It Security Network

Location:

Fort Lauderdale, FL

Posted:

July 10, 2025

Contact this candidate

Resume:

Bob Philippeau

(***) *** – **** – Eustis FL ***** *************@*****.***

https://www.linkedin.com/in/bob-philippeau-azure-aws-itilv4-cism-47649171/

Summary

14+ years of experience in IT Security leadership positions, with proven success leading highly skilled security teams within a large scale, high-availability IT operation with 24/7/365 accountability and has provided forensic analysis and troubleshooting to assist in the containment and remediation of security incidents working with the Incident Response team. Generating benchmark reports to make meaningful comparison and identify where to improve.

Effectively collaborate with a variety of stakeholders from top management to business and technical teams

Working knowledge of information/cybersecurity, infrastructure vulnerabilities, and network security products (hardware and software)

Over 5 years of experience working in the cloud security environment.

Over 8 years providing consulting services for multiple organizations.

Extensive work experience in Identity access management and have good knowledge about their architecture.

Experience with vulnerability assessment, penetration testing, and/or forensic analysis fields

Developing and managing DLP policies that align with the organization's data protection requirements.

Continuously monitoring data traffic and user activities to detect potential data breaches or policy violations using DLP tools.

Experience with Cloud/SaaS threats, Malware, APT’s, DDoS, Ransomware, Man-in-the-Middle, Antivirus, Malware Sandboxing, Proxy, Black/whitelisting, Firewall, UEBA (User Behavior Analytics), Reverse engineering etc.

Extensive experience using Agile and Waterfall methodologies

Familiar with IT/IS standard, policies and guidance, risk standard and industry best practices (ITIL, MITRE, SANS, OWASP, NIST, FISMA, SOX, CIS, PCI DSS, Kill Chain Analysis, ISO, HIPAA, FedRAMP, HITRUST CSF, ISO 27001/270002), Knowledge of LEAN/Six Sigma Concepts. Secure Service Edge (SSE)

Familiar with Network Protocols: TCP/IP, BGP, OSPF, VPC, HSRP, VRRP, STP, VLAN etc

Tools: Vast experience in using SIEM tools like ArcSight, Splunk, LogRhythm, Tanium, QRadar, AlienVault, Solarwind, Ansible, RSA Netwitness, Terraform, Archer and IAM AWS, SecureID; DLP Websense Forcepoint, Carbon Black EDR/CB Response, CrowdStike (MDR, XDR), SentinelOne (XDR, MDR), Rapid 7 (MDR), Proofpoint, PAM CyberArk, SailPoint (SAP), BeyondTrust Bomgar, RBAC, RSA Aveksa, Algosec etc.

Education & Certification:

BA in Computer Science from Thomas Edison State University, Trenton NJ - 2017

A.A.S in Advertising Art and Computer Graphic from Bronx Community College, Bronx NY – 2003

Technical Certificate, InterNetwork Engineer, CompTIA A+, Network+, Security+ & Linux+, MCSA, Cisco CCENT & CCNA, CEH from PCAge, Paramus NJ – 2014

Certifications: CISM, ITILv4, AWS, AZURE

Training: Azure AZ-900, SC-500, SC300, SC100; UX Design, AWS Security, AWS Cloud Practitioner, CrowdStrike, Cloudflare Zero Trust, Zero day, ZSCALER, SPLUNK, Netskope, Network Security, Palo Alto Cortex XIAM, XSOAR, SailPoint, CompTIA A+, Security+, Network+ MCSA, MCITP: Enterprise Administrator 2008, CCENT, CCNA, and Linux

Professional Experience:

Dexpert.inc

Miller Jones/Alpine/Guidepoint Security Jan 2025 – Present

Sr. Security Engineer

experience Expel (MDR, triaging, etc)

Crowdstrike Falcon EDR, endpoint

Remdiate RunZero POC is having issues with APIs not working with CrowdStrike Falcon

Verify API Credentials & Permissions to Ensure the Client ID and Client Secret for Falcon API integration are correct and Check that the API credentials have the necessary scopes and permissions in CrowdStrike

Check API Endpoints & Base URL to Ensure we are using the correct API base URL for your CrowdStrike region

Check RunZero Integration Logs or error messages to identify specific API failures

Validate API Connectivity to run cURL command or Postman request to check API response

Test API from Falcon UI to test API with the same credentials

Enable Debug Mode in RunZero to Enable verbose logging in RunZero to capture detailed API request/response logs and to Compare API request formats with Falcon’s API documentation

Checked for firewall Proxy and run update RunZero & Falcon API version

Use Mimecast abnormal cloud AI-driven email security issues

Designed and maintained security policies, rulesets, and access controls within SkyHigh SWG to ensure compliance with organizational standards.

