Khushboo Nayak

Vulnerability Management Specialist and Cybersecurity Engineer with 3+ years of enterprise experience securing large-scale environments using Qualys VMDR, Tenable.io, and QRadar SIEM. Adept at full vulnerability lifecycle management — from authenticated scanning and CVSS-based prioritisation to remediation tracking, patch management governance, and zero-day response. CEH v12 and ISO 27001 Lead Auditor with a consistent record of reducing critical exposure, shrinking remediation SLAs, and automating compliance workflows across multi-BU environments.

Security Officer at Infosys (2025-07 – Present)

Security Officer at Infosys managing vulnerability lifecycle across Coca-Cola business units

• Owned end-to-end vulnerability lifecycle management across 12 business units using Qualys VMDR; achieved 98% scan coverage and reduced critical exposure by 35% within 6 months.
• Established CVSS-based prioritisation framework, reducing remediation SLA breaches by 45% and enabling faster zero-day response across 200+ endpoints.
• Deployed 10+ Qualys Virtual Scanner Appliances with authenticated scanning, improving detection accuracy by 40% and eliminating key false negatives.
• Automated patch management governance and compliance reporting via Python, cutting manual effort by 50% and improving stakeholder visibility across 10 departments.
• Reduced SIEM false positives by 60%, accelerating mean time to respond (MTTR) by 25%.

Senior Security Engineer at Mahindra Comviva (2022-10 – 2025-07)

Senior Security Engineer managing vulnerability assessments, SIEM integration, and incident response

• Conducted CVSS-scored security assessments for 50+ applications (OWASP Top 10, CIS Controls); drove 30% reduction in high-risk vulnerabilities within 6 months.
• Integrated QRadar SIEM with 150+ log sources; built correlation rules for threat detection, reducing MTTD by 30%.
• Designed dashboards and KPIs tracking vulnerability lifecycle metrics; reduced audit gaps by 20% and supported successful ISO 27001 recertification.
• Authored incident response playbooks covering zero-day and ransomware scenarios; trained 100+ staff, improving security awareness scores by 40%.

Software Engineer at OnePoint Solutions (2022-07 – 2022-09)

Software Engineer focused on anomaly detection and compliance validation

• Developed Python-based anomaly detection scripts, reducing data integrity errors by 30% across 5 critical systems.
• Standardised compliance validation protocols, improving audit readiness and reporting speed by 35%.

MBA in IT & Project Management – Amity University (2024-01 – 2026-03)

B.Tech in Computer Science – Gandhi Institute for Technological Advancements (2018-07 – 2022-07)