May 2022 – Sep 2024 · 2 yrs 4 mos · San Francisco Bay Area

• ▪ Create use cases for various threat actors /scenarios.
• ▪ Create use cases for entire MITRE ATTACK framework.
• ▪ Use Anvilogic to adapt the threat use cases for eBay’s environment.
• ▪ Use Splunk to onboard different logs and data and to build and test the threat scenarios.
• ▪ Use Sentinel-One to help threat hunting team to detect threats in our environment.
• ▪ Working alongside CSIRT, Threat Hunting team and Red teams to help them secure the
• environment.
• ▪ Conducted regular vulnerability assessments and penetration testing to identify
• weaknesses in the network and proactively address them.
• ▪ Developed and updated security policies and procedures to ensure compliance with
• industry standards and regulations.
• ▪ Mentored and trained junior team members on threat detection techniques, tools, and best
• practices.
• ▪ Collaborated with external vendors and security researchers to stay up-to-date on the
• latest threats and security trends.
• ▪ Participated in red team exercises to simulate real-world attacks and identify areas for
• improvement in the organization's security posture.
• ▪ Prepared and presented comprehensive reports to senior management, highlighting key
• findings, recommendations, and risk assessments.

Jul 2021 – Apr 2022 · 9 mos · San Francisco Bay Area

• ▪ Administrating Prisma SaaS products use cases.
• ▪ Led the design and implementation of Palo Alto Networks' SaaS security product, providing
• comprehensive protection for cloud-based applications and data.
• ▪ Architected secure cloud access solutions, integrating Palo Alto Networks' next-generation
• firewalls and cloud security services to ensure robust security for SaaS applications.
• ▪ Conducted thorough risk assessments and gap analyses to identify vulnerabilities and
• develop strategies for mitigating risks in SaaS environments.
• ▪ Developed and implemented advanced threat prevention measures, leveraging Palo Alto
• Networks' Wildfire and DNS Security services to proactively detect and block known and
• unknown threats.
• ▪ Collaborated closely with cross-functional teams to develop and enforce security policies
• and procedures for SaaS applications, ensuring compliance with industry regulations and
• best practices.
• ▪ Led security audits and assessments of SaaS environments, identifying and remediating
• security vulnerabilities and ensuring adherence to organizational security standards.
• ▪ Provided expert guidance and support to internal teams and clients on the configuration
• and optimization of Palo Alto Networks' SaaS security product, ensuring maximum security
• and performance.
• ▪ Managed and executed the vulnerability management program, including vulnerability
• scanning, assessment, and remediation activities.
• ▪ Conducted regular vulnerability assessments using industry-leading tools, such as Nessus
• and Qualys, to identify security weaknesses and prioritize remediation efforts.
• ▪ Collaborated with cross-functional teams to develop and enforce vulnerability management
• policies and procedures, ensuring compliance with regulatory requirements and industry
• best practices.
• ▪ Led the coordination and tracking of vulnerability remediation efforts, working closely with
• system administrators, developers, and other stakeholders to ensure timely resolution of
• identified vulnerabilities

Feb 2020 – Oct 2020 · 8 mos · Texas, United States

• Create Detection use cases and writing detection scripts
• ▪ Threat hunting using ELK stack, Splunk Phantom, & Vulnerability scanning
• ▪ Threat hunting with Red Team and Penetration Testing
• ▪ Vulnerability Assessment of various web applications.
• ▪ Collaborate with SOC Analysts, Security Engineering, and Security Architecture, Threat
• and Provide documentation to maintain, develop and create runbooks and SOPs.
• ▪ Analyze malicious traffic and IOCs hits for attributing to threat actors.
• ▪ Led and conducted red team engagements to assess the effectiveness of the
• organization's security controls and identify potential vulnerabilities and weaknesses.
• ▪ Designed and executed sophisticated simulated attacks, emulating real-world threat
• scenarios to evaluate the organization's resilience against advanced adversaries.
• ▪ Collaborated with cross-functional teams to develop and enhance the organization's red
• teaming methodologies, tools, and techniques.
• ▪ Conducted in-depth research on emerging threats, attack vectors, and exploitation
• techniques to continuously improve the effectiveness of red team engagements.
• ▪ Provided comprehensive reports and recommendations to senior management,
• highlighting vulnerabilities and suggesting remediation strategies to strengthen the
• organization's security posture.
• ▪ Acted as a subject matter expert on offensive security techniques, providing guidance and
• support to internal teams on improving their defensive capabilities.
• ▪ Mentored and trained junior team members, sharing knowledge and expertise on red
• teaming methodologies and tools.