Deployed, configured, and managed SkyHigh Secure Web Gateway (SWG) to enforce web security policies, prevent data exfiltration, and block malicious web traffic.

Administered Trellix FireEye (formerly McAfee) solutions for advanced threat detection, malware analysis, and incident response.

Automated security workflows and reporting using scripting (Python, PowerShell) or API integrations with threat platforms.

Deployed and managed Netskope Cloud Security Platform to enforce DLP, CASB, and threat protection policies across SaaS, IaaS, and web traffic, reducing shadow IT risks by 40%+.

Implemented Microsoft Purview (formerly MIP/M365 DLP) to classify, label, and protect sensitive data (PII, PHI, financial) across Microsoft 365, endpoints, and cloud apps via automated policies and encryption.

Worked with Zscaler Internet Access (ZIA) & Private Access (ZPA) solutions to replace legacy proxies/VPNs, enabling Zero Trust Network Access (ZTNA) and SSL inspection for 10,000+ remote users.

Configured and optimized Palo Alto Prisma Access for secure cloud-delivered firewall protection, integrating with Cortex XDR for advanced threat detection and response.

Integrated Netskope, Zscaler, and Microsoft Purview with SIEM (Splunk/Sentinel) to centralize logging, automate alerts, and improve incident response times for cloud security events.

Led cross-functional cloud security projects, migrating organizations from on-prem security stacks to SSE (Secure Service Edge) frameworks using Zscaler/Netskope while maintaining compliance with HIPAA/GDPR.

General security analyst functions including taking demos running POC with other vendors, triage, etc.

Used CrowdStrike EASM to discover exposed assets across cloud, domain, and IP ranges.

Mapped external attack surface, flagged risky services, and coordinated with IT for takedown or remediation.

Monitored FEM dashboards for misconfigurations, weak controls, and outdated software across endpoints.

Correlated exposure data with threat intel to prioritize patching and isolation.

Performed root cause analysis on compromised endpoints, using CrowdStrike’s telemetry and threat graphs to map attacker TTPs aligned with MITRE ATT&CK.

Led quarterly vulnerability remediation campaigns, using Armis-Tenable data fusion to reduce mean-time-to-patch (MTTP) from 90 to 45 days for critical vulnerabilities.

Generated executive dashboards mapping Armis asset inventory to Tenable vulnerability data, demonstrating 20% YOY improvement in compliance with PCI DSS/HIPAA patching requirements.

Integrated Microsoft Purview with custom applications to enhance data protection and ensure compliance with organizational security policies.

Utilized Microsoft Purview REST APIs and SDKs to programmatically access data classification, labeling, and access control features.

Managed privileged account lifecycle by onboarding, rotating, and vaulting credentials across servers, databases, and network devices using CyberArk PAM.

Integrated CyberArk with Active Directory and ticketing systems to enforce least privilege access and automate approval workflows.

Monitored and responded to alerts from CyberArk's session monitoring, proactively investigating suspicious privileged activities.

Supported CyberArk upgrades, patching, and plugin development to extend functionality and ensure compliance with internal security policies.

Deployed Purview’s Data Security Posture Management (DSPM) features to monitor data risk, uncover exposure points, and maintain regulatory compliance.

Worked extensively with Microsoft Azure services to support data governance initiatives, secure data pipelines, and enforce compliance standards.

Designed and maintained ETL pipelines with a strong focus on meeting data security and industry compliance frameworks (e.g., GDPR, HIPAA).

Led troubleshooting and root cause analysis efforts to resolve integration and security challenges related to Purview implementations.

Collaborated closely with cross-functional teams, translating complex technical details into clear updates for both technical and non-technical stakeholders.

Conducted regular internal vulnerability assessments with Rapid7 using Metasploit to simulate real-world attack scenarios and validate existing security controls.

In Rapid7 I developed and executed custom Metasploit modules to test exploitability of newly discovered CVEs across dev and production environments.

Collaborated with the incident response team to simulate phishing payloads and lateral movement for red team exercises.

Generated detailed post-exploitation reports and remediation steps, helping stakeholders prioritize patching efforts and strengthen security posture.

