keerthi

Conducted enterprise-wide risk assessments and ISO 27001 internal audits, closing critical compliance gaps through Gap Analysis and advising leadership on remediation. Led incident response operations with root-cause investigations, implementing corrective controls across infrastructure and cloud environments. Managed Qualys-based vulnerability programs, introducing risk-based prioritization and boosting SLA compliance on critical issues. Designed and enforced IAM security policies (Conditional Access, Role Hygiene), strengthening identity governance and reducing high-risk privileges. Coordinated with GRC, Compliance, and Cloud Engineering to align controls with NIST, GDPR, and DORA frameworks. Delivered root-cause investigations and remediation strategies, hardening security posture across internal and external threat vectors.

Led incident response investigations across enterprise environments, managing triage, containment, and root-cause analysis for high-severity security events. Developed and fine-tuned SIEM detections in Splunk, improving alert fidelity and reducing false positives alerts through MITRE ATT&CK-aligned use cases and behavioral logic. Conducted threat hunting and log forensics, correlating network, endpoint, and identity telemetry to uncover malicious activity and insider threats. Supported vulnerability and exposure management initiatives, partnering with infrastructure teams to coordinate patch cycles and close critical security gaps. Authored incident reports, investigation summaries, and executive briefings, ensuring tactical findings translated into long-term security controls.

Managed access control reviews and IAM governance, ensuring least-privilege access across critical aerospace applications and infrastructure. Performed application vulnerability assessments and configuration audits, identifying security gaps and working with engineering teams on remediation. Monitored endpoint and infrastructure security posture, supporting DLP, AV, and compliance tooling across Windows, Linux, and Mac environments. Assisted in continuity and disaster recovery planning, validating backup integrity and supporting audit readiness for high-availability systems. Coordinated with compliance and audit teams to align systems with internal security standards and global regulatory requirements.

Delivered endpoint and infrastructure security services to enterprise clients, managing cross-platform security controls across Windows, Linux, and macOS environments. Administered and optimized DLP, PGP encryption, and AV platforms, improving endpoint protection coverage and reducing malware-related incidents. Conducted security breach investigations and coordinated response actions, producing actionable reports and recommendations for long-term risk reduction. Collaborated with IT operations and compliance teams to enforce security baselines, streamline patching cycles, and support audit-readiness activities.