Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Timeline
Core Competencies
Generic

Kashif Ali

Summary

Dynamic and results-driven Senior Vulnerability Management Subject Matter Expert with over eight years of experience in cybersecurity, specializing in enterprise-level vulnerability management programs. Combines deep technical knowledge with governance, stakeholder engagement, and program leadership to drive strategic initiatives. Proven track record in integrating Tenable scanning with CrowdStrike endpoint intelligence, enabling risk-based vulnerability prioritization and aligning asset discovery across multiple platforms. Adept at supporting executive reporting and governance alignment while fostering collaboration across security, infrastructure, and endpoint teams to enhance overall cybersecurity posture.

Overview

16
16
years of professional experience
1
1
Certification

Work History

IT Software Release Manager

TechieBrain
12.2016 - Current
  • Planning and execution of code migration to GitHub, helping team with branching strategy applying policies for rules around code promotion
  • Leading and mentoring developers to write secure software through activities like defensive programming techniques, usage of security frameworks, and performing threat modeling.
  • Functional knowledge on State and federal Health Plans and adherence to various audits and compliance
  • I have hands-on expertise implementing Tenable
  • Worked effectively in fast-paced environments.
  • Strong operational and implementation experinece on CrowdStrike Falcon
  • Experience in enterprise security environments
  • Expernce with various cloud services and asset tracking as IaC for AWS/Azure/GCP clouds using Vulcan and Rapid 7 for DasT implementation and campaingns
  • ServiceNow or Jira experience
  • Strong client-facing communication skills
  • GitHub Action setup for Build job pipeline
  • Integration with GitHub, JFrog, SonarQube for Build, Code scan
  • Setup up AWS CodeCommit, CodeBuild, SQ, CodeDeploy, Monitoring and CloudWatch
  • Jira integration with Source Control version tool for KB setup for daily tracking of RFCs for ePMO
  • Implemented version control practices using Git, ensuring smooth integration of code changes with minimal conflict and faster resolution of merge issues.
  • Managed the deployment of software releases to both on-premises and cloud environments (AWS, Azure), ensuring high availability and scalability.
  • Developed and maintained automation scripts for build, test, and deployment workflows, reducing manual intervention by 40%.
  • Collaborated closely with development, QA, and operations teams to coordinate release schedules and troubleshoot post-release issues.
  • Conducted regular codebase and configuration audits, resulting in improved code quality and reduced downtime.
  • Plan, deploy, and configure networking and cybersecurity systems by minimizing security threats
  • Maintain and audit EMR (Electronic Medical recording) and look for any PHI violation
  • Setup Business process Automation for TPM- Total provider management project with integrating remote Git with LA Care GitHub, and setting up Agile process for CICD deployment.
  • Leading and mentoring developers to write secure software through activities like defensive programming techniques, usage of security frameworks, and performing thread modeling.
  • Cloud Virtualization using Microsoft ARM Azure, Infrastructure and Operation strategy planning for VM. DB, Security and Deployment planning
  • With Several years of experience in Information technology, with a focus on cybersecurity and Vulnerability management using SonarQube and application monitoring
  • Review and enhance configuration changes, firewall policies, DDoS protection, and client security posture to optimize ROI and network security control effectiveness
  • With Strong knowledge of data protection and disaster recovery processes, understanding of firewalls, proxies, SIEM, antivirus, and patch management concepts
  • I have ability to lead and motivate a team, and work well under pressure
  • Up-to-date knowledge of the latest security principles, techniques, firewall, tunneling and working of various protocols
  • Run daily scrum and triage QA bugs and review post release plan
  • Part of CAB team to approve RFC’s and involve in go-no-go decision making.
  • Setup Process template based on projects for different teams thru planning Release Train pipeline, work item types for bug fixes, enhancements and production support team
  • Experience in planning and implementation of automation pipelines
  • To support non-native Microsoft stack I was able to setup Atlassian tools sets such as Bit bucket, Jira and Confluence and can able to setup and integrate CICD with Jenkins, SQ and Deployment tools
  • Worked consistently with ServiceNow and Jira ticking tools
  • Align asset discovery across Tenable, CMDB, and CrowdStrike and splunk
  • SonarQube Integration with VSTS, Jenkins for Code Check in, Build and Code Scan.
  • Worked closely with the functional, technical, business teams to meet release deadlines.
  • Creation/setup of new branch policies, check-in, check-out policies to mitigate delays in meeting release deadlines.
  • Training the new member on RM process and also setting up the application on their local machine.
  • Upgraded various CI/CD tools like Jenkins/JIRA using SDLC process and supported upgrading the software patches and worked with vendor for any issues to completion
  • Self-motivated, with a strong sense of personal responsibility.