Administered Microsoft Intune for mobile device management (MDM), including policy configuration, device enrollment, compliance settings, and conditional access controls.

Monitored and managed Windows, iOS, and Android devices to ensure security compliance, software updates, and remote support through the Intune admin center.

Implemented application deployment strategies using Intune, including Win32 apps and Microsoft Store apps, while enforcing security baselines and endpoint protection policies.

Managed and scheduled phishing simulation campaigns with KnowBe4 tailored to different departments, tracking user susceptibility over time.

Delivered monthly cybersecurity awareness training and reporting to users and leadership, increasing engagement and reducing risky behaviors with KnowB4.

V2Soft Jan 2024 – May 2024

Client: Florida State Department of Education (FLDOE)

Sr. Security Analyst (Remote)

Implemented, configured, monitored, and supported FDOE. Assisted in the role of DEL Solutions Architect to modernize the FDOE EFS Mod application in Azure, focusing on securing the environment and configuring the landing zone.

Ensured tools like Microsoft Defender, Sentinel, and Purview were configured per FedRAMP controls

Ensured encryption in transit and at rest using FIPS 140-2 validatedknow methods across FedRAMP systems

Leveraging NIST 800-53 Rev 5 publication, ISO2001, MITRE, attack to strengthen security and privacy controls to protect sensitive information, data exfiltration, privilege escalation, credential access, persistence, defense evasion, initial access, execution, lateral movement etc.

Data Discovery: Azure Purview excels in efficiently discovering and cataloging data assets across various sources, enabling organizations to gain comprehensive visibility into their data landscape.

Deployed Purview’s Data Security Posture Management (DSPM) features to monitor data risk, uncover exposure points, and maintain regulatory compliance.

Integrated Microsoft Purview with custom applications to enhance data protection and ensure compliance with organizational security policies.

Metadata Management: to offer robust metadata management capabilities, allowing users to capture and maintain metadata attributes, lineage, and relationships, facilitating effective data governance.

DOE Encryption and DLP – MS Purview to provide data governance solutions to help manage and govern the on-premises multicloud, software as a service (SaaS) data, map data landscape and automate data discovery.

Leveraging Palo Alto Strata Cloud, CASB and Proxy Solutions to Enforcing consistent security policies for users accessing cloud applications or websites, regardless of location. Preventing data exfiltration and unauthorized access to SaaS platforms. Advanced threat prevention in real-time for both managed and unmanaged applications. Supporting Zero Trust frameworks with granular access controls.

Data Classification: With built-in data classification tools, Azure Purview assists in identifying and categorizing sensitive data, helping organizations enforce data protection policies and comply with regulatory requirements.

Ensured that privileged accounts are protected, monitored, and managed effectively to mitigate risk with overall security posture.

Combining Active Directory's identity controls with Purview's data governance capabilities to ensure that only authorized users can access and interact with sensitive data.

Leveraging Azure Purview to track how data is used, accessed, and moved across the environment, integrating well with AD’s audit and compliance mechanisms.

Leveraging Varonis to capture detailed insight into AD permissions, users, groups, and their associated access rights. Also, to map out the permissions landscape and help uncover hidden risks, like over-privileged users or misconfigurations.

Enhanced threat prevention by leveraging Prisma's advanced capabilities, including encrypted traffic inspection and real-time threat intelligence, reducing malware incidents by 40%.

Optimized cloud-delivered security by configuring Secure Web Gateway (SWG) and Cloud Access Security Broker (CASB) features in Palo Alto SSE, enhancing visibility and control over SaaS applications.

Use RSA Aveksa to automate certification access process, manage policies, troubleshoot RSA Aveksa issues, esure compliance and reporting.

Use Varonis to track and log every change in AD, including user creation/deletion, password changes, group memberships, policy modifications, and more. This helps ensure that administrators know exactly what changes were made and by whom.

Leveraging Varonis for data governance to create projects toward user behavior, access and activities.

Proficiency in writing SQL queries to extract, manipulate, and analyze data. Using SQL for data aggregation, filtering, and transformation.

Continuous monitoring of O365 security, phishing alerts and events.

Use SailPoint (SAP) Identity governance, compliance management, access request, role management.

