Isac Medikonda
Security EngineerAI is analyzing your overall score…
Identifying your key strengths…
Evaluating your skill match against the job requirements…
Assessing your cultural and operational fit
AI is analyzing your overall score…
Identifying your key strengths…
Evaluating your skill match against the job requirements…
Assessing your cultural and operational fit
Security Engineer with 7+ years in Threat & Vulnerability Management
Cybersecurity professional with 7+ years of IT experience, including extensive expertise in Enterprise Vulnerability Management and Threat Exposure Management. Proven experience managing end-to-end vulnerability lifecycle activities across large-scale hybrid environments using Qualys VMDR, Qualys WAS, Tenable.io, Tenable.sc, Nessus, ServiceNow, Microsoft Defender, AWS, Azure and DAST Scans. Skilled in risk-based vulnerability prioritization, CVSS, EPSS, and CISA KEV, false positive validation, remediation governance, and enterprise security reporting aligned with frameworks such as CIS Benchmarks, PCI-DSS, and ISO 27001. Experienced in deploying and managing cloud agents, scanner appliances, asset tagging strategies, and scan optimization to enhance global security coverage. Strong background in collaborating with infrastructure, application, and patch management teams to ensure timely remediation within defined SLAs. Adept at developing security dashboards, KPIs, and executive reports to improve organizational risk visibility and support audit and compliance initiatives. Recognized for analytical problem-solving, stakeholder communication, and a proactive approach to strengthening enterprise security posture against evolving cyber threats.
Jawaharlal Nehru Technological University, Kakinada
Bachelor of Technology · Electrical & Electronics Engineering
August 1, 2014 – June 30, 2018
AXA GLOBAL BUSINESS SERVICES PRIVATE LIMITED
Cyber Security Engineer – Threat & Vulnerability Management
September 2, 2024 – Present
India
U.S. TECHNOLOGY INTERNATIONAL PRIVATE LIMITED
Senior Cyber Security Analyst – Vulnerability Management
June 1, 2023 – August 31, 2024
India
TECPLIX TECHNOLOGIES PRIVATE LIMITED
Vulnerability Management Analyst
March 28, 2022 – May 31, 2023
India
J. K. TECHNOSOFT LTD
Vulnerability Management Operations Analyst
September 24, 2021 – November 30, 2021
India
YALAMANCHILI ENGINEERS PRIVATE LIMITED
Executive – Cyber Security (Vulnerability Management)
January 1, 2019 – August 21, 2021
India
YALAMANCHILI SCHOOL OF LEARNING PVT LTD
Executive – Cyber Security (Vulnerability Management)
July 11, 2018 – December 31, 2018
India
Enterprise Vulnerability & Threat Exposure Management Program
September 1, 2024 – June 1, 2026
Led and supported enterprise-wide Vulnerability and Threat Exposure Management operations to identify, prioritize, and remediate security risks across global infrastructure while ensuring compliance with internal security policies and external regulatory standards. Performed advanced vulnerability analysis, reducing false positives before reporting to stakeholders. Conducted risk-based prioritization using CVSS scores, asset criticality, and threat intelligence. Led critical vulnerability alerting and escalation, ensuring rapid remediation of high-risk findings. Assessed exposure to zero-day and actively exploited vulnerabilities and coordinated emergency response. Developed enterprise vulnerability dashboards and KPIs for security leadership and audit reporting. Supported PCI-DSS compliance scans and provided remediation evidence for audit requirements. Maintained secure configuration assessments aligned with CIS Benchmarks. Improved scanning coverage and reporting accuracy through asset tagging and scan profile optimization.
Qualys VMDR & PCI DSS Compliance
Unknown
June 1, 2026 – Present
Tenable Vulnerability Management & WAS
Unknown
June 1, 2026 – Present
OWASP Top 10, CVSS, EPSS
Unknown
June 1, 2026 – Present
Cyber Risk & Exposure Management
Unknown
June 1, 2026 – Present
Cultural Fit Analysis
The candidate's experience spans multiple companies, including large enterprises, indicating adaptability to different organizational cultures. Their consistent focus on vulnerability management across various roles suggests a dedicated and specialized career path. The project descriptions highlight collaboration with infrastructure, application, and cloud teams, which points to a team-oriented approach. However, the lack of diverse project types beyond vulnerability management might suggest a narrower scope of experience, potentially limiting broader cultural contributions in areas outside their core specialization.
Soft Skills & Operational Fit
The candidate demonstrates strong problem-solving and stakeholder communication skills, as evidenced by their ability to perform advanced false positive analysis, advise technical and non-technical stakeholders, and coordinate remediation efforts across cross-functional teams. Their experience in leading critical vulnerability alerting and emergency response indicates a proactive and responsible operational fit. The candidate's involvement in developing remediation playbooks and SLA governance frameworks suggests an ability to contribute to process improvement and operational efficiency.