Lead Microsoft technologist/DevOps

Teachie Brain Vendor
08.2016 - 11.2017
  • Managed multiple software releases and deployments across development, staging, and production environments.
  • Automated build and deployment processes using Jenkins, significantly reducing build times and improving the consistency of releases.
  • Worked with cross-functional teams to ensure accurate version control and release management processes, aligning with agile development practices.
  • Supported the migration of legacy build systems to modern tools and processes, improving release reliability and efficiency.
  • Monitored and troubleshot issues related to deployment pipelines, ensuring high system availability and stability during releases.
  • Coordinated on-site and off-shore team to meet deadlines to priorities Bug and Enhancement before release.
  • Coaching developers, DBA, Testing and BA team for Timely delivery of DevOps Strategy items.
  • With a proven track record in onboarding data and enhancing detection capabilities of Microsoft Sentinel or similar SIEM/SOAR platform.
  • Actively leading in conducting system tests and vulnerability audits
  • Participate and test incident response plan and mitigate risk management conducting audits
  • Conduct information security training and awareness programs
  • Ensure compliance with the changing laws and applicable regulations
  • Oversee vendor risk management including the review of vendor contracts
  • Report to executive management about the status of the information security program, security incidents and progress of the security improvement plan
  • Keep Ops on latest intelligence, including hackers’ methodologies, in order to anticipate security breaches
  • Familiar with web protection technologies like FTPS, email gateways, firewalls, intrusion detection/prevention systems, and web application firewalls.
  • Excellent knowledge with JIRA, TFS other ALM, CI/CD tools and proficiency with MS Visio and rational rose for business model interpretation to real time scenario
  • Good understanding of scripting languages such as python, terraform, yaml, for creating build & CICD templates.
  • Worked closely with functional and release team to meet release deadlines.
  • Creation/setup of new branches based upon project requirements.
  • Training the new member on CM policies and also setting up the application on their local machine.
  • Created Batch/PowerShell Scripting for deploying the applications to different environments.
  • Responsible for installing window services and batch jobs on QA environments.
  • Set up websites, applications, app pools in the IIS including authentications & securities.
  • Detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
  • Created and maintaining “IT Security Champions” for each product area. Assist in the development & creation of risk assessments to drive direction, decisions and remediation.
  • Continuously assess the current state of security to recommend life cycle of security technologies.
  • Assist in defining the exception processes and making exception decisions.

SRE and Build and Release

Infosys Technologies
12.2009 - 11.2016
  • Develops and maintains the build environment, the source code control system and the issue tracking systems.
  • Creates and tests builds, resolves issues, applies labels to file and communicates build status.
  • Assist engineering management in making choices for source code management systems, and other development
  • I have developed and implemented security policies and procedures (P&Ps) and standard operating procedures (SOPs)
  • Conduct system tests and oversee vulnerability audits
  • Test an incident response plan and recovery procedures
  • Conduct information security training and awareness programs with vendors and Enterprise team
  • Ensuring and being in compliant with the changing laws and applicable regulations
  • Oversee vendor risk management including the review of vendor contracts
  • Report to executive management about the status of the information security program, security incidents and progress of the security improvement plan
  • Keeping up to date with the latest intelligence, including hackers’ methodologies, in order to anticipate security breaches

Education

Masters - Information Science

IGNOU Masters Degree in Information Science
09-2010

Bachelors - Communication Engineer

KBNCE College of Engineering
08-2004

Skills

  • Tech Skills: ServiceNow, SPlunk, GitHub, GitLab, Jenkins, Maven, Nexus, JFrog, Jfrog xray, SonarQube, Quality gate, Snyk, Vulcan, BMC Footprint and Cloud version, Jira Service management,CI/CD, DevOps, App security, DevSecOps and Monitoring, Metrics reporting

Accomplishments

  • Led enterprise-wide vulnerability management program for 1000+ assets, increasing scan coverage from 15% to 40% and reducing critical exposure window by 15% within 12 months.
  • Defined and implemented a multi-year vulnerability management roadmap aligned to NVD/CWE controls, raising program maturity from ad hoc to formalized risk-based operations as measured by internal audits.
  • Operationalized CrowdStrike Falcon policies and response actions in conjunction with vulnerability findings, decreasing repeat exploitation attempts on previously vulnerable hosts.
  • Partnered with endpoint engineering to tune Falcon detections tied to unpatched vulnerabilities, lowering noise while increasing detection of high-impact threats.
  • Created executive-level vulnerability scorecards and quarterly board reports that tied remediation progress to business risk, influencing funding for key patching and hardening initiatives.
  • Established governance forums with risk, infrastructure, and application leaders to review KPI/KRI trends, resulting in 10% improvement in SLA adherence and exception management.
  • Led a virtual squad across security, infrastructure, and endpoint teams to drive coordinated SBOM campaigns, clearing more than 2000 critical vulnerabilities in 6 months.
  • Developed playbooks and runbooks for vulnerability triage and remediation, reducing operational friction and standardizing response across Windows, Linux, and cloud teams.

Certification

  • PMP Certified
  • ITIL and
  • Azure Certification

Timeline

IT Software Release Manager

TechieBrain
12.2016 - Current

Lead Microsoft technologist/DevOps

Teachie Brain Vendor
08.2016 - 11.2017

SRE and Build and Release

Infosys Technologies
12.2009 - 11.2016

Masters - Information Science

IGNOU Masters Degree in Information Science

Bachelors - Communication Engineer

KBNCE College of Engineering

Core Competencies

  • End‑to‑end lifecycle: Asset discovery, authenticated scanning, validation, tracking, remediation, and re‑testing in continuous cycles.
  • Tool proficiency: Deep, hands‑on use of major scanners (for you, emphasize Tenable) and integration with EDR platforms like CrowdStrike Falcon, ticketing, CMDB, and reporting tools.
  • Risk‑based analysis: Using CVSS, threat intelligence, exploitability and asset criticality to decide what gets fixed first
  • Program design: Defining policies, SLAs, scope, and a repeatable process (discover → assess → prioritize → remediate → validate → report).
  • Governance and compliance: Mapping vulnerability activities to frameworks and regulations HIPAA, PHI and PII etc. and supporting audits with evidence and metrics.
  • Metrics and reporting: Building KPIs/KRIs such as coverage, MTTR, SLA adherence, and trending risk posture for both technical and executive audiences.
  • Cross‑team coordination: Working closely with infrastructure, application, cloud, and endpoint teams to schedule patches, exceptions, and changes without disrupting the business.
  • Stakeholder communication: Translating technical vulnerabilities into business risk so leaders can make informed decisions on remediation vs. risk acceptance.
  • Continuous improvement: Reviewing scan findings, incidents, and metrics to refine scope, tooling, and processes over time.

Similar Profiles

CREATE PROFILE
Kashif Ali