Maintain security standard and ensure compliance by the respective teams. Ensure periodic review of security devices and closure of identified risks. Ensure timely responses and closure of regulatory and compliance related activities. Monitoring the activities performed by the incident management team. Performed risk analyses to identify appropriate security countermeasures. Recommend improvements in security systems and procedures. Provided technical leadership focused on defensive security and security operations. Onboarded a large number of security logs to Qradar such as zScaler, Palo Alto Firewal, DLP log, EndPoint Protection CS along with Cloud Trail Logs and Email security Logs. Counselled senior-level management on current privacy and security trends and recommendations to mitigate risk. Applied leading theories and concepts to development, maintenance and implementation of information security standards, procedures and guidelines. Prepared and managed large capital expenditure budgets to effectively handle infrastructure investment and long-term operations. Designed & Developed or recommended measured to ensure successful up-time of our security infrastructure Collaborated on SIEM (QRadar) functional requirements: Logging events, collection, Field Normalization, correlation. Experties on key customer personal on micro design element for SIEM system: such as data/event source collection and methods Asset risk weighting criteria asset classification Developed and implemented performance improvement strategies and plans to promote continuous improvement. Provided technical leadership focused on Offensive security and security operations. Has experience using open source scanning tools such as Rapid7, Qualys. Experienced on Non-Agent base/ Agent based Vulnerability Scan. Assessed vendor services for compliance with company policies. Helped to research, vet and onboard new vendors, set up contracts and establish connections. Maintained current documentation and submitted timely reports Manual & Tool based Vulnerabilities Assessments, False Positive Analysis, Root cause identification and Recommendations. Determine if the remediation plan required Patching or an upgrade, granting an exception, Remediation Plan and Mitigating Controls Remediation Tickets in Qualys for False Positives, request evidence as needed. Batch close tickets in Qualys with approved remediation plan in place. Applied leading theories and concepts to development, maintenance and implementation of information security standards, procedures and guidelines. Counseled senior-level management on current privacy and security trends and recommendations to mitigate risk. Reassigns tickets to Requester if more information is needed due to incomplete request, Close tickets in Qualys and approved risk exceptions for certain time.