anas ahmed
Senior Security Analyst
About
Information Security Professional with 9 years of experience, including 6 years specializing in Cyber Security as a Vulnerability Assessment and Management Engineer. Experienced in leading end‑to‑end vulnerability management and technical compliance projects across servers, endpoints, networks, and applications using enterprise tools such as Qualys, Nessus, Snyk, Rapid7, Contrast Security, and similar platforms. Skilled in configuring and scheduling scans, validating and prioritizing findings, and collaborating with infrastructure and development teams to drive timely remediation in line with risk and compliance requirements. Strong background in troubleshooting scan failures and connectivity issues between scanners and hosts, joining technical bridge calls to resolve authentication, network, and agent‑related problems and ensure complete scan coverage. Passionate about strengthening security posture through continuous improvement of scanning policies, clear reporting and dashboards, and practical remediation guidance aligned to business priorities and industry best practices.
Skills & Expertise (7)
Work Experience
Associate Professional Information Security – Vulnerability Assessment
DXC Technologies
Dec 2019 - Present
Configure, schedule, and run infrastructure vulnerability scans using Qualys and Nessus across on-prem and cloud environments. Operate application security tools such as Snyk, Rapid7, Contrast Security, and Probely to identify vulnerabilities in web applications, APIs, and code dependencies. Monitor scan results, validate findings, de-duplicate issues, and prioritize vulnerabilities based on severity, exploitability, and business impact (e.g., CVSS, critical assets). Troubleshoot scan communication issues, including: No-connection/no-response between scanners and hosts. Authentication failures, credential issues, firewalls, proxies, network routing, and agent health. Sensor/connector issues for cloud or container workloads. Join bridge calls with server, network, and application teams to diagnose and resolve connectivity problems, agent deployment issues, and misconfigurations impacting scans. Work with system owners to ensure scanners have required access (ports, protocols, firewall rules, credentials, service accounts) and that agents/plugins are correctly installed and updated. Track vulnerability lifecycle end-to-end: detection, assignment, remediation planning, retest/verification, and closure in the ticketing or GRC system. Generate regular reports and dashboards on vulnerability status, trends, SLA compliance, and outstanding risk for management and technical stakeholders. Provide guidance to infrastructure and development teams on remediation options (patching, configuration hardening, compensating controls, code fixes) and help distinguish true findings from false positives. Maintain and tune scanning policies, templates, and exclusions to reduce noise while maintaining good coverage of assets and applications. Stay updated on new CVEs, vendor advisories, and exploit trends, and feed relevant threat and vulnerability intelligence into scanning and prioritization.
Information Technology Technical Support
Infosys
May 2018 - Aug 2019
Provide first-line and second-line technical support to employees onsite and remotely via chat, phone calls, and ticketing tools within agreed response and resolution times. Log, categorize, prioritize, and update all incidents and service requests in the IT ticketing system, ensuring accurate documentation of troubleshooting steps and resolutions. Troubleshoot and resolve issues related to desktops, laptops, operating systems, standard applications (email, office suite, browsers), printers, mobile devices, and basic network connectivity. Guide users step-by-step through solutions over chat or calls, using clear non-technical language and remote-support tools where appropriate. Perform onsite checks such as replacing basic hardware components, verifying cabling, resolving peripheral issues, and setting up or moving workstations. Install, configure, and update approved software, drivers, and patches on end-user devices in line with security and compliance standards. Support user account and access management tasks such as password resets, profile setup, and permissions changes according to IT procedures. Monitor open tickets, follow up with users, and ensure issues are fully resolved and properly closed with clear notes and user confirmation. Escalate complex or recurring issues to higher-level support teams (L2/L3, network, systems, application teams) with detailed technical information and logs. Contribute to and use the internal knowledge base by creating or updating articles, FAQs, and standard operating procedures for common issues. Assist with onboarding and offboarding activities, including preparing equipment, configuring user profiles, and providing basic IT orientation. Participate in scheduled maintenance, roll-outs, or office moves, providing onsite support for equipment deployment and testing.
Project Engineer
AirMech Engineers Pvt Ltd
Dec 2016 - Jan 2018
Study HVAC drawings and check that they match actual site dimensions, structural elements, and equipment locations. Conduct site surveys and mark deviations or clashes (beams, cable trays, fire lines, false ceiling levels) and highlight them to design/consultant for approval. Coordinate and supervise installation of ducts, copper piping, drain lines, insulation, VRF/VRV units, cassette units, AHUs, and outdoor units as per approved drawings and standards. Plan and manage fabrication and modification of ducts, supports, hangers, and transitions at site when drawings do not exactly match site conditions, while maintaining airflow and clearance requirements. Review builder/consultant drawings (HVAC, electrical, plumbing, fire-fighting, false ceiling) to avoid clashes and ensure proper routing of ducts and pipes. Prepare and get approval for revised shop drawings, as-built drawings, and change notes when any onsite alterations are required. Coordinate with main contractor, civil, electrical, and other MEP teams to sequence work, resolve site issues, and avoid rework. Implement and enforce safety practices at site for working at height, lifting of heavy units, cutting/grinding, and use of PPE. Attend site meetings with client/consultant (e.g., Bosch, Shell and other corporate clients) to explain technical issues, deviations, and proposed solutions.
Education
Bachelor’s Degree - Rajeev Institute of Technology, Hassan, Karnataka, INDIA (V.T.U)
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (7)
Click a skill to find developers with the same skill