Designed RBAC frameworks for SAP environments, reducing excessive privileges by 60% through custom SailPoint workflows

Integrated SAP HR systems with IdentityIQ to automate joiner-mover-leaver processes for 10,000+ users

Deployed IdentityIQ v8.0-9.x for Fortune 500 clients, implementing

API-based integrations with 50+ applications including SAP, Oracle, and Workday

Reduced SAP audit findings by 75% through automated attestation processes

Mapped SAP transaction codes to risk scores in IdentityIQ, enabling risk-based access approvals

Developed and Customized Identity Workflows: Created custom workflows, rules, and connectors in SailPoint to automate user provisioning, role management, and access certification processes.

Integrated SailPoint with Enterprise Systems: Developed and configured integrations between SailPoint and key systems (e.g., Active Directory, HR systems, cloud platforms) to enable seamless identity governance across environments.

Enhanced Security with Policy and Compliance Modules: Built custom access policies, separation-of-duties rules, and compliance reports to support regulatory requirements and reduce identity risk.

Ensure compliance with regulations such as GDPR, HIPAA, and SOX by implementing robust identity governance and access controls.

DDesigned custom Cloudflare WAF rules to block OWASP Top 10 threats (SQLi, XSS), reducing web attacks by 40%.

Implemented Cloudflare Bot Management with behavioral analysis, decreasing account takeovers by 50%.

Designed custom Cloudflare WAF rules to block OWASP Top 10 threats (SQLi, XSS), reducing web attacks by 40%.

Deployed Cloudflare Access for application gateways, enforcing MFA and device posture checks for 1,000+ remote users.

Leveraged Cloudflare CDN caching to improve page load times by 30% while maintaining security policies.

Familiarity with Commercial Off-The-Shelf (COTS) products MS Office, Adobe Acrobat and Salesforce

Familiarity with data visualization tools (e.g., Tableau, Power BI) to present findings.

Policy GRC Enforcement: To enable the implementation of data governance policies and rules, enforcing compliance, access controls, and data usage policies across the organization's data ecosystem.

Used Carbon Black, SecureWorks Taegis XDR working with CSIRT for incident prevention, detection and response.

Investigating and responding to alerts generated by DLP systems, determining the severity and scope of incidents, and taking appropriate actions to mitigate risks.

Use RSA Archer for risk and compliance management, incident management, internal audits, and policy management

Use CrowdStrike EDR, MDR, to respond to security incidents and coordinate with other teams to contain and remediate threats. Also, threat hunting proactively searches for potential threats or indicators of compromise (IoCs) that might not have triggered alerts.

Configuring and maintaining DLP solutions and tools to ensure optimal performance and protection.

Monitoring the SOC Operation alerts to detect, analyze, and respond to cybersecurity incidents within an organization's network

Worked on CyberArk deployment, configuring the PAM solutions to align with the organization’s policies and compliance, setting up vaults, defining access controls and integrating with existing identity management.

Use CyberArk Vault Provider in Terraform, to manage passwords, credentials, safes, and other resources in the CyberArk vault.

Applied PowerShell to automate and manage CyberArk environments, enhancing efficiency in tasks like user onboarding, password management, session monitoring, and integration with other security tools.

Working on the integration of Varonis and OKTA to significantly improve visibility into user behavior and security for sensitive data, providing advanced threat detection and response capabilities

Automate (IAM) identity lo processes, streamline user provisioning, and reduce administrative overhead.

Train users and administrators on how to use the IAM tool effectively, including self-service features and access management.

Use Varonis for data governance, data classification machine learning and behavioral analysis to detect unusual

Okta Identity and Access Management (IAM) platform to securely manage and streamline user authentication and authorization processes, to offer range of solutions for single sign-on (SSO), multi-factor authentication (MFA), user provisioning, and lifecycle management

SSE helps the organization meet regulatory requirements by enforcing consistent security policies and providing detailed reporting and auditing capabilities. increasingly adopt cloud services, SSE provides visibility, control, and protection for cloud-based applications and data.

Implementing SSO, MFA, identity governance, adaptive authentication, API security.

Used MS Defender for Endpoint (Asset, MDM, Endpoint Central Cloud, software) management and security control.

FLDS Suite of Security Tools (RQ, Grey matter, Tanium, Armis, Palo Xpanse) Palo Firewall, MS Sentinel One MDR

Configure Microsoft Sentinel in Azure, Connect data sources, such as Azure Active Directory, Microsoft 365 Defender, and other cloud or on-premises systems.

Enable log collection and ensure data ingestion from connected sources In MS Sentinel.

