Senior Cybersecurity Analyst — Vulnerability Management
Tennessee Valley Authority · Chattanooga, TN
Sep 2021 — Present
- Improves the vulnerability program, reducing exposure risk through threat intelligence analysis and coordinated remediation using CVSS, Tenable VPR, and SSVC.
- Leads triage of HackerOne submissions, validates exploits in production-sandbox environments, and ensures secure remediation before production deployment..
- Collaborates with the threat team using integrated AI-assisted workflows into offensive operations to support tooling development, phishing pretext generation, and OSINT enrichment.
- Integrates Tenable vulnerablity data into ServiceNow workflows to accelerate remediation and patching actions across business units, along with managing agents and increased credentialed scanning
- Perform's web application and network penetration tests using Acunetix, Burp Suite, and related tools to uncover critical vulnerabilities and commnicated remediation steps to affected owners.
- Migrated the Vunlerabilty Disclosure Program from HackerOne to Bugcrowd, improving program efficiency and reducing platform costs.