About
Cybersecurity professional with 4+ years of experience at EY, specialising in end-to-end Vulnerability Management across large enterprise environments. Proven ability to manage multi-client VM programs covering 7,000+ assets, drive asset-based remediation prioritisation, and deliver executive-level reporting to senior stakeholders. Hands-on experience in infrastructure penetration testing (internal and external) including discovery of directory traversal vulnerabilities, weak credential exploitation, and service version analysis. Now actively expanding into structured web application and infrastructure penetration testing. Holds industry certifications in Qualys, CEH, CRTP, and Azure Security.
Skills & Expertise (17)
Work Experience
Senior Consultant – Cybersecurity
EY
Oct 2025 - Jan 2026
Continued leading the enterprise VM programme for a large automotive manufacturing client, managing continuous live scanning across a multi-thousand asset environment with numerous active vulnerability findings. Served as primary point of contact for client stakeholders, conducting regular calls with patching and infrastructure teams to drive remediation and escalate critical risks. Monitored Microsoft monthly patch releases, tracked application status across the estate, and maintained accountability for patch compliance reporting. Tracked zero-day and emerging CVEs, assessed applicability to the client environment, and initiated urgent remediation workflows where required.
Cyber Security Consultant
EY
Oct 2023 - Oct 2025
Managed end-to-end vulnerability management for an inventory of ~7,000 assets, executing authenticated and unauthenticated scans across servers and endpoints using Qualys VMDR. Built and owned a biweekly executive reporting framework in Excel and PowerPoint, consolidating vulnerability status, service-level breakdowns, retest outcomes, and SLA adherence — presented directly to client stakeholders. Conducted internal and external infrastructure penetration testing, identifying vulnerabilities including directory traversal exposing sensitive employee data, SSH weak/default credentials, and exploitable services identified via version-based CVE research. Performed vulnerability triage, CVSS-based risk prioritisation, and false-positive analysis to ensure high-fidelity reporting and focus on business-critical risks.
Associate Consultant – Cybersecurity
EY
Jul 2022 - Oct 2023
Performed vulnerability assessments using Qualys across client infrastructures, supporting enterprise-scale VM programmes. Conducted vulnerability triage, validation, and CVSS-based risk classification; contributed to false-positive analysis and remediation tracking. Supported infrastructure security testing and basic penetration testing activities using Kali Linux tooling. Collaborated with senior consultants to analyse scan results, recommend mitigations, and contribute to client-facing deliverables.
Technology Consultant Intern
EY
Jan 2022 - Jun 2022
Assisted in vulnerability scanning, result analysis, and report preparation within enterprise VM engagements. Gained foundational exposure to security assessment methodologies, Qualys workflows, and professional reporting practices.
Education
MSc – Cyber Security - Amity University Rajasthan, Jaipur
2020 - 2022 · India
BSc – Mathematics & Computer Science - Villa Marie Degree College for Women
2017 - 2020 · India
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (17)
Click a skill to find developers with the same skill