Jan 2019 – Jan 2020 · 1 yr · Greater New York City Area

• ▪ Led and executed complex red team engagements, simulating real-world attack scenarios
• to assess the organization's security posture and identify vulnerabilities.
• ▪ Developed and implemented innovative red team methodologies, tools, and techniques to
• enhance the effectiveness of assessments and identify potential weaknesses.
• ▪ Collaborated with cross-functional teams to develop and maintain comprehensive red
• teaming frameworks, ensuring consistent and rigorous testing of the organization's security
• controls.
• ▪ Conducted in-depth reconnaissance and intelligence gathering to identify potential attack
• vectors and exploit vulnerabilities effectively.
• ▪ Performed advanced penetration testing and exploitation techniques to assess the
• organization's resilience against sophisticated adversaries.
• ▪ Provided comprehensive reports and recommendations to senior management, outlining
• vulnerabilities discovered during red team assessments and suggesting remediation
• strategies.
• ▪ Developed and implemented a comprehensive vulnerability management program,
• establishing processes and procedures for identifying, assessing, and remediating
• vulnerabilities within the organization's systems and applications.
• ▪ Conducted regular vulnerability assessments and scans using industry-leading tools,
• ensuring timely detection and prioritization of vulnerabilities based on severity and impact.
• ▪ Collaborated with cross-functional teams to define and enforce vulnerability management
• policies, ensuring compliance with industry standards and regulations.
• ▪ Implemented and configured vulnerability scanning tools, such as Nessus or Qualys, to
• automate vulnerability assessment processes and streamline remediation efforts.
• ▪ Developed and maintained vulnerability dashboards and reports, providing senior
• management with actionable insights on the organization's security posture.

Apr 2018 – Dec 2018 · 8 mos · New London County, Connecticut, United States

• ▪ Performed real-time proactive Security monitoring and reporting on various Security
• enforcement systems, such as Splunk (SIEM), MacAfee EPO, Carbon Black, Malware
• Analysis, Firewalls, IDS& IPS etc.
• ▪ Create use cases for threat detection
• ▪ Collaborate with SOC Analysts, Security Engineering, and Security Architecture, Threat
• and Provide documentation to maintain, develop and create runbooks and SOPs for CTI
• and iSOC
• ▪ Analyse malicious traffic and IOCs hits for attributing to threat actors
• ▪ Research, analyse, and provide reports on attacker campaigns as required
• ▪ Analyst develops, documents, and presents general and technical presentations on
• security threats to business units
• ▪ Administrating Carbon Black to do host-based monitoring.
• ▪ Working in SOC to apply security awareness to Cyber Kill Chain management as well as
• using moving target defence approach.
• ▪ Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS,
• HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths
• for each incident
• ▪ Monitored Security Management Console for Security Operation Centre (SOC) for
• ensuring confidentiality, Integrity and Availability of Information systems.

Apr 2017 – Sep 2017 · 5 mos · Wright State University

• I have worked at Office of Disability Services as an editor.

Apr 2017 – Aug 2017 · 4 mos

• I have worked as a Research Assistant under Dr. Vance Saunders. I successfully finished my project on developing a Cost-Efficiency model for Defending Against Web based Attacks.

