working with the Information Security Engineering team in the identification, design and
implementation of new tools as requirements arise, consolidating and rationalizing the various
vulnerability data from different scanning tools to remove duplicates, apply additional context to
provide meaningful information for metrics that help prioritize and drive remediation activities.
Strong knowledge and experience in the areas of security assessment, vulnerability management,
risk-based threat analysis, security mitigation techniques and tools like Nexpose, Insight VM and
Qualys
Analyzing logs for anomalous activity indicating a threat, identify threat actor attack methods and
track their developments. Managed 24X7 SOC Operations which include detection, tracking and
analyzing of incidents, generating daily, weekly and monthly report and preparing it in proper
format and share it with customer with proper resolution & actions taken and notifying of log
stoppage.
Security monitoring and incident response services supporting the mission to protect data,
products and infrastructure.
IDS/IPS (Intrusion Detection System/Intrusion Prevention System) monitoring.
Security monitoring and incident response services supporting the mission to protect data,
products and infrastructure.
Ensuring P1 and P2 incidents are handled according to operational procedures.
Worked on identifying the gaps in use cases by implementing Mitre Att&Ck framework.
Project 1 - Vulnerability Management
September 2018- January 2022
Conduct security assessment and scanning for vulnerabilities in networks, applications and
operating systems use automated tools.
Proactive detection and remediation of new exploits.
Knowledge of vulnerabilities and configuration settings and their exploitation in order to gain
access to networks, applications, hosts, and desktops.
Have experience in handling a very huge infrastructure of more than 5 Lakh devices and providing
recommendations on improving the security posture of the client’s enterprise.
Maintaining scan engines, report templates, scan policies and console for Nexpose
Provide recommendations on improving the security posture of the client’s enterprise.
Performing Automated Penetration testing.
Plan, coordinate and execute vulnerability assessments across the environment.
Performing Manual assessment using Nmap and Various Shell scripts to identify and review false
positives.
EDUCATION
GURU GOBIND SINGH INDRAPRASTHA UNIVERSITY, DELHI (2013-2018)
Bachelor's Degree in Computer Application
CERTIFICATIONS
EC Council CEH v10
Azure AZ-500 Microsoft Azure Security Technologies
ITIL Foundation
CCNA R&S