Motoring alerts and investigating threats in Microsoft Sentinel

Use Tanium for real-time visibility to manage endpoints vulnerabilities, suspicious behaviors, incident detection, compliance check, applying security patches and more.

NAC – Aruba Wireless and Aruba ClearPass and familiarity with NAC tools implementation and configuration.

Familiar with AKAMAI cloud computing, security, DDoS mitigation and contend delivery network (CDN), BMC Remedyforce ticketing system for response.

Managed and configured Akamai Kona Site Defender (KSD) to protect web applications against OWASP Top 10 threats, DDoS attacks, and advanced layer 7 attacks.

Fine-tuned WAF (Web Application Firewall) rulesets and security policies within Akamai to ensure accurate threat detection and minimize false positives.

Aligned WAF rules with BIA outcomes, prioritizing protection for revenue-impacting applications.

Integrated KnowBe4 with SIEM and ticketing tools for alerting high-risk users and automating follow-up training assignments.

Analyzed training completion metrics with KnowBe4 and click-through rates, using results to refine future training content and phishing tactics.

Delivered monthly cybersecurity awareness training and reporting to users and leadership, increasing engagement and reducing risky behaviors with KnowBe4.

Tools: NIST CSF 800-53, ISO 27001/27002, Mars-E, ITIL, MITRE, Mars-E – GDPR.

Wipro April 2021 to July 2023

Client: US. Bank, Honeywell, Corn Products International, INC (Remote)

Cyber Security Analyst-L4/CSOC Lead (Remote

Monitoring and reporting with Service Now (SNOW), Leverage ServiceNow’s automation features to streamline tasks like ticket routing and incident resolution.

Conducted BSA/AML (Anti-Money Laundering) compliance monitoring, ensuring adherence to regulatory requirements through DLP policy tuning and suspicious activity reporting.

Developed incident severity matrix based on BIA results, reducing MTTR for critical systems by 35%.

Automated Splunk alerts for BIA Tier-1 systems during DDoS attacks.

Working with CSIRT and SIRT team to manage incidents, Configure log retention policies. Manage costs related to log storage and data queries.

Incident response, threat hunting, vulnerability management, and SIEM. Administer Bit9 Carbon Black Detection to Investigate, respond to Incident and Hunting for Threats, create rules monitor incidents, respond to them, and remediate using Carbon Black (EDR).

Managing and optimizing the use of Microsoft Sentinel within the organization, Monitor log ingestion for capacity and performance.

Configure alert severity and thresholds and Develop analytics rules to detect threats in Microsoft Sentinel.

Integrate Sentinel with third-party SIEMs, ticketing systems, or security tools.

Sending random, unexpected, or invalid data to the API to identify how it handles edge cases and potential security flaws.

Work Commercial Off-The-Shelf (COTS) products to update MS Office, Adobe Acrobat and Salesforce

Analyzing the API's codebase to identify vulnerabilities without executing the code.

Protects against injection attacks (e.g., SQL injection, XSS) by validating and sanitizing input data.

Implementing OAuth2, JWT (JSON Web Tokens), and other industry standards for secure API interactions.

Ensuring that the API meets specific security standards and regulatory requirements (e.g., GDPR, HIPAA).

Familiar with RabbitMQ concept facilitates the exchange of messages between applications, systems, or services.

Administer Websense Forcepoint DLP user behavior analytics to protect roaming users against Advanced Threats and data theft on and off the network. To quickly identify and protect sensitive data and provide actionable forensic insight into attacks on endpoint devices on or off network.

Managed Proofpoint TAP/ETP to block 99.7% of phishing/malware emails via advanced sandboxing and URL rewriting.

Investigated 200+ email incidents/month using Proofpoint Threat Response, accelerating remediation by 40%.

Integrated Proofpoint with SIEM (Splunk) to correlate email threats with endpoint/network alerts.

Developed Python scripts to automate quarantine releases and threat IOC extraction.

Managing data loss prevention (DLP) policies, encryption, and identity management.

I triaged and investigated alerts to differentiate between false positives and actual threats, and promptly responded to threats flagged by MSSPs for further investigation.

Familiarity with database management systems (DBMS) like MySQL, Oracle, or SQL Server.

Proficiency in using SQL for data aggregation, filtering, and transformation.

Proactively hunted for threats during downtime, utilizing online resources such as Joe Sandbox, AlienVault, and others as necessary to identify suspicious behaviors.

Identifying and addressing vulnerabilities within the O365 environment.