Jan 2017 – Mar 2018 · 1 yr 2 mos · Dayton Metropolitan Area

Sep 2016 – Dec 2016 · 3 mos

• I worked on my thesis under Dr. Adam Bryant on Exploitation of Internet of Things. My main focus of the research was to understand the Firmware Analysis and finding vulnerabilities in Home Security Systems.

May 2016 – Aug 2016 · 3 mos

• I took Independent Study under Dr. Adam Bryant as a Research Assistant. I helped him leading the summer interns developing a Reverse Engineering Framework, named as FORREST. I also researched in Internet of Things Exploitation.

Jan 2016 – Dec 2016 · 11 mos · Greater Houston

•  Conducted onsite penetration tests from an insider threat perspective.
•  Performed host, network, and web application penetration tests.
•  Analysis of threats detected by vulnerability management tools.
•  Developed Black Box Security test environments & conducted tests as part of team for precautionary measures.
•  Developed Cyber Security Standards on NIST Frameworks and insured their proper implementation to reduce the risk of vulnerability to IT assets.
•  Monitoring and remediating daily security alerts generated by end users with the tools like Intel/McAfee SIEM, Force Points Websense, and Intel/McAfee EPO and also responsible for effectiveness of tools and scans, as well as assessing and tracking risk of exposure.
•  Deploy and support information security systems and solutions such as key management, IPS/IDS, SIEM, MDM, NAC, APT detection, and endpoint management for remote user.
•  Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
•  Implemented multiple tools including Symantec DLP, and QRadar SIEM.
•  Developed approaches for industry-specific threat analyses, application-specific penetration tests and the generation of vulnerability reports.
•  Utilize McAfee EPO and Microsoft SCCM for endpoint management.
•  Develop risk assessment reports that identify reports and vulnerabilities, and also evaluate the likelihood that the vulnerabilities can be exploited.
•  Performed risk assessments to ensure corporate compliance.
•  Developed detailed remediation reports and recommendations for compliance and security improvements across industries based on changing threats.
•  Evaluated firewall change requests and assess organizational risk.

Jan 2016 – Apr 2016 · 3 mos · Dayton Metropolitan Area

• I have done research under Dr. Cox to develop a broad cognitive architecture for agents that embody and implement GDA theory. This architecture, called MIDCA, is a Metacognitive Integrated Dual-Cycle Architecture (Cox, Alavi, Dannenhauer, Eyorokon, Munoz-Avila, & Perlis, 2016). It includes a ground level for perception and action, an object level for interpretation and planning, and a meta-level for introspective monitoring and metacognitive control.

Apr 2013 – Jul 2015 · 2 yrs 3 mos · Greater Delhi Area

•  Configure and install various network devices and services (e.g., routers, switches, firewalls)
•  Administering, configuring and troubleshooting of Windows Server 2008, 2012.
•  Installation, Configuration and Administration of Web Servers (IIS and Apache)
•  Design, implement and maintain VMware vSphere infrastructure.
•  Infrastructure Development on AWS by employing services such as EC2, RDS, Cloud Front, Cloud Watch, VPC, etc.
•  Evaluated firewall change requests and assess organizational risk.
•  Configuration, installation and support of equipment in a MS Environment to terms of client proposals.
•  Installation, configuration and administration of Asterisk based VOIP Telephony
•  Troubleshoot and resolve computer/network issues by providing both on-site and remote support.
•  Maintaining software applications, operating systems Win2K, Win XP, Win2007, and Linux.
•  Responding to inquiries from staff, administrators, service providers, site personnel and outside vendors and etc. to provide technical assistance and support.
•  Supervising administration of systems and servers to ensure availability of services to authorized users.
•  User administration, setup, maintaining system and verifying peripherals are working properly.
•  Quickly arrange repair in occasion of hardware failure and Monitor system performance
•  Install software & create a backup and recovery policy & Updating Antivirus and its Patches.
•  Administering multi Server windows LAN, WAN.