Jhasha Keshan Sai Jaddu

Description: Providing complete security to a leading client in Australia. All the servers in client Network are Scanned to ensure the smooth functioning. Evaluating if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities and recommends remediation or mitigation, if and whenever needed.

Project Roles and Responsibilities:

• Led the governance and oversight of enterprise-wide vulnerability management using Qualys VMDR, ensuring continuous risk visibility and regulatory compliance.
• Defined and enforced vulnerability scanning policies, SLAs, and remediation workflows across multiple business units in alignment with internal security baselines and industry standards (e.g., NIST, ISO 27001).
• Administered and maintained Qualys modules including Vulnerability Management, Patch Management, and Asset Inventory, ensuring asset coverage and scan completeness across cloud and on-prem environments.
• Developed and implemented risk-based prioritization models using CVSS scores, threat intelligence feeds, and Qualys TruRisk to guide remediation efforts.
• Regularly collaborated with IT, infrastructure, and application teams to track remediation progress, remove false positives, and reduce the backlog of high/critical vulnerabilities.
• Delivered executive-level dashboards and detailed reports using Qualys and third-party SIEMs (e.g., Splunk, QRadar) to communicate trends, KPIs, and exceptions.
• Facilitated internal/external audits and compliance assessments by producing documented evidence of vulnerability management governance practices.
• Provided training, playbooks, and awareness materials to stakeholders on Qualys usage, remediation guidelines, and threat exposure reduction.

• Project: Vulnerability Management
• Project Roles and Responsibilities:
• Working on the vulnerability management tools, Tenable and Nexpose.
• Performing and monitoring weekly scans on the Asset Inventory received from customer.
• Evaluating scan results and classifying vulnerabilities on the basis of Severity.
• Assigns those vulnerabilities to the respective remediation teams with help of ticketing tool ServiceNow.
• Conducting Weekly team meetings to review status of the issues and to provide process updates.
• Preparing weekly reports and updating the Dashboards.
• Performing Health checks and updating Scanners status in the respective portals.
• Performing the Ad-hoc scans on the customer request and sharing the scan results.
• Preparing monthly reports and presenting them to the higher management.
• Troubleshooting the Scanner issues.
• Performing Upgradation activities when it is required.
• Participating in Monthly support call with Customer.
• Representing the team in CAB calls.
• Will document the tickets fully with all the action taken for the incident and update it on frequent basis and maintain ticket quality by documenting it with all the required comments.

• Worked on the Vulnerability management tool Nexpose. Scheduling and performing Vulnerability Scans on client networks to identify the vulnerabilities exist if any and coordinate till closure. Handling the complete incident management framework cycle right from incident identification, incident containment, performing root cause analysis, suggestion and implementation of preventive and corrective controls and perform network analysis as needed on a case to case basis.
• Project: Security Monitoring and Operations
• Project Roles and Responsibilities:
• O Participate in weekly and monthly review calls with Customer.
• O Analyzing Phishing and Spam related activities and notifying to the users.
• O Basic knowledge on the Arc Sight, Qradar ESM SIEM (console & web console) providing operations support at the Security Operations Center for different member firms.
• O Working on Real time network traffic by analyzing the logs from IDS and Firewalls through SIEM Tool.
• O Security Incident Response and closure of Incidents within SLA using Service Now & Service Desk
• O Preparing daily and weekly dashboard on the security threats and trends on the network.
• O Used the escalation process for multiple user impacting incidents all the time and keep update the management about the progress of incident.