Configuring security settings and policies within Office 365 (e.g., Exchange Online, SharePoint Online, OneDrive for Business).

Troubleshot and resolved issues related to SSL/TLS decryption, traffic steering, and policy enforcement in F5 SSLO.

Conducted regular updates, patches, and tuning of Trellix FireEye appliances to maintain optimal threat detection efficacy.

Implemented and optimized F5 SSL Orchestrator (SSLO) for advanced traffic decryption, inspection, and threat mitigation across hybrid environments.

Managed and configured Akamai Kona Site Defender (KSD) to protect web applications against OWASP Top 10 threats, DDoS attacks, and advanced layer 7 attacks.

Optimized web performance by implementing Akamai CDN solutions, improving page load times by up to 40% and enhancing user experience for global audiences.

Strengthened cybersecurity posture by deploying Akamai’s Web Application Firewall (WAF) and DDoS mitigation services, reducing security incidents by 30%.

Integrate Algosec with network security devices and systems, including firewalls, cloud platforms, and SIEM solutions to manage their security policies, track network changes, and automate security changes

Experience Cisco Fire Power Next-Generation Firewall (NGFW) that combines sets of security features into one, to help protect the organization against breatches and other malicious activities.

Deploy SailPoint Solutions: Assist in the installation and configuration of SailPoint IdentityNow or IdentityIQ solutions.

Collaborate with IT, security, and compliance teams to align SailPoint configurations with organizational goals and policies.

activity, such as abnormal access patterns, potentially identifying insider threats or compromised accounts.

Monitor GRC and ensure compliance with relevant regulations, such as GDPR, HIPAA, SOX, etc.

Assist in internal and external audits by providing necessary data and reports from RSA Archer.

Use Imperva suite of security solutions to protect an organization’s data and applications from cyber threats

Use MS Purview Data for data governance, classification, investigation and management, configuring security policies and controls for data protection and Integrating Netskope with existing security infrastructure like firewalls, SIEMs, and identity providers.

Supported incident response activities, ensuring all IR steps met FedRAMP documentation and timing standards

Conducted monthly vulnerability scans using tools like Qualys or Nessus and documented remediation plans

Ensured tools like Microsoft Defender, Sentinel, and Purview were configured per FedRAMP controls

Handled Threat Intelligence, Vulnerability Management, conduct Metasploit testing, and perform Vulnerability Assessments and Utilized CyberArk to manage and secure privileged access within the organization

Setting up Netskope solutions across cloud environments.

Used Nessus to scan for vulnerabilities and Strong documentation skills for creating detailed reports and security assessments.

Performed vulnerability assessments and compliance scans using ACAS (Nessus) to identify security gaps and ensure adherence to DISA STIGs, NIST, and CIS benchmarks.

Analyzed ACAS scan results, prioritized vulnerabilities based on risk, and collaborated with IT teams to implement remediation plans (patches, configuration changes).

Used Rapid7 MDR suite to deliver cybersecurity solutions that assist organizations in identifying, prioritizing, and mitigating security risks.

Use RSA Archer for risk and compliance management, incident management, internal audits, and policy management

Managed and optimized Fortinet Next-Generation Firewalls (NGFW), including policy configuration, logging, and threat intelligence integration.

Implemented FortiAnalyzer for enhanced log correlation, incident detection, and compliance reporting.

Experienced in managing and deploying VMware Workspace ONE for unified endpoint management and secure application delivery.

Conducted firewall rule audits to enhance security posture and ensure compliance with security frameworks.

Deployed and maintained FortiClient EMS for endpoint protection and secure remote access management.

Skilled in configuring Workspace ONE for seamless device enrollment, policy enforcement, and user access management across various platforms.

Used PDQ Deploy tool for automating software deployments and managing updates across Windows networks.

Led weekly reviews of EASM findings to reduce public-facing risks across hybrid environments.

Used FEM to validate vulnerability coverage gaps missed by other scanners (Qualys/Nessus).

Built dashboards to track exposure trends and report on time-to-remediate metrics.

Use Qualys to help identify, prioritize, and remediate vulnerabilities across the organization using Qualys agent to provide continuous monitoring and assessment of endpoints.

Use Qualys Comprehensive scanning for OWASP Top 10 vulnerabilities and other web application security issues.

Integration with Qualys VMDR, WAS, and other Qualys solutions.

Use Qualys EASM to help the organization to identify and manage

Contact this candidate